marcinguy
commented
5 years ago I got Priv and Pub key from JS. As I said they seem to be correct since the assert goes through:
Hmac on secret string is also valid
So aes_key and mac_key should be correct.
But the encrypted message hmac fails:
So does the decryption ....
I verified WhatsApp Web Client and "core" JS parts seem to be the same and matching your Python code.
As asked in original issue, anybody has ideas what is happening here?
Thanks,
Hi,
Looking for an update from the Author or creditable answers.
Whatsapp Web Client changed JS several times since I looked in to it.
Getting Pub, Priv key is quite hard, but possible. It seems it changes (QR code) and the Priv, Pub key every ca. 10 secs.
I am pretty sure I managed to get the right key (Priv and Pub) as well as secret (Ref Object)
Than I paste base64 encoded message I sent to one of my contacts (websocket -> to server endpoint /ws). It has a format of:
ID,<binary>In the parser.py This goes through: https://github.com/romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint/blob/90247f2a84e49cc09c526b8d587fc5eb93be8752/helper/parser.py#L91
However, got a mismatch here: https://github.com/romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint/blob/90247f2a84e49cc09c526b8d587fc5eb93be8752/helper/parser.py#L109
As I said I am quite confident I had 32 ints each good Priv and Pub key and secret (Ref Obj).
Is this still working?
Thanks,