Kaonashi Project

Date: 05/2019
Conference: RootedCon 2019

This repository contains several directories: 
 - Sorted Masks for hashcat
 - Advanced Rules for hashcat
 - Links to download the Kaonishi's Wordlists
 - Slides used in our talk I know your p4$$w0rd (and if I don't, I will guess it... at RootedCON (2019)

WhatsApp < v2.11.7 Remote Crash

Product: WhatsApp
Vendor Homepage:
Vulnerable Version(s): 2.11.7 and prior on iOS
Tested on: WhatsApp v2.11.7 on iPhone 5 running iOS 7.0.4
Solution Status: Fixed by Vendor on v2.11.8
Date: 04/2014

Custom message with non-printable characters will crash any WhatsApp client < v2.11.7 for iOS.

WhatsApp Privacy Guard

Product: WhatsApp
Vendor Homepage:
Tested on: WhatsApp v2.11.7 on iPhone 5 running iOS 7.0.4
Date: 12/2013

The main objective of the research is to add new layers of security and privacy to ensure that in the exchange of information between members of a conversation both the integrity and confidentiality cannot be affected by an external attacker. This is achieved through a system to anonymize and encrypt conversations and data sent via WhatsApp, so that when they reach the servers they are not in "plain text" and only readable to the rightful owners.

WhatsApp Privacy Guard is a tool completely transparent to the users and we will show how this technique can be used against other IM protocols and apps.


Date: 08/2013
Conference: Blackhat USA 2013
Research/Talk: Arsenal

Using commercial tools to secure your network is recommended, but it is necessary to be one step further to keep the system secure. With this technique you can give that step in order defend your servers against the first phase of all attacks Fingerprinting. This is done by intercepting all traffic that your box is sending in order to camouflage and modify in real time the flags in TCP/IP packets that discover your system.

This tool is a practical approach for detecting and defeating:

 - Active remote OS fingerprinting: like Nmap or Xprobe
 - Passive remote OS fingeprinting: like p0f or pfsense
 - Commercial engines like Sourcefire's FireSiGHT OS fingerprinting