Decrypt-Encrypt-Decrypt on outgoing message not working about burpextension-whatsapp-decryption-checkpoint HOT 12 CLOSED

@tarun14110 I also had same issue and posted that if you find solution ,let me know

from burpextension-whatsapp-decryption-checkpoint.

@thiru112 So, were you able to impersonate outgoing messages as other user (attack 2 as explained on blog)?

from burpextension-whatsapp-decryption-checkpoint.

@tarun14110 I wasn't able to change message an put into the 'a' parameter in the browser

from burpextension-whatsapp-decryption-checkpoint.

You can do that by using this code a = Uint8Array.from([new encrypted array]).buffer at console during breakpoint at and then continue .
But, its not working. I guess there is some issue with encryption for outgoing messages. The encryption method should encrypt the decrypted outgoing message to same message as before decryting. But it's not doing that for now.

from burpextension-whatsapp-decryption-checkpoint.

@tarun14110 I try and reach you asap

from burpextension-whatsapp-decryption-checkpoint.

Hi all, I'm having the same issue except that I'm trying for incoming message. When I decrypt the message and then re-encrypt it (even without making any changes in the message) - this newly encrypted message cannot be decrypted so ofcourse when I forward it to whatsapp web, it is not able to decrypt it and show it. I hope someone can help fix it soon.

from burpextension-whatsapp-decryption-checkpoint.

You can do that by using this code a = Uint8Array.from([new encrypted array]).buffer at console during breakpoint at and then continue .
But, its not working. I guess there is some issue with encryption for outgoing messages. The encryption method should encrypt the decrypted outgoing message to same message as before decryting. But it's not doing that for now.

@thiru112 did you manage to get this work. I'm stuck on how to chage it in the browser.

Hi,

This is regarding Attack 2.

I manage to decrypt outgoing message.
Change the message, change true to False.
Encryp it back successfully.

I'm stuck on putting the encrypted data back to the console. I.e. im stuck on no 4 (please see attached image). How can I do that?

Thank you

from burpextension-whatsapp-decryption-checkpoint.

You can do that by using this code a = Uint8Array.from([new encrypted array]).buffer at console during breakpoint at and then continue .
But, its not working. I guess there is some issue with encryption for outgoing messages. The encryption method should encrypt the decrypted outgoing message to same message as before decryting. But it's not doing that for now.

Hi @tarun14110 did u manage to get the a = Uint8Array.from([new encrypted array]).buffer work?

from burpextension-whatsapp-decryption-checkpoint.

@GinNoel sorry for the late reply but i managed to do it.
first create a global variable in the console.
temp = new Uint8Array([248,..., 2, 1]).buffer
then doubleclick the a variable in the local scope and insert the name of the global variable.

Also note that the encrypted message is not correct (for me it inserts a 11, however after removing it, it works)

from burpextension-whatsapp-decryption-checkpoint.

Hello, can anyone fix the problem? Letting DE-EN-DE on outgoing message works well.

from burpextension-whatsapp-decryption-checkpoint.

@GinNoel sorry for the late reply but i managed to do it.
first create a global variable in the console.
temp = new Uint8Array([248,..., 2, 1]).buffer
then doubleclick the a variable in the local scope and insert the name of the global variable.

Also note that the encrypted message is not correct (for me it inserts a 11, however after removing it, it works)

Hi @Orinion ,

My apologies for the very late reply. Thank you for the steps.

You lost me here "(for me it inserts a 11, however after removing it, it works)". Can you please explain further?

Thank you.

from burpextension-whatsapp-decryption-checkpoint.

Hello @GinNoel, taken frome the screenshots of the op:

he didn't change annything, however the 11 gets added after encrypting. Simply remove it before you paste it in the browser

from burpextension-whatsapp-decryption-checkpoint.