The claim in the FTI forensics report on Bezos’ iPhone that, “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file]...” bugged me so much that I coded up how to do it:https://github.com/ddz/whatsapp-media-decrypt …
-
-
Thanks! Unclear from the report, there was no indication whether or not they knew that the key was in the ZMEDIAKEY column. Agree that removing that would be sneaky for malware to do.
-
Scanning through the report i notice the preview pic, this suggests the message with the key was/is still in the database. Also a bit surprised to see such nice screenshots... for some reason I always end up with snips of hexdumps and disassemby. Otoh: Audience (judges)pic.twitter.com/57fPbdxSH9
- Još 1 odgovor
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.