Archive for Hacks

مراقبة الوتس اب؟

// May 18th, 2013 // 1 Comment » // Hacks, tech

كثر الحديث مؤخرا عن هيئة الاتصالات في المملكة و عن رغبتها في مراقبة الرسائل و الملفات المرسلة عن طريق الوتس اب. لي تعليق في نهاية المقال، و لكن أردت بعجالة أن أشرح بشكل مختصر عن نقاط الضعف في برنامج الوتس اب و الثغرات التي يمكن استغلالها و مدى إمكانية مراقبة المحدثات و الملفات المرسلة.

أولا: نقاط الضعف التي يمكن استغلالها:

-  يمكننا استخدام البرنامج برقم شخص اخر و استقبال رسائلهم بالاضافة الى امكانية ارسال رسائل من ارقامهم، و لكن سينتج عن هذا عدم تمكن المستخدم الاساسي من استخدام الوتس اب الا بعد القيام بعملية اعادة التسجيل. (لن أشرح الطريقة في هذا المقال، و لكن إذا كان هناك أقبال فقد أشرحها في مقال أخر)

-  يمكننا ارسال رسائل مجانية SMS لاي جوال في العالم. و ذلك من خلال استغلال خدمة رسائل التفعيل التي ترسل للمستخدم بعد التسجيل في الخدمة.

-  أما عن مراقبة جميع الاتصالات فالموضوع صعب و سأشرح طريقة التشفير في برنامج الوتس اب في الفقرة الثانية. الجواب في نهاية المقال.

ثانيا: كيف يعمل الوتس اب و امكانية مراقبة جميع الاتصالات: (سامحوني هذا الجزء بالانجليزي لكثرة المصطلحات و لكن الجزء الثالث من المقال ملخص بالعربي)

First of all, I know its illegal to monitor traffic and I am totally against it, but since many have been talking lately about the government wanting to monitor all whatsApp traffic, I started thinking whether its possible or not from a pure technical point of view. I also want to go on record saying its stupid to monitor, because with so many other encrypted alternatives out there, the bad guys would just stop using whatsApp and move on to something else, and the guys going through the traffic would be left with high school girls gossiping and millions of sandwich pictures of and cups of coffee taken from hundreds of angles.

Many of you might have heard of whatsApp Sniffer. If you haven’t, then don’t worry about it, its useless now. That probably explains why Big Brother is a bit pissed.! I believe it was last September, that the folks at whatsApp inc decided to encrypt all data communications between their servers and the clients. Before that, it was possible to simply sniff wifi traffic, and filter out whatsApp traffic using their servers’ IPs, and viola you get to see all whatsApp messages in clear text. There was an android app called whatsApp Sniffer, which is still out there if you’re interested in seeing what whatsApp encrypted traffic looks like. But, I should warn you, its 2013 and nothing is free. If something is free, then there’s a catch, which means its highly likely that many of the android apps you download online have spyware and whatnot, so just stay away from them.

Ok, back to whatsApp. The question now is what kind of encryption are we looking at? How does it work? And can it be broken?

In the beginning I believe they went with a weak cryptosystem, which was then broken. However, it was soon changed to the stream cipher “RC4” (aka ARC4). It  was invented in 1987 by Ron Rivest (RC stood for Ron’s Code).  It was kept a secret until 1994, when someone anonymously posted its description online. From there it took off! Why did they go for RC4? Its fast, simple, and its does the job well.

Ok, if we want to know how to see whatsApp traffic, we have to understand the authentication protocol between the client and whatsApp servers.

The authentication is a challenge/response authentication protocol. The server sends the client an authentication request containing some RANDOM bytes of data. The client takes that data, and combines them to the password of the account using PBKDF2.

So the RC4 session key = PBKDF2(PRF, Password, Salt, c, dkLen)

The Salt is used to randomize so the RANDOM bytes of data would be used for that.

c is the number of iterations.

dkLen is the length of the derived key, which is 160 bits in the case of whatsApp.

Since, the server also knows the account password, it also has the ability to calculate the same session key. The client then responds to the server by sending a message containing the username and some other random data. If the server manages to decrypt the message, it would confirm that the client has calculated the correct session key. The packets would be encrypted from then on using RC4 with the new session key.

One might ask if it’s possible to calculate the key using a “plain know text” attack against the authentication packets. I don’t think so, because they would obviously add a nonce in the response.

What does a whatsApp packet look like?

Flags Packet Size Packet Data
1B 2B 0 to 8kB

The Flag is only one Byte, and the first bit is set when the packet is encrypted. I’m not sure what the rest are used for

The Packet Size uses 16 bits to represent the size of the packet data.

The last four bytes are used as a HMAC-SHA1 checksum if the packet is being sent from the client to the server. If the packet is being sent from the server to the client, then the checksum is the first four bytes.

The data structure is similar to XML in way. It contains a tree of information with the following:

The basic format of an element is:

Element Size Type Tag Attributes Children/Data
2-3 Bytes 1B

Ok, now to the big question, does RC4 have any flaws? If so, how can then be used in this case?

– When we encrypt our goal is to hide a message by converting it into a ciphertext that looks absolutely random by not giving any information about the plaintext or the encryption key. It was believed that RC4 achieved this, however in recent years researchers have discovered that RC4 has a number of small biases. This has been know for years, but that weren’t very significant. A recent work by Sepehrdad et al in 2011 discovered more biases.

– To make it simple, if we manage to get a user to encrypt the same plaintext encrypted with many different encryption keys, then it would be possible to take advantage of the RC4 biases to figure out what was encrypted. You might think this is stupid and useless, but bear with me:

– You might ask, how would I get a user to send the same plaintext many times using different keys. Well, the initial packets tend to be the same, and in the case of whatsApp, clients send messages on their status (whether they’re online or not)  and these messages tend to be repeated and we would be able to use those (unless nonces are used). Also, the session encryption keys change alot, which means we will get those messages encrypted using a different key everytime a new session key is assigned to a client. Also, there are methods which may be used to get the client to send a common response or force the generation of new session keys.

– Seems simple ay? Well its not, because when we say many messages, we mean MANY..! According to the work by Sepehrdad et al, to recover a WEP secret of 128 bits, they needed 9800 encrypted packets. But we’re not dealing with WEP here, so for whatsApp’s 160 bit keys we would need a much much larger number of encrypted packets.

– There is a project called “whatsapp dissector for wireshark”. You plug in the key, and it would use wireshark to grab the traffic, filter out whatsapp traffic, and then display it after decrypting it using the keys you provide.

I’m feeling kinda sleepy, so I’ll just wrap this up real quick and go back to bed. Also, I’m not an expert on RC4, so if you find any mistakes just let me know :)

-  ثالثا:

نعود للسؤال المطروح بعد هذا الشرح المختصر. هل من الممكن مراقبة محادثات الوتس اب؟ لمستخدم واحد.. ممكن بعد جهد. هناك اكثر من طريقة، لكني لم أجربها..

هل من الممكن مراقبة جميع محادثات الوتس اب على مستوى عام؟ ما فيه مستحيل و لكنه صعب جدا جدا جدا..! و سينتج عن المراقبة أن المحادثات و ارسال الصور و غيرها ستكون أبطئ بكثير جدا، و سينتج عنه نفور الناس عن الوتس اب و الانتقال الى بديل أخر.

- رابعا: رايي حول الموضوع:

أفهم أن المراقبة ليست من أجل معرفة أسم بنت أم بندر الجديدة، و ليس من أجل معرفة ما إذا كانت خلود حامل، بل هو لحفظ الأمن في البلد. ولكن هل ستكون المراقبة مجدية؟

المراقبة لن تكون مجدية بنظري لان الأشخاص الذين نخشى من أذاهم ، لن يستخدموا وسائل الاتصالات المراقبة. إذن ما الفائدة من المراقبة في ظل وجود مئات الوسائل الأخرى المشفرة بطرق أخرى مختلفة؟

——

image above taken from http://web.davidgf.net/page/37/whatsapp-dissector-for-wireshark

Lights Out !!

// July 20th, 2009 // 3 Comments » // Hacks

Mirza sent me this video of a guy turning the power off from two buildings. In this video he uses his iPhone to connect to the power controls in those two buildings. Now I don’t know if this is real or not, but I doubt that he edited the video. Though it is possible that he video taped this during a black out then edited these parts in.

This is a video of him raising a bridge to stop traffic, in this video he plays with the highway signs, and in this video he hacks Microsoft in their headquarters.

So, do you think they’re real or fake?

iPhone in Saudi Arabia?

// July 12th, 2007 // 7 Comments » // Hacks, tech

Many of us saw the lines outside the apple stores all over the US on youtube, flickr, and so many other sites. We have been reading about it for months! But since many of us are not in the US, we can’t be part of this whole iPhone madness.

well, that’s not 100% true, Why?

well, you can open an account with aramex‘s shop and ship, and then order an iPhone and have it delivered to your US mailbox. In less then a week your iPhone will be in your hands in sha allah.

The question is will the iPhone work in Saudi Arabia if you buy it? Well, according to the iPhone’s technical specs the iPhone works on Quad-band (850, 900, 1800, 1900 MHz) GSM networks. In Saudi Arabia, STC and Mobily both offer 900 MHz GSM networks. So, Technically it’s supposed to work, but there is a problem. The iPhone is locked to AT&T and Cingular in the United States.

Hackers have been working hard to unlock this phone. A few hours ago they announced that they have released a program called iPhoneInterface, with the new app, you will have the ability to scan the device’s file structure, create and remove folders

Does this mean it’s fully unlocked? Well, they manged to make the phone work with all it’s features except for the phone, but they have completed only 50 % of the task. The problem is that the hackers need Apple’s 128-bit RSA private key to sign anything they want to get into the iPhone’s bootloader.

In other words the phone will not work in Saudi Arabia or any other country other than the United States until hackers manage to unlock the iPhone!

You can preorder your unlocked iPhone from expansys, and they will deliver the phone as soon as it’s fully unlocked. But, the phone will be really expensive compared to it’s original price!!

HD DVD CRACKED?!

// January 13th, 2007 // 5 Comments » // Hacks, tech

So many people in the security world have been talking for the past few weeks about cracking HD DVD. Steve Gibson from Twit‘s Security Now podcast was also talking about it last week. So I read about HD DVD and it’s Advanced Access Content System (AACS), and here’s what I got.

HD DVDs use a digital rights protection method called AACS. The group developing it includes Disney, Intel, Microsoft, Matsushita (Panasonic), Warner Brothers, IBM, Toshiba, and Sony. HD DVDs simply use AACS to protect their contents from being copied, so that you’ll only but original HD DVDs.

AACS-protected content is encrypted under one or more title keys using the Advanced Encryption Standard (AES). Title keys are derived from a combination of a media key and several elements, including the volume ID of the media (e.g., a physical serial number embedded on a DVD), and a cryptographic hash of the title usage rules.
via[wikipedia]

AACS protected content is encrypted using 128 bit AES!! I mean the security it provides is unbelievable. That is why it takes a regular player about a whole minute to play a HD DVD disk, because it takes so long to decrypt. AACS is very close when compared with its successor CSS (content scrambling system), which is used in DVDs. But, the main difference between them is that under CSS, all players of a given model are provisioned with the same, shared decryption key. Content is encrypted under the title-specific key, which is itself encrypted under each model’s key.

———-

Now that you have an idea about AACS, let talk about the crack people have been talking about. But, before I begin, I just want to say that people have been making a fuss about this crack because Microsoft Vista has alot to do with it.

As we all know, to find the flaws in any system, you must first find the weakest link and thats were you should start. Last December, the 26th to be precise, someone named “muslix64″ on doom9 forums, was so upset at not being able to play his purchased movies on his monitor attached to his player that he broke the AACS protection just to be able to see his own movies.

He made a utility, and he called it BackupHDDVD, and what it basically does is that it decrypts the files on your HD DVD. Muslix read the AACS’s specs, which were posted on AACS‘s website. Then he write a simple java program to decrypt the files after you add the decryption keys to the program. The trick lies in finding the decryption keys!!

He grabbed the decryption keys and then independently decrypted the contents of the drive, which are just files stored in the standard DVD file format, the .udf format (I read somewhere that BackupHDDVD can also decrypt .evo files when give the correct tiltle keys, which is really cool).

Muslix posted a video on youtube of him decrypting an HD DVD movie. But, Warner Bros. asked youtube to remove the movie, and it was removed right away. In this video he was using windows, and a player which was able to decrypt HD DVDs, some say that he was using PowerDVD version 6.5.

———-

To read more about Muslix’s BackupHDDVD program click here. If you read all Muslix’s posts you will be able to find the keys yourself…

To Download BackupHDDVD click here. Muslix also wrote a documentation to go with the program…