romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint

For everyone looking for a working and more complete version

Auties00 opened this issue · 2 comments

Hello,
I created a more complete version of this tool that does everything automatically built on top of my WhatsappWeb library. If anyone needs it: https://github.com/Auties00/whatsappweb4j-request-analyzer

Funci

Hola,
creé una versión más completa de esta herramienta que hace todo automáticamente construido sobre mi biblioteca WhatsappWeb. Si alguien lo necesita: https://github.com/Auties00/whatsappweb4j-request-analyzer

The interception of the packets works and it only shows the payload, I'm almost sure there is a way to revert the whole key and get the same result for burpsuit with the project you show ...
(WhatsappKeysManager.java) Or am I wrong?

Funci

Hola,
creé una versión más completa de esta herramienta que hace todo automáticamente construido sobre mi biblioteca WhatsappWeb. Si alguien lo necesita: https://github.com/Auties00/whatsappweb4j-request-analyzer

The interception of the packets works and it only shows the payload, I'm almost sure there is a way to revert the whole key and get the same result for burpsuit with the project you show ...
(WhatsappKeysManager.java) Or am I wrong?

i don't know if it can be done, technically the keys are generated locally in the browser, they are not sent from the server to the client as they should be secret. The way I intercept them is by using the debugger API of the chrome dev tools.