0x3d5157636b525761
commented
8 years ago Were you able to analyze the protocol?
Open assegaf opened 8 years ago
0x3d5157636b525761
commented
8 years ago Were you able to analyze the protocol?
assegaf
commented
8 years ago I wish I can, but its completely 100% different, not even wireshark-whatsapp can read it, not even initial tx (without encryption) is same and readable, so probably need reverse enginering first, maybe need additional encryption from the start.
but it still using pw password saved on android,
0x3d5157636b525761
commented
8 years ago I don't recognize any F8 stanza headers... Indeed, completely different. Also, could not find any invocations to Cipher.getInstance("ARC4") (after deobfuscation). :(
szr8
commented
8 years ago On 3/16/2016 2:38 AM, assegaf wrote:
Yeah, Android 2.12.510 or probably below that version, already use Stream WA Protocol 2.0, stable 2.12.453 still 1.6, older than that version still use 1.6 Protocol.
If you still keep using Stream 2.12.510 or near it, and using protocol 1.6 will be banned instantly ...
@davidgfnet https://github.com/davidgfnet , I got this info from your wireshark-whatsapp hope helps.
I've been online since the early 1990s and I honestly don't recall ever seeing such a totalitarian instant messaging protocol to such an extent.
This is seriously feeling way too much like a "paper, show me your papers" mentality; what exactly is their justification for being so incredibly anal about how people connect?
I can certain understand wanting to keep secure communications secure, but as long as that is being maintained, what exactly is the problem? The PTB for Whatsapp just seem to be taking it way too far, to seemingly unhealthy levels of extreme paranoia.
assegaf
commented
8 years ago they really doing their homework and pain in the a\ . not even 6 month yet from Protocol 1.6 to 2.0 @0x3d5157636b525761 its possible they change encryption to one of the https://www.bouncycastle.org/ cryptography , seem its mostly used by many vendor.
0x3d5157636b525761
commented
8 years ago BouncyCastle usage was weird in old versions -- it was only partially embedded in the DEX, i.e. they had AES implementation but no ECDH... I will check it out soon.
hellerbarde
commented
8 years ago I just got banned immediately trying whatsapp-purple with Android-2.12.419. (not mad, don't worry ;) )
(EDIT: hmmm... now that I think about it, maybe it banned me during trying to grab the password... Sorry, didn't mean to red herring this.)
assegaf
commented
8 years ago any idea or link what to explain about "Noise Protocol" ?
And I think AES-GCM seem an implementation to allow NSA or any goverment to sniff the packet, so we are an object :+1:
assegaf
commented
8 years ago oh that great news about AES-GCM is more secure. but its pain to follow up in this non official client,
Yeah, Android 2.12.510 or probably below that version, already use Stream WA Protocol 2.0, stable 2.12.453 still 1.6, older than that version still use 1.6 Protocol.
If you still keep using Stream 2.12.510 or near it, and using protocol 1.6 will be banned instantly ...
@davidgfnet , I got this info from your wireshark-whatsapp hope helps.