From 013ffbdbd4ebd6d2179c50c1a164d37257157d20 Mon Sep 17 00:00:00 2001 From: stulle123 Date: Tue, 12 Dec 2023 15:33:59 +0100 Subject: [PATCH] Create SECRET_CHAT.md --- SECRET_CHAT.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 SECRET_CHAT.md diff --git a/SECRET_CHAT.md b/SECRET_CHAT.md new file mode 100644 index 0000000..cebcef3 --- /dev/null +++ b/SECRET_CHAT.md @@ -0,0 +1,30 @@ +# Secret Chat + +E2E is opt-in only. Most people probably don’t use Secret Chat since `In a secret chatrooom, features including free calling, polls, events and chatroom album are currently not available`. + +Main implementation in package `com.kakao.talk.secret` and the `LocoCipherHelper ` class. + +MITM PoC: + +- Sender's RSA public key pair in `TalkKeyStore.preferences.xml` +- Receiver's public keys in `KakaoTalk.db` +- PoC how-to: + - Delete all public keys from `KakaoTalk.db` database + - Start mitmproxy and Frida script + - Create new Secret Chat room + - `GETLPK` packet gets intercepted -> Maybe we don't need that? + - `SCREATE` packet gets intercepted (shouldn't include a shared secret, otherwise we remove it) + - Bad signature check of MITM public key doesn't seem to have any implications + - Sender sends a `SETSK` packet (mitmproxy grabs shared secret) + - Dump `SWRITE` packets + +Questions: +- How to attack an already existing E2E chat room? +- How to fix maldformed `SCREATE` packets? +- Check public key fingerprints if they have changed + +- Test CFB bit flipping +- Test Secret Chat interception with `mitmproxy` script + * Use value from `pt` field to compute the nonce + * Does a warning pop up? + * What about the master secret? \ No newline at end of file