baptx
commented
3 years ago I have the same issue (Hmac mismatch), I cannot decrypt WebSocket messages with this code: https://pastebin.com/hNBeEqgv Does someone have an idea how to fix the issue? Update: To make the decryption work, I had to use a WebSocket message intercepted with a tool like mitmproxy / mitmdump because the "Copy Message" feature from Firefox did not give the correct string.
Okay, I wrote a minimal reproducible sample code that doesn't work properly.
https://gist.github.com/rootkit-sys/a46d45e395dcf917bef86525a94b5477
If you look closely, this code is copied from https://github.com/sigalor/whatsapp-web-reveng/blob/master/backend/whatsapp.py#L191
Especially the part where the expanded and shared keys are created.
This is almost the original code, with some abbreviations, and it doesn't work because I get HMAC Mismatch !