Jump to content

Search the Community

Showing results for tags 'whatsapp'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • ChainScriptz
    • News
    • Site Updates
    • Add Links
    • Feedback and Comments
  • Miscellaneous
    • Welcome Intro
    • Jokes
    • Chit Chat
    • Radio Stations
    • Hot Picks
    • Test Forum
  • IRC Help and News
    • Scripting Help
    • IRCd Snippets
    • IRCd Chat
    • Chat Networks
    • Eggdrop
    • Script Reviews
    • mIRC Chat
    • IRC Servers & Rooms
    • mIRC Tutorials
    • IRC Clients
  • Tutorials
    • IRC Network Tutorials
    • IRC Client Tutorials
  • Coding Corner
    • WebSite Corner
  • Archives
    • MSN Chat
    • Defunct Chat Networks
    • Gallery
  • Sparkpea
  • Oasiz Chat
  • Phreik Chat
  • Icons & Toolbars
  • Koach.com
  • MTS Themes
  • MSN Old Scriptz
  • New Downloads
  • Support Files & DLL's
  • Vibe SN
  • Maztal
  • Slovenain Scriptz
  • Italian Scriptz
  • Turkish IRC Scriptz
  • Greek Scriptz
  • Script Support Files & DLL's
  • Groups
  • Security Software - Daily Updates
  • Security Programs - Updates
  • General Software - Updates
  • Other Operating Systems - Updates
  • Social Networks
  • Software Reviews
  • Security News and Alerts
  • Virus, Spyware and Trojan Removal
  • Security Bulletins

Categories

  • Info Addons
  • Buzzen
    • Buzzen Addons
    • Buzzen Archives
  • Sparkpea (ircwx)
    • Sparkpea Scripts (ircwx)
    • Sparkpea Connections (ircwx)
  • Scriptz(IRC)
    • Addons
    • War Scriptz
  • International Scripts(IRC)
    • Greek IRC Scriptz
    • Italian Scriptz
    • Slovenain Scriptz
    • Turkish IRC Scriptz
    • Swedish Scripts
    • Russian Scriptz
    • French Scriptz
  • TCN
  • essential chat
  • Net4110
  • Script Support Files & DLL's
  • IRC Administration Resources
  • IRCd's
  • Server Clients
  • Phoenix Chat
  • Scripting Essentials
  • Phreik Chat
    • Addons
    • Games
  • MSN Archive Scripts
    • MSN Addons
  • Sparkpea Scripts
    • Sparkpea Connections
    • Sparkpea Addons
    • Sparkpea Vincula Scripts
    • sparkpea Trivia & Game scripts
  • Tutorials
  • EggDrop
    • Anti-Spam Scripts
    • Info Scripts
  • Dlls

Blogs

  • Welcome To ChainScriptz Blog
  • chat Networks
  • How is IRC used in the modern world?

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 1 result

  1. WhatsApp For Desktop Flaws Discovered Security researcher Gal Weizman from PerimeterX has discovered numerous security flaws in the WhatsApp Desktop Platform. As revealed in his report, these vulnerabilities could allow an adversary to gain access to the local file system. In brief, when he started testing WhatsApp, he found two vulnerabilities that affected all major WhatsApp platforms. That is, WhatsApp for Android, iOS, Mac, Windows, and web versions. These vulnerabilities were not difficult to exploit but certainly had a malicious impact. One of these was a simple alteration of text messages via WhatsApp Web by altering one line of code. Whereas, the other vulnerability allowed altering banners of the links shared in WhatsApp conversations. Such an alteration could allow an adversary to redirect users to malicious links by showing them false banners and misleading messages with them. The researcher could continue the exploitation of the bugs from the simple open-redirects to achieve persistent XSS whilst bypassing the WhatsApp Content Security Policy (CSP) and, further, to achieve read access to the local file system. It was all possible since WhatsApp was not running on the latest version of Electron – a Chromium-based application that facilitates in building native apps. Since the XSS existed in the older Chromium versions, the older Electron versions also became vulnerable to such attacks. As stated by the researcher, If WhatsApp would have updated their Electron web application from 4.1.4 to the latest which was 7.x.x at the time this vulnerability was found(!) – this XSS would never have existed! Such exploitation also had the potential for remote code execution. Precise details about the exploitation are available in his article. Facebook Patched The Vulnerabilities Facebook has also confirmed the existence of these vulnerabilities (CVE-2019-18426) in the WhatsApp Desktop platform. As stated in their advisory, A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message. Facebook confirmed that the vulnerability affected “WhatsApp Desktop prior to v0.3.9309 paired with WhatsApp for iPhone versions prior to 2.20.10”.Source: Latesthackingnews

Copywrite © 2020 ChainScriptz

×
  • Create New...