Closed Thread
Thread Tools
Posts: 3 | Thanked: 2 times | Joined on Nov 2011
#91
Originally Posted by ColaCheater View Post

Great to see that somebody is working on WhatsApp for the Nokia N900.

A few weeks ago I also tried to look a little bit into WhatsApp but had to give up because of my final exams at school.
I used the Symbian S40 Client and decompiled the .jar you can find via google to look a little bit into it.
I'm not a programmer but had done some "Hello World" stuff on Java before so I tried to understand a little bit what is going on in the Client. (In the following work I always pretended to be an Nokia C3-00 just that you know when it appears i.e. in the User-Agent)


I don't know if it's helpful for you but I will try to share the things I found out by looking into the code even though I can't gurantee they are right:

The first thing is the login-Name and the password needed to login:
Matching with reports from some other threads here and in other forums the login name I found was some sort of:
Code:

international area code without the 0's or + in the beginning + phone number without the first 0 + @s.whatsapp.net

For example if you live in germany and having the phone number 017612345 it would be 4917612345@s.whatsapp.net -> 0049 for germany without the 0's and the phone number without the 0.

The Password is set during the registration process but usually it is an transformation of the IMEI of your phone (in case you don't want to stand out you should also do it like this). I must admit I don't exactly know how this transormation works but I have the code that does it.
I just wrapped it _very dirty_ in a standalone Java program to test it. source: http://pastebin.com/npbwcj1s
I really don't know what it exactly does and didn't look deeper into it but it isn't a "real" md5 I think... (Maybe someone who knows how to create an MD5 in Java can look at it what is different except the reverse of the imei?)


The second thing I searched for is the registration process.
With this I got so far that I got an Registration-Code and I also get the response from the Server that the account exists but I can't login because I hadn't enough time to look excatly at the login process. Just logging in via XAMPP in Pidgin doesn't work expectedly

The registration process works this way: (no gurantee that it is right and don't try it with your "real" number. I tried it with an old SIM I had lying around)

0) All these API-Request are done with an User-Agent like:
Code:

WhatsApp/2.1.0 S40Version/04.60 Device/nokiac3-00

The Code generating this is: http://pastebin.com/K79wrfnS
I used information I found in the web to fill the information for the Nokia C3-00.
As said by the pw: I don't think you really have to fake it to look like this but it maybe makes it harder to find you.

1) The first step ist requesting the Registration-code from the Server (the Code you get i.e. via SMS)

The API-call looks like this:
Code:

https://r.whatsapp.net/v1/code.php?c...000&method=sms

The Arguments are as following:
cc = area code without 0's
in = number without first 0
to = number where the sms or call should go to (maybe security weakness?)
lc/lg = Language-Code(?) splittet up - e.g. DE_de goes to lc=DE&lg=de US_en would be lc=US&lg=en
mcc/mnc/imsi = Should be the "Mobile Country Code", "Mobile Network Code" and the "Mobile Subscriber Identification Number"
-> I don't know how to get to them and the App has as "fallback" just the 0's in it when the system-request for them fails so it should work with the 0's (and it does)

The metod is maybe the most interesting thing.
There are 3 methods: self, sms and voice
When choosing sms you get the Code via SMS as you may know it, choosing voice you get a call at the to-number where it reads the code (I didn't test but it would match with informations you find at some other places in the web). I don't know what self exactly does and I didn't really looked for it because the SMS-Way seemed the best for me, especally because I just wanted to know my Code :>

The Answer after calling the API is an xml saying:
Code:

<code><response status="sucess-sent" result="30"></code>

What error-Messages look like I don't know because it worked for me (and I just looked into the code again and I didn't find any code that works with an specific error, it just closes the App when an error occurs if I'm right) ^^

Also you should get an sms (in case you used the method sms) at the "to" number conatining the WhatsApp-Code which looks like this:
Code:

WhatsApp code abc

abc is the necessary Code

2) With the given code you can then register your Whatsapp-Account

API-Call:
Code:

https://r.whatsapp.net/v1/register.p...=asdf&code=abc

cc/in = the same as in code.php
udid = the calculated password as explained in the login-data
code = the just recieved WhatsApp-Code

The XML response looks like:
Code:

<register> <response status="ok" login="4917612345" result="new" /> </register>

The login-value is your login-Name for the connection and built like explained.
I think that there are error-messages when the account already exists etc. but as said: I didn't have more time and It worked ^^

3) As third API-call you can check if an accounts exists. This isn't necessary for registration I think.

API-call:
Code:

https://r.whatsapp.net/v1/exist.php?...2345&udid=asdf

Parameters are the same like above.

Resonse when account with this number and pw exists:
Code:

<exist><response status="ok" result="4917612345" /></exist>

The result again gives the login-name for this account.
I did some tests with this and even though I didn't save the exact answers I found out that it just checks if the account with the given number and the given pw exisists. You can't check if another numer has an WhatsApp-Account with this API-call. (or I just was to stupid to find out how to do this)


The last thing I searced for before studing for my exams was the server connection.

It Baisicly is - as said everywhere - an XAMPP Connection. At least it looks like.
I think there are some small differences between the default XAMPP and the way WhatsApp does it.

But nevertheless the URL I found to where it tries to connect is:
Code:

socket://bin-short.whatsapp.net:5222

When connecting to the URL with Pidgin and default XAMPP it also gets an connection but the connection gets closed by the server after sending the xml and xampp information.
When I connected to a "default" XAMPP server after these two "sendings" the Client gets an response from the Server.
WhatsApp instead sends the Auth directly after the features so I think the Server quits the connection because Pidgin is waiting for Information and the Server also is waiting for information.

The Login-Process in the WhatsApp-Code looks like:
Code:

out.streamStart(connection.domain, connection.resource);
System.err.println("sent stream start");
sendFeatures();
System.err.println("sent features");
sendAuth();
System.err.println("sent auth");
in.streamStart();
System.err.println("read stream start");
String challengeData = readFeaturesAndChallenge();
System.err.println("read features and challenge");
sendResponse(challengeData);
System.err.println("sent response");
readSuccess();

Because WhatsApp uses a "default" XAMPP-Libary which is just modified and the default functions are still there I think the default Login-Process of XAMPP looks like:
Code:

send1();
send2DigestMD5Mechanism();
read1();
String challenge = read2Challenge();
send2SASLResponse(challenge);
send2UselessResponse();
read2Challenge();
read2();
send3();
read3();
send4();
send5();

-> as said, after the send1 and 2 (which are doing baisicly the same as the streamStart and sentFeatures in the WhatsApp-Version) it waits for information instead of sending the Auth.

Here I stopped working on it because of the exams. I think it should be not too difficult to make a login work when completely re-writing the Original functions.
Just as orientation the whole (sub)class of the WhatsApp-Login: http://pastebin.com/X8gv2XRU


Thats all I did up to now (or more exactly before my exams).
I would really like to see somebody working on this and making it work on the N900. At first I wanted to look at it again after the exams but eventhough I finished my exams two weeks ago I didn't found the time to work on this and because I'm not a programmer it also would take at least a _very_ long time to work, if it would work at all


If some beta-testers are searched for the programm I would really like to test it from a hobby-programmer or more non-programmer point of view



PS: Eventhough I personally don't like it when people ask for forgiveness for their bad english I would like to do the same right now
I'm from Germany and not really good in languages. I really hope my text ist readable and you understand what I wanted to say with it ^^ (if you don't understand something feel free to ask what it was meant to say )
 

The Following 2 Users Say Thank You to johnnyengtr For This Useful Post:
Posts: 12 | Thanked: 25 times | Joined on Feb 2012
#92
Originally Posted by anasqu View Post
and as long as the new whatsapp versions do not calculate the password by md5 of the inverse (which is tried on my account, using my imei, still my client produces a different password than that on my mobile)
It still does, even on the most recent versions.
I'm mostly working with the most recent version of Whatsapp, on the most recent version of Android.

User-Agent: WhatsApp/2.7.3581 Android/4.0.2 Device/samsung-Galaxy_Nexus

Originally Posted by johnnyengtr View Post
A few weeks ago I also tried to look a little bit into WhatsApp but had to give up because of my final exams at school...
Very informative, but you are missing a few things and doing them in the wrong order (which means it would be easily flagged by Whatsapp inc.)

P.S. Whatsapp does use the standard MD5 algorithm.

in java, you should be able use String.reverse() then MessageDigest.getInstance("MD5") to get the password.

Last edited by OzJD; 2012-02-24 at 23:45.
 
Posts: 24 | Thanked: 40 times | Joined on Feb 2012 @ Germany
#93
Originally Posted by OzJD View Post
Very informative, but you are missing a few things and doing them in the wrong order (which means it would be easily flagged by Whatsapp inc.)
He just reposted my post I posted a few weeks ago without the quote-marks -_-
May you can tell us whats wrong in the descibred way?
 
Posts: 246 | Thanked: 2,574 times | Joined on Jan 2010 @ Egypt, Cairo
#94
Any updates guys?
 
Posts: 8 | Thanked: 3 times | Joined on Feb 2012
#95
Originally Posted by tgalal View Post
Any updates guys?
Do you have any idea how to send a message?
 
Posts: 246 | Thanked: 2,574 times | Joined on Jan 2010 @ Egypt, Cairo
#96
Originally Posted by phpXpert View Post
Do you have any idea how to send a message?
Did you manage to login?
 
Posts: 8 | Thanked: 3 times | Joined on Feb 2012
#97
Originally Posted by tgalal View Post
Did you manage to login?
Yes I was able to login
 

The Following User Says Thank You to phpXpert For This Useful Post:
Posts: 246 | Thanked: 2,574 times | Joined on Jan 2010 @ Egypt, Cairo
#98
Originally Posted by phpXpert View Post
Yes I was able to login
Then either trace the function called "sendMessageWithBody" in java source code or create a message stanza as described in XMPP RFC
 
Posts: 27 | Thanked: 2 times | Joined on Feb 2012 @ Lebanon
#99
when whatsapp will be available for ordinary people like me?
 
Posts: 1,523 | Thanked: 1,997 times | Joined on Jul 2011 @ not your mom's FOSS basement
#100
It already is, if you are so dependent on it. Just not for Maemo (yet). By the way: patience is a (lost?) virtue.
 

The Following 2 Users Say Thank You to don_falcone For This Useful Post:
Closed Thread

Tags
galal-t is da, kindergarten, mastar, new tmo low, shameful, tmo not cake, trollfest, whiny_girls

Thread Tools

 
Forum Jump


All times are GMT. The time now is 13:41.