Let me give you some ideas about the contents for whatsapp data dir:
├── app_sslcache
│ └── clients4.google.com.443
├── cache
│ └── dns_cache
├── databases
│ ├── msgstore.db
│ ├── wa.db
│ ├── wa.db-shm
│ └── wa.db-wal
├── files
│ ├── account_type
│ ├── com.google.android.gms.maps._m_u
│ ├── DATA_disk_creation_time_its
│ ├── DATA_disk_creation_time_its_ter
│ ├── DATA_disk_creation_time_vts_com.whatsapp
│ ├── DATA_disk_creation_time_vts_inaka_com.whatsapp
│ ├── DATA_disk_creation_time_vts_labl_com.whatsapp
│ ├── DATA_Preferences
│ ├── DATA_ServerControlledParametersManager.data
│ ├── emoji
│ ├── event_store_v2
│ ├── expiration_date
│ ├── fullsync.dat
│ ├── full_sync_wait
│ ├── Logs
│ │ ├── whatsapp-2013-0004-0030.1.log.gz
│ │ ├── whatsapp-2014-0001-07.1.log.gz
│ │ ├── whatsapp-2014-01-25.1.log.gz
│ │ ├── whatsapp-2014-01-27.1.log.gz
│ │ └── whatsapp.log
│ ├── me
│ ├── MessageService.pid
│ ├── _m_t
│ ├── NavigationParameters.data
│ ├── pw
│ ├── ssid_last_notification_log
│ ├── statistics
│ ├── status
│ ├── wallpaper.jpg
│ ├── wastats.log
│ ├── wastats.timestamp
│ └── ZoomTables.data
├── lib
│ ├── libframeconv.so
│ ├── libqcom.so
│ └── libwhatsapp.so
└── shared_prefs
├── com.whatsapp_preferences.xml
├── _has_set_default_values.xml
├── RegisterPhone.xml
└── VerifySms.xml
7 directories, 44 files
Then I investigated the database dir and found 4 sqlite dbs
│── databases
├── msgstore.db
├── wa.db
├── wa.db-shm
└── wa.db-wal
Where wa.db* contains the contacts list associated with their whatsapp id, last_seen, path_to_display_picture.
Let us check for msgstore.db but first let us imagine that anyone had hands on that file !? You might think that all your chat logs are encrypted just like that connection to the server 'its known that your connection to whatsapp server is encrypted sing SSL'. But what if there was a malware with privilege escalation exploit that gained access to whatsapp directory and thus had your msgstore.db !?
Its was bad for Chrome and Firefox android apps that they store your passwords in plain text, so what if your whatsapp messeges contains your passwords, personal info, etc...
I think whatsapp team must take a forward step to manage to encrypt the msgstore *at least* to guarantee that your history is safe.
I think whatsapp team must take a forward step to manage to encrypt the msgstore *at least* to guarantee that your history is safe.
I'm impressed! Great job bgd! :D
ReplyDeleteThank you Mazen ^_^
Delete