garyopa
05-04-2012, 08:58 PM
An App which exposes security flaws of the popular Whatsapp
http://www.maxconsole.com/maxconsole/contents/RKLS0000007891/icon_xl.jpg
Did you know that WhatsApp messages are not encoded and travel as plain text? How do you feel if someone starts to spy your conversations?
Shocking news we have here tonight.
It appears that the WhatsApp devs haven't put any security measure or encryption to the messages you send and receive.
As long as they are travelling in plain text, sniffing programs could intercept the conversations easily.
But this task has become even easier with WhatsAppSniffer App for rooted Android phones.
****Requires ROOT and Busybox installed****
WhatsAppSniffer is a tool for root terminals to read WhatsApp conversations of a WIFI network (Open, WEP, WPA/WPA2). It captures the conversations, pictures / videos and coordinates that are sent or received by an Android phone, iPhone or Nokia on the same WIFI network. It has not been tested with Windows Phone terminals. It can't read the messages written or received by the BlackBerry's, as they use their own servers and not WhatsApp's.
This application is designed to demonstrate that the security of WhatsApp's communications is null. WhatsAppSniffer just use the TCPDump program which reads all the WIFI network packets and filters those which has origin or destination WhatsApp's servers. All messages are in plain text, so it does not decrypt anything, complying fully with the legal terms of WhatsApp (3.C: "While we do not disallow the use of sniffers Such as Ethereal, tcpdump or HttpWatch in general, Any we do going efforts to disallow reverse-engineer our system, our protocols, or explore outside the boundaries of the ordinary requests made by clients WhatsApp .... ")
For WPA/WPA2 encrypted networks, if uses the tool ARPSpoof (optional).
Features:
REQUIRES ROOT
For now, there is only support for this characters:
a-zA-Z0-9:-()!¡¿?ñÑáéíóúüÁÉÍÓÚÜçÇ/
Read conversations outgoing and incoming to Android, iPhone and Nokia phones.
They are separated by phone number
Notify when a message has been captured
Ability to start a debug session saving all logs
It matches phone numbers captured with agenda for coincidences
Free version
Ads
You can only read the first three conversations
You can not delete conversations
***************** Known Bugs ***********************
Sometimes when you start the sniffer, your internet connection may end. To fix this, stop the program, stop WIFI and start WIFI again.
-If you activate the ARPSpoof in a very large network, the network can go slow or we can leave without Internet to everybody else.
************************************************** **
Legal Terms
WhatsAppSniffer comes with absolutely no warranty. You use this software on your own risk. The developer is not responsible for any damages caused by WhatsAppSniffer or it´s usage. It´s only the users responsibility to check his countrys laws in order to make sure that the usage of WhatsAppSniffer is permitted by law in his country. In some countries stealing someones conversations might be prohibited by law. Always think about what you´re doing! Stealing someones conversations can cause real trouble for him and maybe for you.
The app was available in Google play but now it has been removed for some reason.
APP STORE LINK: https://play.google.com/store/apps/details?id=com.whatsapp.sniffer
Our thanks to 'Kaos2K' for digging up this news on this bad app!
http://www.maxconsole.com/maxconsole/contents/RKLS0000007891/icon_xl.jpg
Did you know that WhatsApp messages are not encoded and travel as plain text? How do you feel if someone starts to spy your conversations?
Shocking news we have here tonight.
It appears that the WhatsApp devs haven't put any security measure or encryption to the messages you send and receive.
As long as they are travelling in plain text, sniffing programs could intercept the conversations easily.
But this task has become even easier with WhatsAppSniffer App for rooted Android phones.
****Requires ROOT and Busybox installed****
WhatsAppSniffer is a tool for root terminals to read WhatsApp conversations of a WIFI network (Open, WEP, WPA/WPA2). It captures the conversations, pictures / videos and coordinates that are sent or received by an Android phone, iPhone or Nokia on the same WIFI network. It has not been tested with Windows Phone terminals. It can't read the messages written or received by the BlackBerry's, as they use their own servers and not WhatsApp's.
This application is designed to demonstrate that the security of WhatsApp's communications is null. WhatsAppSniffer just use the TCPDump program which reads all the WIFI network packets and filters those which has origin or destination WhatsApp's servers. All messages are in plain text, so it does not decrypt anything, complying fully with the legal terms of WhatsApp (3.C: "While we do not disallow the use of sniffers Such as Ethereal, tcpdump or HttpWatch in general, Any we do going efforts to disallow reverse-engineer our system, our protocols, or explore outside the boundaries of the ordinary requests made by clients WhatsApp .... ")
For WPA/WPA2 encrypted networks, if uses the tool ARPSpoof (optional).
Features:
REQUIRES ROOT
For now, there is only support for this characters:
a-zA-Z0-9:-()!¡¿?ñÑáéíóúüÁÉÍÓÚÜçÇ/
Read conversations outgoing and incoming to Android, iPhone and Nokia phones.
They are separated by phone number
Notify when a message has been captured
Ability to start a debug session saving all logs
It matches phone numbers captured with agenda for coincidences
Free version
Ads
You can only read the first three conversations
You can not delete conversations
***************** Known Bugs ***********************
Sometimes when you start the sniffer, your internet connection may end. To fix this, stop the program, stop WIFI and start WIFI again.
-If you activate the ARPSpoof in a very large network, the network can go slow or we can leave without Internet to everybody else.
************************************************** **
Legal Terms
WhatsAppSniffer comes with absolutely no warranty. You use this software on your own risk. The developer is not responsible for any damages caused by WhatsAppSniffer or it´s usage. It´s only the users responsibility to check his countrys laws in order to make sure that the usage of WhatsAppSniffer is permitted by law in his country. In some countries stealing someones conversations might be prohibited by law. Always think about what you´re doing! Stealing someones conversations can cause real trouble for him and maybe for you.
The app was available in Google play but now it has been removed for some reason.
APP STORE LINK: https://play.google.com/store/apps/details?id=com.whatsapp.sniffer
Our thanks to 'Kaos2K' for digging up this news on this bad app!