Giters

jordan33h / whatstrapp

The fastest tool for analyzing and dumping WhatsApp accounts (in ~15s).

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

WhatsTrapp

WhatsTrapp video

Introduction

WhatsTrapp is a tool for analyzing and dumping WhatsApp accounts.

Requirements

  • Node.js >= 8.0
  • Yarn
  • Docker
  • Docker Compose

Installation

Clone the repository:

$ git clone git@github.com:Wicker25/whatstrapp.git
$ cd whatstrapp/

Install all the dependencies for the project:

$ yarn

Create the Elasticsearch and Kibana's containers:

$ docker-compose pull

Trying it out

Start the Elasticsearch and Kibana's containers with:

$ docker-compose up

Launch the WhatsTrapp server with:

$ yarn start

Then open your browser at http://127.0.0.1:8025/ and wait until the QR code has been loaded.

Launch the target's WhatsApp and, from the main menu, select "WhatsApp Web".

Finally, take a picture of the QR code and enjoy it!

Data Analysis

Launch Kibana by opening your browser at http://127.0.0.1:5601/.

Set the Index Pattern as wt-* and click on "Create" (the pattern is valid only after you collected some data!).

kibana-create-index

Now you can open the Discover page and visualize the collected data.

kibana-example

Architecture

The WhatsTrapp's architecture consists of a Puppeteer, Puppets, and Clients:

WhatsTrapp architecture

  • The Puppeteer launches the browser instance by using Google Puppeteer and injects a Puppet into it;
  • The Puppet is a JavaScript that performs actions in the WhatsApp Web page;
  • The Client is the user interface used by the attacker for performing the hack.

All of the components communicate with each other via WebSocket.

About

The fastest tool for analyzing and dumping WhatsApp accounts (in ~15s).

Languages

Language:JavaScript 100.0%