It uses the TLS/SSL proxy mitmproxy to capture the secure connection between your phone and the WhatsApp servers. Please note that this is a tutorial for Linux users. Also, I will not help you to send mass WhatsApp messages – even for money. December 2013: I kindly ask you to stop e-mailing me about hacking into WhatsApp accounts or sniffing WhatsApp passwords for you.Also refer to shirioko’s comment (was at:, site now defunct, July 2019) on the Github discussion. The method described in this post does not work anymore. October 2013: As suspected in the update above, WhatsApp now checks certificate fingerprints, meaning that other than to change the WhatsApp application itself, I do not see a way to sniff the password.Although I suspected that the new WhatsApp client is checking the certificate fingerprints (thus making forgery impossible, see github conversation (was at, site now defunct, July 2019), it might also be an Android issue. For some reason, WhatsApp traffic is not showing up on neither mitmproxy nor SSLsplit. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |