Code:
Hello my fellow hackers, it's been a while since my, I can't get the time now-a-days for the posts but can manage to tend to comments.Welcome to my 9th post, this tutorial will explain how to extract and decrypt WhatsApp database from the Victim's android system.Yes the device should be rooted, there is no way around to do this remotely. I have been getting PM's about this and can't simply answer with the word SPOOF.
WhatsApp?Almost everyone knows about it. It is a social android application, that's enables the user to send free messages through the internet within seconds. The developers have made huge success and have high level and complex algorithms to encrypt and store the data, which changes with every update! And hence everyone uses it to send even the most personnel messages because they know it's safe.But is it?Yes is it actually very safe, however if the Victim is a fool or gullible, he/she is the main vulnerability here. I see many of the 'experienced users' root their android to explore/push to the system's maximum limits. Following their footsteps the 'inexperienced users' also root/brick their android just to accomplish a minor task. They don't even care about the Cons.Anyway, lets execute the hack: Step 1: Exploit and Gain Access to the Android!This the easy part which you all like and are used-to.Follow guide to gain access to the Rooted android.
So, the database has been downloaded, now we need to 'Key of Decryption'(Key file that holds the encryption keys cannot be retrieved any-more unless your phone is rooted) Step 3: Drop into the Shell:As told before, but adding a little more detail here:To decrypt the crypt8 files, we will need the key file. The key file stores two sets of decryption keys – the actual encryption key, K and an initialisation vector called IV. WhatsApp stores the key file in a secure location.Extracting the key file, type:. shell.
su (For Super User access or simply escalating privileges)Here comes the tricky part, if the target is experienced and skilled, he must have installed the SuperSU application.The application is responsible for holding the permissions whether which application can have access to root. It even holds all the logs.So, we need to convince the Victim that the application is for boosting (or any other reason) his/her android system but at the same time requires root access to reach it's maximum potential. Is an excellent tutorial by that shows how to disguise a back-door application. The Key has been extracted to our root directory successfully!
Intitle Index Of Whatsapp Databases
The Tutorial Ends:Now that you know how dangerous Rooting actually is, please, beware.A cracker can not only perform this simple hack, he can even extract all the Wi-Fi passwords stored in your android, he can access everything, things that even you don't have access to!! He may spread to your PC once you connect your android, hack your accounts (saved passwords) and even frame you.
In Title Index Of Movie
You just become a mere pawn to his further plans.So, think twice before rooting and be really careful, while holding a rooted android in your hands.Thank You!F.3.A.R. Follow Null Byte on, and. Sign up for. Follow WonderHowTo on,.
Welcome!.Useful Links.Challenges. Boot2Roots and walkthroughs. Interactive privilege escalation with browser-based bash shells (and much more). Damn Vulnerable Web Application. Learn-as-you-go web exploitation game made by a redditor. Web exploitation.
Intitle Index Of Whatsapp Databases 2018
Privilege escalation over SSH, web exploitation. See upcoming events and writeups from past CTFs.Related Subreddits:,Security Advisories,Download LinuxThis Subreddit is not.We teach you how to do it, use it at your own risk.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |