如何解密whatsapp web发送的二进制消息 [英] How to decrypt sent binary message by whatsapp web

问题描述

我正在尝试解码 WhatsApp 网络发送和接收消息.我能够使用 encKey 和 macKey 解密通过 websocket 接收的二进制消息，但无法搜索解密已发送消息的方法.我正在使用谷歌浏览器开发工具复制消息.

I am trying to decode WhatsApp web sending and receiving messages. I am able to decrypt binary messages received via websocket using encKey and macKey but not able to search a way to decrypt sent messages. I am using google chrome dev tools to copy the messages.

白色的是收到的消息，绿色的是发送的.请解释或提供一些我可以获取此信息的资源.

The ones in white are received messages and green are sent. Please explain or provide some resource where I can get this info.

推荐答案

我从发送的二进制数据中删除了前两个字节，其余部分被正确解密.

I removed the first two bytes from sent binary data and the rest got decrypted properly.

根据代码这里

As per the code here,

payload = bytearray(messageId) + bytearray(",") + bytearray(to_bytes(WAMetrics.MESSAGE, 1)) + bytearray(
      [0x80]) + encryptedMessage

要发送的 WebSocket 负载是 messageid 和逗号后跟两个字节的串联，即 bytearray(to_bytes(WAMetrics.MESSAGE, 1)) 和 bytearray([0x80])，然后是加密的消息.

The WebSocket payload to be sent is concatenation of messageid and comma followed by two bytes i.e. bytearray(to_bytes(WAMetrics.MESSAGE, 1)) and bytearray([0x80]) and then the encrypted message.

考虑到这种格式，我从谷歌浏览器复制了有效负载，在第一个逗号上拆分，然后如上所述删除了两个字节.剩下的二进制是加密消息，可以直接用密钥解密.

Considering this format, I copied payload from Google Chrome, splitted on first comma and then removed two bytes as above. The remaining binary was encrypted message which could be directly decrypted by the keys.

 def reverseDecryptMessage(message):
    messageSplit = message.split(",", 1)
    if len(messageSplit) == 1:
      return
    messageContent = messageSplit[1]
    messageContent = messageContent[2:]
    decryptBinary(messageContent)

这篇关于如何解密whatsapp web发送的二进制消息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！