Jump to content
Aerosol

WhatsApp Messenger contine o vulnerabilitate periculoasa care...

Recommended Posts

Posted

WhatsApp Messenger este fara discutie una dintre cele mai importante aplicatii disponibile in momentul de fata in magazinele de aplicatii, hackerii stiu asta si profita din plin pentru a incerca sa gaseasca exploit-uri in interiorul ei. In aceasta idee un cercetator german a descoperit ca protocolul de autentificare rulat in momentul trimiterii mesajelor este vulnerabil si poate fi exploatat pentru a permite unui hacker sa va preia identitatea si contul pentru sistemul WhatsApp.

The ‘user authentication when sending or receiving messages is crackable, it allows a stranger to take full possession of an account by sending WhatsApp messages or read any replies. Any user who wants to send a message, or check if it has unread messages on the server authenticates using a “password” generated automatically by the software. The password is not readily amenable because it is based on the IMEI number of smartphones than Apple or MAC Address for Apple users, the identifier of the cell is then reversed and it generated the MD5 hash code.

Problema sta in faptul ca parola generata de aplicatie pentru sistemul de autentificare are la baza informatii despre IMEI-ul terminalelor sau adresa Mac, iar un hacker priceput poate transforma acele numere in parola unica folosita pentru terminalul vostru. Acelasi lucru este valabil si pentru descoperirea username-ului, iar o persoana care are un sistem de sniffing pe un router public ar putea fura multe conturi ale utilizatorilor care nu banuiesc absolut nimic.

idevice.ro/

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...