WhatsTrapp is a tool for analyzing and dumping WhatsApp accounts.
- Docker
- Docker Compose
Clone the repository:
$ git clone git@github.com:Wicker25/whatstrapp.git
$ cd whatstrapp/
Launch the WhatsTrapp server with:
$ docker-compose up
Then open your browser at http://127.0.0.1:8025/ and wait until the QR code has been loaded.
Launch the target's WhatsApp and, from the main menu, select "WhatsApp Web".
Finally, take a picture of the QR code and enjoy it!
Open Kibana's Discover page at http://127.0.0.1:5601/app/kibana#/discover.
You can start a new Search or open one of the default ones from the menu on the right.
The WhatsTrapp's architecture consists of a Puppeteer, Puppets, and Clients:
- The Puppeteer launches the browser instance by using Google Puppeteer and injects a Puppet into it;
- The Puppet is a JavaScript that performs actions in the WhatsApp Web page;
- The Client is the user interface used by the attacker for performing the hack.
All of the components communicate with each other via WebSocket.