WhatsApp Messenger Runs Arbitrary Python Code

preview_player
Показать описание


WATCH MORE:

🔥YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
  1. John Hammond
  2. cybersecurity for beginners
  3. cybersecurity
  4. hacking
  5. ethical hacking
  6. dark web
Рекомендации по теме
WhatsApp Messenger Runs 0:13:46

WhatsApp Messenger Runs Arbitrary Python Code

Whatsapp messenger runs 0:13:19

Whatsapp messenger runs arbitrary python code

How to automate 0:04:50

How to automate Whatsapp using Python in less than 5 mins || Pywhatkit || Come.Code.Conquer

How To Send 0:04:36

How To Send a Whatsapp Message with Python|Pywhatkit|In 2021

Facebook Messenger Bot 0:06:21

Facebook Messenger Bot Tutorial (using Python) | Setting up webhook

Exploitation of a 0:04:11

Exploitation of a Samsung Galaxy Note 10+ Zero-Click RCE Bug via MMS

Whatsapp System design 0:27:40

Whatsapp System design or software architecture

An Introduction to 0:45:33

An Introduction to Erlang

IvyHacks: Introduction to 1:07:43

IvyHacks: Introduction to Real-Time Communication Using Websockets with Sreeya Sai

Stagefright: Scary Code 0:56:05

Stagefright: Scary Code in the Heart of Android

17. Python User-Defined 0:12:51

17. Python User-Defined Functions | DevTown

Sockets 11: File 0:06:55

Sockets 11: File Upload (Version 2)

SANS DFIR Webcast 0:57:29

SANS DFIR Webcast - Mobile Device Forensics

Make Your First 0:58:22

Make Your First ML Chatbot - Rachael Tatman

080 - Escaping 1:18:18

080 - Escaping the Bhyve, WhatsApp & BrakTooth [Binary Exploitation Podcast]

How AOL Beat 0:17:57

How AOL Beat Microsoft: Messenger Wars!

5 Minute Python 0:05:15

5 Minute Python : Chatbot Part 1

Introduction to Numpy 0:06:59

Introduction to Numpy (Part-5) | Array Indexing

How to get 0:02:02

How to get started making bots with pyautogui

Basic System Design 0:16:18

Basic System Design for Uber or Lyft | System Design Interview Prep

Multiprocessing in Python 0:10:25

Multiprocessing in Python | Parallel Programming in Python (Part-3)

BBM’s 150M+ users 0:41:40

BBM’s 150M+ users Oracle to Postgres migration without downtime / Álvaro Hernandez (OnGres)

30 Days Of 1:08:11

30 Days Of Python: Series Introduction

F8 2019: Visual 0:46:58

F8 2019: Visual Recognition to Reasoning at Facebook

Комментарии
Автор

what i learned: never check your email, never read a text message, install no apps, don't visit any websites, and you might be safe

XerrolAvengerII
Автор

Thank you, John, for sharing my work! It's incredibly rewarding to see the impact of my research on a global scale. Knowing that it helps make software more secure and protects users is a great feeling. Thanks again.

SaumyajeetDas
Автор

meta’s response makes one wonder how many times meta has said that the same bug has been reported by another user just to avoid paying them any bounty or giving them credit and without any way of the person reporting it to verify those claims.

iblackfeathers
Автор

This year must be a record-breaker for cybersecurity vulnerabilities.

mvf
Автор

I don't understand why big companies like that do the simple mistake of using a deny list instead of an allow list, 'cause you'll allways forget an entry, so it's better to forget an allow than forget a deny.

I don't get it

bowarc
Автор

the .ps1 file running is even more scary than the python imho. Since Python require you to install python etc while Powershell is standard today.

linuxares
Автор

As always companies don't want to pay the bounties so they say is not an issue but will then fix it afterwards. So basically what they are saying is: don't report issues to us, sell them instead on zerodium so at least you can get a "bounty".

ShadowsDML
Автор

Bad response from Meta. They are knowingly allowing an attack surface to exist on their platform when the fix could have been included in an update that has already been pushed.

nathenbutcool
Автор

This wasn't allowed in previous versions, I remember I couldn't share APKs in WhatsApp, now I can!

addas
Автор

It's called a 1-click ACE (arbitrary code execution) exploit. 0-click is even more vulnerable.. Nice demo John.

nathanchan
Автор

Even if it's not a security concern, it's definitely a design concern. If clicking "open" on an exe doesn't execute the program, clicking "open" on a pyz or php shouldn't execute the program. The current behavior is inconsistent and confusing.

GibusWearingMann
Автор

Come on John, everything is open source if you can reverse engineer! :D

njorogemuchirijr
Автор

The .ps1 file opening in notepad is the new Windows 11 default. Now to execute a powershell script you either have to do so from within powershell already, or right click it and click "run with powershell".

gerowen
Автор

One way to think about this issue is that if Python introduces a new extension in the future, like pyxyz, how will WhatsApp handle it? This could make all previous versions vulnerable. Ideally, they should have implemented an allowlist, but if they couldn't for a valid reason, it becomes a cat-and-mouse game with researchers constantly searching for extensions that could execute code on the host system. And that could be why they didn't consider this a valid bug.

GauravMishra
Автор

why was telegram's considered a 0day and this is not considered a vulnerability ?

AJ-ZR
Автор

Why even bother with a block list?
Just compile an allow list with most popular file types from sent history.
Nobody will complain if you forget to whitelist some rare file type.

xtwmx
Автор

If I send an email with calc.exe file as attachment; on Windows hosts, if you open it, it would open calculator. This doesn't mean Windows or Outlook has an ACE.

OR: Say we download a program/setup/game/app using Chrome. You open it from Chrome. It opens! We can't call that an ACE, afterall, just because it runs on Windows.

That's the whole point of a computer. It is designed to execute code.

Meta's RCE is in the context of WhatsApp means the potential vulnerability that they are referring to alters 𝗵𝗼𝘄 WhatsApp works.

If you send some code at their servers or through the app or send some media to a recipient and if it runs a piece of code on/within itself, then it's an issue.

You need to understand the difference between "running on WhatsApp" and "running outside WhatsApp". It's an ACE if its executed in the context of WhatsApp. Just because user asked it to open the file and the file opens, it cannot be called an ACE at all. It's what it is designed to do.

spammers
Автор

In the data storage option, automatic download, always keep it disabled, but it is also very useful to remove with adb the facebook services and applications that run in the background, such as: meta app installer, meta app manager and meta services (android phone).
☠️

TnY.
Автор

You added transparency to your WhatsApp QR code which you can undo with various techniques. Security issue!

ollydix
Автор

I suggest that apps with file sharing functionality switch to safelists when opening files. All filetypes that don't fall under the safelist should instead be located and highlighted in the file manager for the user to have a closer look first. Denylists should be kept too, because they are very useful for showing the warning in case the filetype is potentially dangerous, but they can't be solely relied on.

ArthurKhazbs