Malicious Threats, Vulnerabilities and Defenses in WhatsApp and Mobile Instant Messaging Platforms

54,847 views

Published on

Global surveillance emerged as a phenomenon since the late 1940s and Internet and mobile technology are being developed with such pace that it is impossible to guarantee electronic privacy and nobody should expect it. How strong are the actual Instant Messaging Platforms? Do they take care of our security and privacy? We'll look inside the security of several clients (like BBM, Snapchat, and Line) and will put our focus on WhatsApp.

WhatsApp might not be as widely known as Twitter, but the company announced that it has passed 350 million active monthly users. WhatsApp has been plagued by several security issues in the past, so we decided to start the research. We've discovered several vulnerabilities more that we'll disclosure (with proof of concept code), including encryption flaws, remote DOS (making the client crash by sending a custom message), or how to spoof messages manipulating sender address information.

We'll also release a new version of our tool with different protection layers: encryption, anonymity, and using a custom XMPP server. It's necessary to implement additional measures until WhatsApp decides to take security seriously.

Published in: Technology, Business
1 Comment
7 Likes
Statistics
Notes
No Downloads
Views
Total views
54,847
On SlideShare
0
From Embeds
0
Number of Embeds
47,319
Actions
Shares
0
Downloads
88
Comments
1
Likes
7
Embeds 0
No embeds

No notes for slide

Malicious Threats, Vulnerabilities and Defenses in WhatsApp and Mobile Instant Messaging Platforms

  1. 1. s ` MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS
  2. 2. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS WHO  WE  ARE Jaime Sánchez - Computer Engineer & Security Researcher - Executive MBA, CISSP, CISA and CISM - Speaker at Rootedcon, Nuit du Hack, BH USA Arsenal, Defcon, NoConName, BH Sao Paulo etc. - Twitter: @segofensiva - http://www.seguridadofensiva.com ! ! Pablo San Emeterio - Computer Engineer / I+D Optenet - Master of Science in Computer Security by UPM, CISA and CISM - Speaker at NoConName and CiberSeg - Previous experience with WhatsApp :) - Twitter: @psaneme SHMOOCON 2014
  3. 3. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SHHHHHHMOOCON!! SHMOOCON 2014
  4. 4. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SHMOOCON 2014
  5. 5. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS - Messaging volumes will be double that of SMS text messages by the end of 2013, as consumers look for more flexible, real-time messaging that circumvents billing from their mobile carrier. ! - Facts: - Most IM usage is driven by teens - There’s a smaller social graph associated with IM than Facebook - IM lives purely in the present. Your past history with a messaging app is far less than relevant SHMOOCON 2014
  6. 6. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS - Some of the most common applications are: - But, are our communications secure? Business are requited to protect information related to their customers, vendors and their own trade secret, but several specific issues come up with IM: - Identity Theft - Cyber Stalking - Lack of Encryption - SPAM - Remote storage of malware - Remote Denial of Service Attacks SHMOOCON 2014
  7. 7. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SHMOOCON 2014
  8. 8. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS ¿  WHAT  IS  SNAPCHAT  ? - Snapchat is a mobile app you can download to your iPhone or Android smartphone, which you can then use to ¿chat? with friends through photos, videos and captions. ! - You can sort of think of it to be like texting with pictures or videos. ! - One of the most unique things about Snapchat is the self-destructing feature for photos a few seconds after photos have been viewed. ! - When you chat with a friend by sending them a photo, the photo is instantly deleted seconds after it’s been opened by the recipient. SHMOOCON 2014
  9. 9. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SOME  STATISTICS STATS SHMOOCON 2014
  10. 10. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS A  LESSON  IN  HOW  NOT  TO  DO  SECURITY - Think those embarrassing images you sent over Snapchat are safe? THINK AGAIN. ! - SnapHack: an app that lets you save and re-open Snapchat messages, without the sender ever knowing, has now been launched. - Hackers published 4.6 million Snapchat usernames and phone numbers on a website called snapchatdb.info after a full disclosure of their API implementation. ! - The main problem was that they ignored a responsible repor t by secur ity researchers SHMOOCON 2014
  11. 11. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SENDING  SNAPS - Thing you will need: - We’ll use /ph/retry instead of /ph/upload + /ph/send: which account ? teamsnapchat - Let’s make some magic!! }:) SHMOOCON 2014
  12. 12. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SHMOOCON 2014
  13. 13. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SENDING  SNAPS  II - It seems Snapchat noticed req_token & username were important fields to check on 6th January 2014. ! - We realized it on four days after, on 9th January: ! ! ! ! ! ! - It seems we are unable to spoof sender username anymore. ANY OTHER BIG IDEA?? SHMOOCON 2014
  14. 14. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SPAM - "We want to apologize for any unwanted Snaps and let you know our team is working on resolving the issue”, said Snapchat in a company blog post. ! - Is still possible to send spam to almost every user in the 4.6 million user names and phone numbers database ? ! - For how long is the req_token valid ? Capture and reply the http request We coded our own script to post images SHMOOCON 2014
  15. 15. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SPAM  II SHMOOCON 2014
  16. 16. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS ¿  WHAT  IS  WHATSAPP  ? It’s interesting to compare that stat to Twitter, which has 230 million active monthly users, and to Instagram, which has 150 million on its platform. 400 STATS SHMOOCON 2014
  17. 17. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS Just how much is 10 billion messages? 416,666,670 messages an hour 6,944,440 messages a minute 115,704 messages a second WhatsApp has done to SMS on mobile phones what Skype did to international calling on landlines! SHMOOCON 2014
  18. 18. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SECURITY  FLAWS - WhatsApp communications were not encrypted, and data was sent and received in plaintext, meaning messages to easily be read if packet traces are available (WhatsApp Sniffer) ! - WhatsApp began using IMEI numbers and MAC addresses as passwords. ! - Remote storage of virus, programs, html etc. on WhatsApp servers ! - Data stored in plaintext on database ! - An unknown hacker published a website (WhatsAppStatus.net) that made it possible to change the status of an arbitrary WhatsApp user, as long as the phone number was known. (To make it work, it only required a restart of the app) SHMOOCON 2014
  19. 19. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS MORE  SECURITY  FLAWS - On January 13, 2012, WhatsApp was pulled from the iOS App Store, and the reason was not disclosed. The app was added back to the App Store four days later ! - Priyanka appeared spreading on Whatsapp through a contacts file that if you add to your contacts. ! - WhatsApp Voyeur: allows you to view the profile picture and current "Status" of every user without using a mobile phone or registered account ! - No authorization required to send messages, so any user can contact you or any custom designed bot could be created to send you spam. ! - Serious WhatsApp flaw allows decrypting user messages ! ! ! - This is what we know so far ... SHMOOCON 2014
  20. 20. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS StealGenie: Spy and Dump Instant Messengers data Android Game Steals WhatsApp Conversations E-Mail with fake WhatsApp notification Fake Spy App on Smartphones SHMOOCON 2014
  21. 21. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS THE  IDEA SHMOOCON 2014
  22. 22. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS GOALS - The main objective of the research is to add a new layer of security and privacy to ensure that in the exchange of messages between members of a conversation both the integrity and confidentiality could not be affected by an external attacker: - Add secure encryption to the client. If an attacker intercepts the messages, or any governments try to intercept our messages at WhatsApp's server , they won't find any legible information. - Give a certain level of anonymity to the conversation by using fake/anonymous accounts and intermediate communication nodes. - Modify the inner workings of the application, routing all tr affic and conversation messages to own server (XMPP). SHMOOCON 2014
  23. 23. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS WHY  ?? SHMOOCON 2014
  24. 24. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SURVEILLANCE - Repor ts and documents leaked by Edward Snowden in June 2013 indicate that PRISM is used for monitoring communications and other stored information. ! - The data that the NSA is supposedly able to get by PRISM includes email, video, voice chat, photos, IP addresses, login notifications, file transfer and details about social networking profiles. ! - Internet companies such as Microsoft, Google, Yahoo, Dropbox, Apple and Facebook are inside the program. ! - The objectives of the PRISM program are those citizens living outside the United States, but U.S. citizens are included too. SHMOOCON 2014
  25. 25. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SMS  SURVEILLANCE - The National Security Agency has collected almost 200 million text messages a day from across the globe, using them to extract data including location, contact networks and credit card details, according to top-secret documents. - On average, each day the NSA was able to extract: • More than 5 million missed-call alerts, for use in contact-chaining analysis • Details of 1.6 million border crossings a day, from network roaming alerts • More than 110,000 names, from electronic business cards • Over 800,000 financial transactions ¿ Could IM protocols be the next target ? SHMOOCON 2014
  26. 26. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS INSIDE  THE  WORLD  OF   WHATSAPP SHMOOCON 2014
  27. 27. ! ! ! MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS 57:41 01:02 => => LOGIN WA PROTOCOL VERSION 1.2 f8:05:01:c8:ab:a5:fc:12:69:50:68:6f:6e:65:2d:32:2e:31:30:2e:32:2d:35:32:32:32:00:00 0x01 => stream:stream 0xc8 => to 0xab: s.whatsapp.net 0xa5 => resource 0xfc => String 12caracteres => iPhone-2.10.2-5222 <stream:stream to=”s.whatsapp.net” resource=”iPhone-2.10.2-5222” /> f8:02:bb => 0xbb => stream:features f8:04 f8:03:70:31:ca => 0x70 => message_acks f8:01:9c => 0x9c => receipt_acks f8:03:e4:cb:0c => 0xe4 => w:profile:picture f8:03:b9:7c:ca => 0xb9 => status <stream:features> <message_acks enable=TRUE /> <receipt_acks /> <w:profile:picture type=ALL /> <status notification=TRUE /> </stream:features> 0x31 => enable 0xca => TRUE 0xcb => type 0x7c => notification 0x0c => all 0xca => TRUE f8:08:10:6d:ec:da:fc:0b:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:X:e8:cf 0x10 => auth 0x6d => mechanism 0xec => WAUTH-1  user => 34XXXXXXXXX 0x31 => enable 0xe8 => xmlns 0xcf => urn:ietf:params:xml:ns:xmpp-sasl <auth mechanism=”WAUTH-1” user=”XXXXXXXXXXX” xmlns=”urn:ietf:params:xml:ns:xmpp-sasl” /> SHMOOCON 2014
  28. 28. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS LOGGING  IN  ON  A  NEW  DEVICE 1) WhatsApp will send the user’s phone number to servers, through HTTPS, requesting an authentication code 2) The mobile phone receives, through text message, the authentication code 3) This authentication code is sent and compared, and if matches, WhatsApp obtains the password ! - To log in, the client uses a custom SASL mechanism, called WAUTH-1. First, the client sends: ! <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" user="XXXXXXXXXXXX" mechanism="WAUTH-1" /> - Server will answer with a challenge: ! <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">YYYYYYYYYYYYYYYYYYYY </challenge> - To respond the challenge, the client will generate a key using PKBDF2 with user’s password, challenge as salt and SHA1 as hash function. Only 20 bytes from result will be used as key <phone number> || <20 bytes> || UNIX timestamp: <response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">ZZZZZZZZZZZZZ</response> SHMOOCON 2014
  29. 29. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS ARE  MY  MESSAGES  SECURE  ? - RC4, the most widely used software stream cipher and is used in popular protocols such as Transport Layer Security (TLS) and WEP, was designed by Ron Rivest of RSA Security in 1987 ! - RC4 has two stages - a KSA, that initializes the state table to be a "random" permutation based on the key, and the PRGA, which actually returns a random byte. ¿ Where is the problem ? SHMOOCON 2014
  30. 30. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS EVERY  TIME  ALICE  ENCRYPTS  A  MESSAGE ,  GOD  KILLS  A  KITTEN  ... Suppose Alice wants to send encryptions of m1 and m2 to Bob over a public channel. Alice and Bob have a shared key k; however, both messages are the same length as the key k. Since Alice is extraordinary lazy (and doesn't know about stream ciphers), she decides to just reuse the key. ! Alice sends ciphertexts c1 = m1 ⊕ k and c2 = m2 ⊕ k to Bob through a public channel. Unfortunately, Eve intercepts both of these ciphertexts and calculates c1 ⊕ c2= m1 ⊕ m2. c1 = m1 ⊕ k c2 = m2 ⊕ k m1 = c1 ⊕ k m2 = c2 ⊕ k REUSED KEY ATTACK c1 ⊕ c2 = m1 ⊕ m2 SHMOOCON 2014
  31. 31. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS ATTACKING  WHATSAPP’S  ENCRYPTION - From here, the task becomes separating the two plaintexts from one another (plaintext attack or Crib-Dragging), following the steps bellow: 1) Guess a word that might appear in one of the messages 2) Encode the word from step 1 to a hex string 3) XOR the two cipher-text messages 4) XOR the hex string from step 2 at each position of the XOR of the two cipher-texts (from step 3) 5) When the result from step 4 is readable text, we guess the English word and expand our crib search. 6) If the result is not readable text, we try an XOR of the crib word at the next position. ! - To do this, we have to do a little guessing about the plaintexts themselves. ! - The idea is to use a Frecuency Analysis based on the original language used in the plaintext. SHMOOCON 2014
  32. 32. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS OTHER
 ATTACKS  ? SHMOOCON 2014
  33. 33. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS ATTACKING  WHATSAPP’S  ENCRYPTION - From here, the task becomes separating the two plaintexts from one another (plaintext attack or Crib-Dragging), following the steps bellow: 1) Guess a word that might appear in one of the messages 2) Encode the word from step 1 to a hex string 3) XOR the two cipher-text messages 4) XOR the hex string from step 2 at each position of the XOR of the two cipher-texts (from step 3) 5) When the result from step 4 is readable text, we guess the English word and expand our crib search. 6) If the result is not readable text, we try an XOR of the crib word at the next position. ! ADDITIONAL   ENCRYPTION - To do this, we have to do a little guessing about the plaintexts themselves. ! - The idea is to use a Frecuency Analysis based on the original language used in the plaintext. SHMOOCON 2014
  34. 34. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS INTERCEPT  MESSAGES - We have verified that the encryption used to protect the information and privacy of our conversations is easy to break. ! - ¿What can we do? We will intercept WhatsApp's message before you leaving the mobile phone. We'll decipher the original message with our key and we will apply a new cipher and then encrypt it with the original algorithm and key, not breaking the application. ! - From now on, we’ll be working this way: REAL-TIME MODIFICATION SHMOOCON 2014
  35. 35. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS CHALLENGE  AND  iOS - In iOS version we’ll use a little trick to get the challenge. Instead of exchanging it during the login, WhatsApp sends the challenge for the next session while connected. ! - We’ll flip some random bytes, forcing WhatsApp to negotiate it again: - The result for the log in of the second mobile is the same: SHMOOCON 2014
  36. 36. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS SENDING  MESSAGES - The message is sent from the client. Our program detects it, and using the RC4 session key used by WhatsApp, decrypts the message and extracts text. Once the text is clear, encrypts it with our algorithm and key, and re-wrap it in the original format with RC4 encryption it again, not breaking the operation of WhatsApp: - You can see how our program has decoded the original message: Bello ! - HMAC is deleted in the decoded message and we calculate it again before sending. Finally, the message will leave our mobile phone. We can see that the new message is different from the original because is has a layer encryption implemented by us: HMAC SHMOOCON 2014
  37. 37. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS RECEIVING  MESSAGES - In the screenshot you can see how we received an normal WhatsApp message, but it’s really special. When we use the RC4 key to decrypt the text inside, we find is completely unreadable. - Using the same private key and algorithm, our program will decrypt the message text and reassemble the original text, so WhatsApp will be able to process it. ! ! - The final message can be read as usually by the user, and it’s the same as the first one: SHMOOCON 2014
  38. 38. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS WITHOUT  PRIVATE  KEY SHMOOCON 2014
  39. 39. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS ANONYMITY SHMOOCON 2014
  40. 40. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS ANONYMITY - Remove identity identifying details of our original account ! - We’ll use several WhatsApp hops using Yowsup ! - Yowsup is a python library that allows you to do all the previous in your own app. It allows you to login and use the Whatsapp service and provides you with all capabilities of an official client,. ! - Protects ourselves from metadata extraction VIRTUAL NUMBERS SHMOOCON 2014
  41. 41. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS EXTERNAL   XMPP  SERVER SHMOOCON 2014
  42. 42. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS HIDING  OUR  MESSAGES - The above method allows us to encrypt our messages, so other attackers capable of intercepting our traffic will not be able to get the contents of messages. ! - But, ¿ what if we want the traffic to directly bypass the WhatsApp's server ? EXTERNAL XMPP SERVER SHMOOCON 2014
  43. 43. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS USING  AN  EXTERNAL  XMPP  SERVER - We analyze the outgoing message and decrypt it using the RC4 key. ! - Then, we extract the original text and send it to our external XMPP server: <destination number>¿<message_id>¿<original text> - The program will replace every character in the original text with our wildcard character, so the original message will never pass through WhatsApp's servers (this step is necessary or destination will reject our messages) ! - Recipient receives our message full of wildcard characters, querys our XMPP server and replaces the wildcard characters with the original text. SHMOOCON 2014
  44. 44. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS WHATSAPP  CAN  ONLY  SEE  ... SHMOOCON 2014
  45. 45. MALICIOUS THREATS, VULNERABILITIES AND DEFENSES IN WHATSAPP AND MOBILE I.M. PLATFORMS THANK   ! YOU SHMOOCON 2014

×