|
Hey hackers! I suspect my other half to play around and the WhatsApp is the used murder weapon in this case. Any help will be appreaciated. Maybe can you recommend some good trojan or hidden (running in the background) FTP/SSH server application for android? In such case it would be possible to copy just the WhatsApp backup files which can be easily read on the PC with the Whatsapp_Xtract. Important information:
Just to encourage you to provide the best answers - according to Mt.Gox today: 0.299 BTC ~= $3.01 ~= 2.4€ :) Thanks in advance for your answers! |
The question has been closed for the following reason "Caffeinewriter won 349.00 mBTC for the best answer." by Znany 03 Sep '12, 15:30
|
For the record, this activity is prohibited by numerous laws, as is any "wiretapping" or similar activities without the consent of the user. Second of all, the following information is for informational purposes only. These quotes from Wikipedia may help:
And
Solution: DISCLAIMER: This is for informational purposes only! I am in no way responsible for the way you use this information! According to Federal Law, this is illegal! Don't do it! The best way to get your hands on their file is to social engineer them. Convince them to download something like an FTP Server. (Not sure if this works on the whole phone filesystem, but I'm sure there's one) What you can do is give them a reason to. One way you could convince them is to every so often, use a DOS or DDOS if you can against their IP address, (it may change as many IP addresses are now dynamic) and convince them that it's a problem you can fix by helping them remotely. Or even better, get actual physical access to their phone. It's even better if you have the same service provider/phone model that they have. Here's a sample conversation.
That's just hypothetical, but something along those lines can help. Another way you could do that is use TeamViewer while their phone is connected to their computer. It's just hypothetical again, and also still illegal. So this is still just information. Reference sites: http://whatsappspysoftware.com/ http://www.androidcenterapk.info/2012/05/download-whatsappsniffer-v103-apk.html http://hexus.net/mobile/news/general/38813-whatsapp-chat-spying-theres-app-that/ Good tips, thanks! However I'm not planning to develop my own tool, I'm lazy and I'm looking for the ready solution;)
So, now it's just enough to know the victim's IMEI number and try to connect to Jabber's network using any PC-client application? lol, obvious solution is obvious :) Well the reason it's so hard is because it's designed to be secure, albeit it's not really all that secure, which is why there are some tools to get WhatsApp messages. It's especially difficult when you don't have physical access to the phone and it's not on the same Wifi network, but it theoretically is possible. However, if you ever do have physical access, to obtain the IMEI just open up the dialpad section of the phone and enter *#06# That will display the IMEI on any phone. You may or may not have to hit send. It can be a nice path to explore, however according to this nice blog note on the WhatsApp and Jabbler:
So such connection can block the application on the original device. Nevertheless, I found also a nice PHP/Python API for the further plays with WhatsApp. At least it can generate your Jabber password from the given IMEI number. Even though, I'm still waiting for the better solutions of the presented hacking problem. Your answer seems to be the most useful so far, take these 50mBTC of the tip:) I added a potential (illegal) solution for informational purposes on how it could work. :) Hope that helps out some more ^_^ Do you need any more suggestions on how to obtain the chat logs? I like your solution, the social technique is not so bad idea. However, in this case every popular FTP/SSH server signalize its presence by the icon visible in the tasks tray. The only element that is missing is the application that will keep working in the background without showing that it's active. But as you mentioned - this method is very, very illegal:P [that's why I like it the most, thanks:P]
showing 5 of 9
show all
|
|
WhatsAppSniffer should dot the trick, her is a link: http://www.androidcenterapk.info/2012/05/download-whatsappsniffer-v103-apk.html As I wrote "WiFi sniffing is also not going to work in this case". Sorry, but Whatsapp Sniffer assumes that the victim is in the same WiFi network as the sniffer, so it cannot be used in this case. |
|
Look at this site: http://0x80.org/blog/?p=652 Just sniff the packages from his network. If you need more information, just ask. Typically to perform a MITM attack, you need to be on the same network as the user. He stated that using Wifi sniffing is not feasible for him. Exactly - this solution won't work for me. But this script can be a real fun when you run it in some public network, like in the library, a restaurant or in the hotel:) |
|
New program found. FinFisher. See if you can find a copy of it. You have to put the FinSpy payload on the users phone. It can infect Iphones and Androids. You can infect the targets phone and record everything with an text message saying the user needs to install a new app (FinSpy). Originally made for Law Enforcement, It is loose now. http://www.finfisher.com/FinFisher/en/index.php It's a bit complicated to find an Android apk and whole the tool for this program. If you provide some useful links, I'll reward you amply with the bitcoin tips:) |
So far I've received 3 answers:
...I keep waiting for more answers.
hi @Znany, do you like some answer?