Wednesday, 10 February 2016

Whats App V card Vulnerability Explained

Whats App V card Vulnerability Explained

All the  Users are Vulnerable to this  !! . Estimated More than 200 Million Users Exposed to the V card  . V card vulnerability allows to execute ransom ware , Remote Access Tools , etc allowing access to the whole system when using Whats App Web !! .
Whats App is very common . Almost the whole World population on whats app today . Whats app that has been recently acquired by Facebook.com claims to have hit 900 Million monthly active Users . However this flaw puts all the whats app users at risk  .
The Flaw is basically exploiting the web based extension of Whats app that was quiet recently introduced :Whats App Web !

Whats App Web ?

Whats App Web is a Web extension of the Whats app Application and allows to use the Whats App using the Browser on your Laptop or PC . The  fully synchronizes with your phone .

The Vcard Vulnerability Exposes the Whats App users to THREATS !

How Whats App Vcard Vulnerability Exploitation Works

The Attacker can trick the Whats app web users into executing the arbitrary code on the Laptops (on which they are using Whats app web) , well lets say using a technique quiet different .
The Attacker can send a Legitimate looking V card to the users containing the malicious code . The victim of this attack on the other hand is unaware of the malicious code hidden in this V card and is easily exploited . The Attacker can send a Trojan , a Remote Access tool or a Ransom ware using this attack . Well the good news is that the victim needs to open this V card and hence we can avoid from getting hacked if the V card is from unknown Phone Number . Once opened , the contact is revealed to be an executable file further compromising your system .
  • Take complete control over the target machine
  • Monitor user’s activities
  • Use the target machine to spread viruses
[blockquote]WhatsApp verified and acknowledged the  issue and have deployed the fix in web clients world-wide. To make sure you are protected, update your WhatsApp Web right now.[/blockquote]

Technical Summary :

The flaw affects all versions of WhatsApp before V0.1.4481. So, users are advised to make sure that they are running the fully updated version of WhatsApp.
The Whats app web allows to send and recieve any media file and contact cards among the users . The whats app V card vulnerability lies in the improper filtering of the contact cards and allows malicious code to be delivered via a v card format . The implication of this innocent action is downloading a file which can run arbitrary code on the victim’s machine.

The Hack :

It is found to be possible to control the file extension of the contact card file . Here you can see how the V card file can have a .bat extension which is a Windows Batch file extension . This means, once the victim clicks the downloaded file (which he assumes is a contact card), the code inside the batch file runs on his computer.
The below picture shows a sample V card for exploitation .
Whats App V card Vulnerability Explained
You can inject the command to the name attribute if the V card File , seperated by the “&” character . Windows will attempt to run all the code lines in the file .

1 comment:

  1. Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete