Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

userIdentity used in whatsapp android/ios clients #1214

Open
skairamk opened this issue Aug 11, 2016 · 0 comments
Open

userIdentity used in whatsapp android/ios clients #1214

skairamk opened this issue Aug 11, 2016 · 0 comments

Comments

@skairamk
Copy link

skairamk commented Aug 11, 2016

Hi,

can you let me know what is the identity value generated in whatsapp android and/or ios clients?

for eg:
$w = new WhatsProt($username, $identity, "test", true);

If it is unique random number generated by the whatsapp client on the device, where exactly it will be stored(in which file and path)? will that file not be wiped off once i uninstall the application?

The reason i asked the above is, because i feel that there might be some device identifier used by whatsapp client based on my test analysis.

  1. I installed whatsapp on my second phone and provided the phone number of my first phone.
  2. sms received on my first phone and i manually entered a incorrect otp in my second phone.
  3. resend sms button on validate otp screen was disabled for 1 minute.
  4. after one minute, i clicked on the resend sms button and again as expected i received the sms on my first phone.
  5. i re-entered an incorrect otp again on my second phone. this time, the resend sms button was disabled for 2 hours.
  6. i uninstalled the app and installed it again. still the resend sms button is disabled for 2 hours(to be precise 1 hr 52 mins - uninstall and install took some time).

If the client is using a random unique identifier(like UUID or SecureRandom) and which is stored in the internal memory(/appdata/com.whatsapp/somefile), will it not be deleted when i uninstalled the the app.

If the somefile is deleted on uninstall, how whatsapp Server side is able to recognize this device and able to disable the "resend sms" button.
By seeing this behavior, i think, it is making use of some unique identifier related to the device or something cool which whatsapp has developed.

Has anyone knows how it is done? appreciate any info on this. many thanks in advance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant