Sunday, 14 December 2014

The specially crafted message that can crash WhatsApp; an exploit found out by two Indian security researchers

Two Indian researchers have discovered a flaw in WhatsApp that that can crash the WhatsApp messenger if sent to it from another user.  This is achieved by sending a specially crafted code which the two Indians,  Indrajeet Bhuyan and Saurav Kar have discovered. 
A specially crafted code that can crash your friends WhatsApp

Indrajeet Bhuyan and Saurav Kar are both 17 year old teenagers and have discovered this vulnerability in WhatsApp message handler. This code once sent will crash the WhatsApp on the users smartphone but the problem is that in order to restore normal operation, the victim (one who has received this message) will have to delete his/her whole conversation and start a new chat session. The teenagers said that the WhatsApp wont work till the chat has been deleted completely.

The code is reproduced below : 

ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ
㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠
ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰
ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊
ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㰟
Ѝ
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊊ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠
ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰
ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ
㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ
㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ㊠ ߘ㠊ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊠ ߘ㊰ߘ㊰ߘ㊠ ߘ
㊠ ߘ㠊

This flaw affects all Android devices including the Android 4.3 Kitkat and has not been tested on Android 5.0 lollipop and iOS devices yet. Surprisingly the code doesnt crash the WhatsApp messenger on Window mobiles

WhatsApp groups can also be seriously impacted by this specially crafted message code.  A attacker can send this to a group and cause the whole groups WhatsApp to crash.  This code though harmless in long term can cause heartburns if tried on your friends.

Resource : Security Affairs



Share this post
  • Share to Facebook
  • Share to Twitter
  • Share to Google+
  • Share to Stumble Upon
  • Share to Evernote
  • Share to Blogger
  • Share to Email
  • Share to Yahoo Messenger
  • More...

1 comments

  1. I am too dependent on whatsapp so will surely keep an eye out for this one.

    ReplyDelete

:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

 
Posts RSSComments RSSBack to top
© 2013 ComboUpdates - Powered by Blogger
Released under Creative Commons 3.0 CC BY-NC 3.0