Whatsapp & Blackberry

16

September 26, 2012 by globz

If you don’t know by now, Whatsapp is NOT secure and lets face it in 2012 security by obscurity is long overdue.

I know a lot of you wanted to know how to get the “udid” for the Blackberry client so I did some testing with my Blackberry 9700/os v5.0.0.862 and here’s how you get it :

  • Get IMEI :
    AA-BBBBBB-CCCCCC-D
  • Reverse IMEI :
    D-CCCCCC-BBBBBB-AA
  • create MD5 hash from Reverse IMEI (remove the “.” or “-” from your IMEI when creating MD5 hash)

You can test your “udid” with the following url :

https://r.whatsapp.net/v1/exist.php?cc=1&in=PHONE#_WITHOUT_CC&udid=MD5_HASH

I did a test with my friend and she received the message.

Please fix your code!

useful links related to this post :

 

#UPDATE

It does not seems to work for everyone

This is what I am using for this test :

Account created on september 11 2012
Blackberry 9700 / os v5.0.0.862
Whatsapp v2.8.1914

16 comments »

  1. avatar Gio says:

    Hi, thanks for the nice info.

    Could you please share the source used for this experiment?

    Thanks
    Gio

  2. avatar globz says:

    Hi,

    This is the source I am using for this experiment

    https://github.com/venomous0x/WhatsAPI

    The source is currently down but I am sure you can find a mirror ;)

  3. avatar Gio says:

    I got the source, apparently is sending the message but I don’t get anything, is it still working for you?

    Cheers
    G

  4. avatar globz says:

    Yes its still working for me, I know the sockets usage in this API are very basic, it might be the problem.

  5. avatar Abhiram says:

    Hello,

    Whats a API? and if its a program can u please upload it for us to download cause we are not able to find it on the net :(

    Thanks in advance :)

  6. avatar globz says:

    You will have to search on github to find a mirror of the original source code.

    We are using the API to communicate with whatsapp server.

    If you can’t find it, there’s a web client based on the API, so you won’t have to run the source code yourself.

    link -> http://whatsapp.filshmedia.net/

  7. avatar d3vilkin says:

    Miaw!

  8. avatar Judith Ann Mcdermott says:

    Very informative post. Thanks for taking the time to share your view with us.

  9. avatar Jeremias says:

    Much informative and useful article… I like it personally…

  10. avatar crork says:

    A big thank you for your blog article.Thanks Again. Cool.

  11. avatar Arturo Torres Sánchez says:

    My phone is CDMA, and so it doesn’t have IMEI, but MEID. I tested it reversing my MEID but it doesn’t work.

  12. avatar droopy says:

    If you want more info contact me, i have fully reversed whatsapp.

  13. avatar Hc Devel says:

    Does it still work. I ask because I’m currently have prolems with that. Means reversing just to change the order of the different block (for example from 12:34:56 to 56:34:12) or does it mean to read it from the end (65:43:21)?

    • avatar globz says:

      Hi Hc Devel,

      Just do it in python with the following commands :

      >>> IMEI = “AA-BBBBBB-CCCCCC-D”
      >>> rev = IMEI[::-1]
      >>> rev
      ‘D-CCCCCC-BBBBBB-AA’

  14. avatar whatsapp says:

    Howdy! I know this is somewhat off topic but I was wondering if you knew where I
    could get a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having trouble
    finding one? Thanks a lot!

Leave a Reply

Your email address will not be published. Required fields are marked *


1 × one =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>