9/18/2023 0 Comments Weechat messenger![]() The server response is decrypted with the AES key transmitted in the request. The message is serialized and encrypted with the public key of the server using the RSA algorithm. Other data (that aren’t very interesting for us).КThe key for decrypting the answer( random 16 bytes).The following data is transmitted with the first message: Objects are serialized using the Protocol Buffers library. Launch the application and see the offer to enter the phone number for registration.Įnter the phone number and see the HTTP request in MITM to the address .com/bindopmobileforreg.Īfter a very long static analysis of the code it was possible to find out that the client communicates with the server through serialized objects. We’ll examine the key exchange algorithm with the example of registration. Now it's time to copy the file from the device, disassemble it in IDA, and we can start. We have an old, beat-up iPhone 4S with iOS version 7.2.1.ĭownload the application and with the use of the wonderful utility dumpdecrypted decrypt the executable file.Īt the time of the reverse-engineering WeChat had 6.3.13 version. It was decided to study the messenger «from within», to understand the code of the 32-bit version of the messenger for iOS. The customer, using the API, will be able to notify WeChat users (signed to receive the information from the customer's number, I’ll tell more about it below) through his CRM system about the delivery of goods, new orders and other service information. SMS-informing in China is expensive and, most importantly, unstable, besides, there is no «read» status here. This was promoted by the wide spread of WeChat in China, as well as the lack of an official API. The urgent task was the integration of CRM systems of customers, that are working in China actively, with WeChat. You can pay a receipt or make an appointment with a doctor with this messenger. All state institutions of China are represented there. We are talking about 800 million users around the world, 90% of which are from China.Īlmost every smartphone owner uses WeChat in China (Chinese self-name -Weixin), since this is not only a messenger in its traditional meaning, but a whole system including a mobile wallet, built-in browser, online store, etc. The official data on the number of users is very difficult to find, but we can make an approximate estimate. WeChat is the second most popular messenger in the world. WeChat messenger from the Chinese company Tencent This research was conducted 5 years ago, but published now for ethical reasons. About two protocols (old one and new one). ![]() About the platform, the version of the application, the utilities used and the decryption of the executable file. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |