Whatsapp MAC app sensitive information are at risk.
Whatspp MAC app cache file is accessible by any application. Which the file has PII sensitive fields like phone numbers in the photo links.
For example:
https://web.whatsapp.com/pp?e=https%3A%2F%2Fpps.whatsapp.net%2Fv%2Fxxxxx-24%2Fxxxxxxxx_xxxxxxxxx_xxxxxxxxxx.jpg%3Foe%3Dxxxxxxxxxxxxx&oh=xxxxxxxxxxxxxxxxxx&t=s&u=919834xxx238%40c.us&i=xxxxxxxxx
The cache file can be very well accessible by any of the application installed in you MAC and the exploitable application can read it using any cache viewer app available in the marken.
For instance: https://www.nirsoft.net/utils/chrome_cache_view.html
Impact
===
Any malicious application can retrieve the PII fields like phone number and Personal Display Pictures of contacts.
Reproducing Steps
1. . Install Whatsapp MAC app and login.
2. Create a sample mac application that steals the contents in the path
file:///Users/user-xxx/Library/Containers/desktop.WhatsApp/Data/Library/Application%20Support/WhatsApp/Cache/data_2" and install this malicious app too in your system.
3. Once the data_2 cache file is retrieved, open it in the application found in https://www.nirsoft.net/utils/chrome_cache_view.html
The above file contains links like to load images of the contacts also exposes sensitive the PII fields like phone number and Personal Display Pictures of contacts.
The ideal solution should be having some kind of id instead of phone numbers in the image fetching urls like below (value of the parameter ‘u’).
#tech #whatsapp #facebookInc #security #cache #vulnerability
