One Article Review
| Source |  Errata Security |
|---|---|
| Identifiant | 1514927 |
| Date de publication | 2020-01-28 14:24:42 (vue: 2020-01-28 20:00:09) |
| Titre | How to decrypt WhatsApp end-to-end media files |
| Texte | At the center of the "Saudis hacked Bezos" story is a mysterious video file investigators couldn't decrypt, sent by Saudi Crown Prince MBS to Bezos via WhatsApp. In this blog post, I show how to decrypt it. Once decrypted, we'll either have a smoking gun proving the Saudi's guilt, or exoneration showing that nothing in the report implicated the Saudis. I show how everyone can replicate this on their own iPhones.The steps are simple:backup the phone to your computer (macOS or Windows), using one of many freely available tools, such as Apple's own iTunes appextract the database containing WhatsApp messages from that backup, using one of many freely available tools, or just hunt for the specific file yourselfgrab the .enc file and decryption key from that database, using one of many freely available SQL toolsdecrypt the video, using a tool I just created on GitHubEnd-to-end encrypted downloaderThe FTI report says that within hours of receiving a suspicious video that Bezos's iPhone began behaving strangely. The report says:...analysis revealed that the suspect video had been delivered via an encrypted downloader host on WhatsApp's media server. Due to WhatsApp's end-to-end encryption, the contents of the downloader cannot be practically determined. The phrase "encrypted downloader" is not a technical term but something the investigators invented. It sounds like a term we use in malware/viruses, where a first stage downloads later stages using encryption. But that's not what happened here.Instead, the file in question is simply the video itself, encrypted, with a few extra bytes due to encryption overhead (10 bytes of checksum at the start, up to 15 bytes of padding at the end).Now let's talk about "end-to-end encryption". This only means that those in middle can't decrypt the file, not even WhatsApp's servers. But those on the ends can -- and that's what we have here, one of the ends. Bezos can upgrade his old iPhone X to a new iPhone XS by backing up the old phone and restoring onto the new phone and still decrypt the video. That means the decryption key is somewhere in the backup.Specifically, the decryption key is in the file named 7c7fba66680ef796b916b067077cc246adacf01d in the backup, in the table named ZWAMDIAITEM, as the first protobuf field in the field named ZMEDIAKEY. These details are explained below.WhatsApp end-to-end encryption of videoLet's discuss how videos are transmitted using text messages.We'll start with SMS, the old messaging system built into the phone system that predates modern apps. It can only send short text messages of a few hundred bytes at a time. These messages are too small to hold a complete video many megabytes in size. They are sent through the phone system itself, not via the Internet.When you send a video via SMS what happens is that the video is uploaded to the phone company's servers via HTTP. Then, a text message is sent with a URL link to the video. When the recipient gets the message, their phone downloads the video from the URL. The text messages going through the phone system just contain the URL, an Internet connection is used to transfer the video.This happens transparently to the user. The user just sees the video and not the URL. They'll only notice a difference when using ancient 2G mobile phones that can get the SMS messages but which can't actually connect to the Internet.A similar thing happens with WhatsApp, only with encryption added.The sender first encryp |
| Envoyé | Oui |
| Condensat | the /users/username/appdata/roaming/apple /users/username/apple/mobilesync/backupthe /users/username/library/application 0x0a 0x12 0x20 10: 112 161 16:48 256 48:80 7c7fba666 7c7fba66680ef796b916b067077cc246adacf01d 850 :16 :mediakeyexpanded=hkdf = https://mmg = tkgnzsaeavttznegfdqd5uadmnbnucjtn7mxmkunapw=these abilities about above access accidentally acting actually added adding aes after again algorithm all allows also amount an initialization analysis ancient another answer anything apart app appear appears appextract apple applies apps are are:mediaurl authentication available b64decode backing backup backups bad base64 base64;tkgnzsaeavttznegfdqd5uadmnbnucjtn7mxmkunapw=we based because been before began behaving below better between bezos binary bits blobs block blocks blog blogpost blogpost: boring break browse built bunch but byte bytes called can cannot case cbc celebrite center chaining chains changed chat chatstorage check checkm8 checksum choice choose chose cipher cipherkey cipherkey= cleartext click code code coded codehere column com/robertdavidgraham/whats come command common company complete complete image completely complicated computer computer/mobilesync/backupwindows: concludes conclusion conclusionthe conclusively connect connection contain containing contains contents copied copies copy copying corresponding corrupted could couldn created crown crypto cryptography data database databases days decrypt decrypted decrypting decryption decryptor decrypts deduced/reverse delivered demonstration depending derivation describe described desktop/laptop details determined did difference different directory discuss disk doesn doing don download downloader downloaderthe downloads drive due each easily ecb either embedding enc enc/blob/master/backend/whats encmediakey encoded encrypt encrypted encrypting encryption encrypts end ends enforcement engineered enough enough: entire essential even everyone everything everywhere evidence evil example exchange exoneration expand expensive explained explains exploits expressed extra extract extracting extractionthe extractor fall famous fancy field fields file file chatstorage file= filename filenames filenow files final finally find finds first firstly fixed fna following forensics format found freely friend from fti full function gave generated get gets getting githubend give given gives going good got grabbing guarantees gui guilt guis gun hack hacked had happened happens hard has hash hash or hashes have haven here hex hidden highlighted hired his hmac hold home host hours how however http hundred hundreds of hunt icloud imgdata=aesunpad implements implicated implies important initialization input insert installed instead intended intention interesting internal internet invalid invented investigators iphone iphones is:4ca80d66c68402fb53ccd1207c3a9de5401d9a704d51c26d37b9b130aba700fcor itself itunes iv/nonce iv=mediakeyexpanded jailbreak just key keys keys: know knowing languages large larger later latest law length less let like line link linking linux list little location locations logic login long longer look lose lots mac mac= mackey mackey=mediakeyexpanded macos macos: maliciously malware malware/viruses many matter may mbs means meat media mediadata mediadata= mediak mediakey mediakey to mediakey:this mediakeyexpanded mediaurl mediaurl and megabytes mentioned mentions message messages messaging microsoft middle mobile mode mode to model modern more most much must myself mysterious name named names necessary need needed needs net/d/f/asngb7gnh6yw52mscbjytrmo3ncmzmpesuiyyfmez0lr new next nonce to none nonsense normal not note nothing notice now objects off old once one ones only onto open order original other out overhead own padded padding part pathname penguin permissions phone phones photos phrase point popular post practically predates previous prince principle principles privacy probably problem produce program programming projects properly protected protobuf prove provides proving pseudo purpo |
| Tags | Malware Hack Tool |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.