INTRODUCTION
WhatsApp has become an important part of billions of people’s life. Many of us woke up or go to bed, by checking our WhatsApp messages. Some of us are always curious to know to check WhatsApp of our friends. Girlfriends want to check on boyfriends and boyfriends want to check on girlfriends. Today Ethical Hacking researcher from X University of Cyber Security will demonstrate on How to Hack WhatsApp of your Friend by sending a Single Link.
We will use a tool called Ohmyqr which is a social engineering tool. Using this OhMyQR Tool, we can hijack anyone’s WhatsApp account using the Malicious QR code. We will send Victim a URL using social engineering techniques and when the victim opens that URL he/she will receive a malicious WhatsApp malicious QR code on his/her machine. This QR code is a replica of what you normally see when you use WhatsApp web. On scanning QR code, hackers will be able to session hijack victims WhatsApp account.
ENVIRONMENT
O S: Kali Linux 2019.3 64 bit
Kernel-Version : 5.2.0
INSTALLATION STEPS
Use this command to clone the project.
git clone https://github.com/thelinuxchoice/ohmyqr
root@kali:/home/iicybersecurity# git clone https://github.com/thelinuxchoice/ohmyqr
Use the cd command to enter into ohmyqr directory
root@kali:/home/iicybersecurity# cd ohmyqr/
root@kali:/home/iicybersecurity/ohmyqr#
When we tried to launch the tool, we got an error for not installing the required packages for the tool as shown below.
Use this command bash ohmyqr.sh.
OhMyQR – Scrot Missing Package
For this we used this command to install missing scrot package.
sudo apt-get install scrot
root@kali:/home/iicybersecurity/ohmyqr# sudo apt-get install scrot
In the same way we got another error for missing package while launching the tool.
OhMyQR – xdotool Missing Package
For this we used this command to install xdotool package.
Code:
sudo apt-get install xdotool
root@kali:/home/iicybersecurity/ohmyqr# sudo apt-get install xdotool
Now, use the same command to launch the tool bash ohmyqr.sh
OhMyQR – Tool Launch
We successfully launched the tool.
Now, choose option 1 to launch the Ngrok server.
Select website to mirror or press enter for default WhatApp and it will starts PHP and Ngrok server and then it generates malicious Link (ngrok link).
Then press enters to start the Web WhatsApp on hackers machine.
It will launch web.whatsapp.com on FireFox browser in Full screen mode on Hacker machine.
Now send malicious Link (ngrok link) to the victim using social engineering techniques.
As shown below when the victim opens the malicious link in the browser, it will display the same WebWhatsApp QR code which is coming on hacker machine.
For more understanding, on the right is the Hacker screen and on the left is the Victim screen.
OhMyQR – Right is the Hacker screen and on the left is the Victim screen
When the victim scans the QR code, BOOM!
Hacker screen will get the web.whatsapp account of Victim. Now the victim whatsapp session is hijacked.
On the same Victim will also be able to view his/her WhatsApp, but victim will not be able to do anything on it (as it is only a screen shot of what hacker is viewing).
OhMyQR – Victm’s WhatsApp Account
Right is the Hacker screen and on the left is the Victim screen
In the above picture, we can see one is the Victim machine (on left) and the other one is the hacker’s machine (on right).
We successfully hacked the victim’s account.
Its very easy to hack account of victim using social engineering techniques, in the similar way researcher of International Institute of Cyber Security demonstrated other techniques to hack other things.
CONCLUSION
Now, we saw on how easy to view and access the victim’s WhatsApp using one malicious link. Most of the people imagine that we had logged in our WhatsApp web account but their WhatsApp account is been Hijacked. So it is always recommended to not click on any unknown link.