Notices


Reply
Thread Tools
Posts: 60 | Thanked: 78 times | Joined on Dec 2009
#51
Whatsapp should look at the spirit of the maemo/meego community and go ahead with an official release..or at least release the code to some of the devs
 
Posts: 260 | Thanked: 86 times | Joined on Jan 2012
#52
wowow! i really luv this thread!
 
Posts: 24 | Thanked: 40 times | Joined on Feb 2012 @ Germany
#53
Great to see that somebody is working on WhatsApp for the Nokia N900.

A few weeks ago I also tried to look a little bit into WhatsApp but had to give up because of my final exams at school.
I used the Symbian S40 Client and decompiled the .jar you can find via google to look a little bit into it.
I'm not a programmer but had done some "Hello World" stuff on Java before so I tried to understand a little bit what is going on in the Client. (In the following work I always pretended to be an Nokia C3-00 just that you know when it appears i.e. in the User-Agent)


I don't know if it's helpful for you but I will try to share the things I found out by looking into the code even though I can't gurantee they are right:

The first thing is the login-Name and the password needed to login:
Matching with reports from some other threads here and in other forums the login name I found was some sort of:
Code:
international area code without the 0's or + in the beginning + phone number without the first 0 + @s.whatsapp.net
For example if you live in germany and having the phone number 017612345 it would be 4917612345@s.whatsapp.net -> 0049 for germany without the 0's and the phone number without the 0.

The Password is set during the registration process but usually it is an transformation of the IMEI of your phone (in case you don't want to stand out you should also do it like this). I must admit I don't exactly know how this transormation works but I have the code that does it.
I just wrapped it _very dirty_ in a standalone Java program to test it. source: http://pastebin.com/npbwcj1s
I really don't know what it exactly does and didn't look deeper into it but it isn't a "real" md5 I think... (Maybe someone who knows how to create an MD5 in Java can look at it what is different except the reverse of the imei?)


The second thing I searched for is the registration process.
With this I got so far that I got an Registration-Code and I also get the response from the Server that the account exists but I can't login because I hadn't enough time to look excatly at the login process. Just logging in via XAMPP in Pidgin doesn't work expectedly

The registration process works this way: (no gurantee that it is right and don't try it with your "real" number. I tried it with an old SIM I had lying around)

0) All these API-Request are done with an User-Agent like:
Code:
WhatsApp/2.1.0 S40Version/04.60 Device/nokiac3-00
The Code generating this is: http://pastebin.com/K79wrfnS
I used information I found in the web to fill the information for the Nokia C3-00.
As said by the pw: I don't think you really have to fake it to look like this but it maybe makes it harder to find you.

1) The first step ist requesting the Registration-code from the Server (the Code you get i.e. via SMS)

The API-call looks like this:
Code:
https://r.whatsapp.net/v1/code.php?cc=49&in=17612345&to=4917612345&lc=DE&lg=de&mcc=000&mnc=000&imsi=00000000000000&method=sms
The Arguments are as following:
cc = area code without 0's
in = number without first 0
to = number where the sms or call should go to (maybe security weakness?)
lc/lg = Language-Code(?) splittet up - e.g. DE_de goes to lc=DE&lg=de US_en would be lc=US&lg=en
mcc/mnc/imsi = Should be the "Mobile Country Code", "Mobile Network Code" and the "Mobile Subscriber Identification Number"
-> I don't know how to get to them and the App has as "fallback" just the 0's in it when the system-request for them fails so it should work with the 0's (and it does)

The metod is maybe the most interesting thing.
There are 3 methods: self, sms and voice
When choosing sms you get the Code via SMS as you may know it, choosing voice you get a call at the to-number where it reads the code (I didn't test but it would match with informations you find at some other places in the web). I don't know what self exactly does and I didn't really looked for it because the SMS-Way seemed the best for me, especally because I just wanted to know my Code :>

The Answer after calling the API is an xml saying:
Code:
<code><response status="sucess-sent" result="30"></code>
What error-Messages look like I don't know because it worked for me (and I just looked into the code again and I didn't find any code that works with an specific error, it just closes the App when an error occurs if I'm right) ^^

Also you should get an sms (in case you used the method sms) at the "to" number conatining the WhatsApp-Code which looks like this:
Code:
WhatsApp code abc
abc is the necessary Code

2) With the given code you can then register your Whatsapp-Account

API-Call:
Code:
https://r.whatsapp.net/v1/register.php?cc=49&in=17612345&udid=asdf&code=abc
cc/in = the same as in code.php
udid = the calculated password as explained in the login-data
code = the just recieved WhatsApp-Code

The XML response looks like:
Code:
<register> <response status="ok" login="4917612345" result="new" /> </register>
The login-value is your login-Name for the connection and built like explained.
I think that there are error-messages when the account already exists etc. but as said: I didn't have more time and It worked ^^

3) As third API-call you can check if an accounts exists. This isn't necessary for registration I think.

API-call:
Code:
https://r.whatsapp.net/v1/exist.php?cc=49&in=17612345&udid=asdf
Parameters are the same like above.

Resonse when account with this number and pw exists:
Code:
<exist><response status="ok" result="4917612345" /></exist>
The result again gives the login-name for this account.
I did some tests with this and even though I didn't save the exact answers I found out that it just checks if the account with the given number and the given pw exisists. You can't check if another numer has an WhatsApp-Account with this API-call. (or I just was to stupid to find out how to do this)


The last thing I searced for before studing for my exams was the server connection.

It Baisicly is - as said everywhere - an XAMPP Connection. At least it looks like.
I think there are some small differences between the default XAMPP and the way WhatsApp does it.

But nevertheless the URL I found to where it tries to connect is:
Code:
socket://bin-short.whatsapp.net:5222
When connecting to the URL with Pidgin and default XAMPP it also gets an connection but the connection gets closed by the server after sending the xml and xampp information.
When I connected to a "default" XAMPP server after these two "sendings" the Client gets an response from the Server.
WhatsApp instead sends the Auth directly after the features so I think the Server quits the connection because Pidgin is waiting for Information and the Server also is waiting for information.

The Login-Process in the WhatsApp-Code looks like:
Code:
out.streamStart(connection.domain, connection.resource);
                System.err.println("sent stream start");
                sendFeatures();
                System.err.println("sent features");
                sendAuth();
                System.err.println("sent auth");
                in.streamStart();
                System.err.println("read stream start");
                String challengeData = readFeaturesAndChallenge();
                System.err.println("read features and challenge");
                sendResponse(challengeData);
                System.err.println("sent response");
                readSuccess();
Because WhatsApp uses a "default" XAMPP-Libary which is just modified and the default functions are still there I think the default Login-Process of XAMPP looks like:
Code:
                send1();
                send2DigestMD5Mechanism();
                read1();
                String challenge = read2Challenge();
                send2SASLResponse(challenge);
                send2UselessResponse();
                read2Challenge();
                read2();
                send3();
                read3();
                send4();
                send5();
-> as said, after the send1 and 2 (which are doing baisicly the same as the streamStart and sentFeatures in the WhatsApp-Version) it waits for information instead of sending the Auth.

Here I stopped working on it because of the exams. I think it should be not too difficult to make a login work when completely re-writing the Original functions.
Just as orientation the whole (sub)class of the WhatsApp-Login: http://pastebin.com/X8gv2XRU


Thats all I did up to now (or more exactly before my exams).
I would really like to see somebody working on this and making it work on the N900. At first I wanted to look at it again after the exams but eventhough I finished my exams two weeks ago I didn't found the time to work on this and because I'm not a programmer it also would take at least a _very_ long time to work, if it would work at all


If some beta-testers are searched for the programm I would really like to test it from a hobby-programmer or more non-programmer point of view



PS: Eventhough I personally don't like it when people ask for forgiveness for their bad english I would like to do the same right now
I'm from Germany and not really good in languages. I really hope my text ist readable and you understand what I wanted to say with it ^^ (if you don't understand something feel free to ask what it was meant to say )
 

The Following 26 Users Say Thank You to ColaCheater For This Useful Post:
Posts: 49 | Thanked: 9 times | Joined on Oct 2010 @ Borneo
#54
Originally Posted by ColaCheater View Post
The Password is set during the registration process but usually it is an transformation of the IMEI of your phone (in case you don't want to stand out you should also do it like this). I must admit I don't exactly know how this transormation works but I have the code that does it.
I just wrapped it _very dirty_ in a standalone Java program to test it. source: http://pastebin.com/npbwcj1s
I really don't know what it exactly does and didn't look deeper into it but it isn't a "real" md5 I think... (Maybe someone who knows how to create an MD5 in Java can look at it what is different except the reverse of the imei?)
Does it necessary to generate password using IMEI? I think we can just select a random password, can't we? I have tried using "007" as udid and the registration seems okay. As long as we save that password in the software or remember it in our brain, it would be okay, right? This password probably used by Whatsapp server mainly to identify our cell phone. By assigning a predefined password, maybe we can switch our whatsapp to another machine without reregistration. Does it sounds cool?

Last edited by didik.wahyono; 2012-02-04 at 00:44.
 
Posts: 229 | Thanked: 77 times | Joined on Aug 2009 @ Los Angeles
#55
Originally Posted by teamer View Post
They are charging people for file transferes i think nothing more !
From wikipedia:

Android, Windows Phone, Blackberry, Symbian and Nokia S40 users can use the app 1 year for free, whereafter they have to pay US$1.99 (or local equivalent) per year. iPhone users can buy the app for a one-off fee of US$0.99 (or local equivalent) although the app is occasionally free for limited periods
 
Posts: 262 | Thanked: 206 times | Joined on May 2010
#56
Originally Posted by didik.wahyono View Post
Does it necessary to generate password using IMEI? I think we can just select a random password, can't we? I have tried using "007" as udid and the registration seems okay. As long as we save that password in the software or remember it in our brain, it would be okay, right? This password probably used by Whatsapp server mainly to identify our cell phone. By assigning a predefined password, maybe we can switch our whatsapp to another machine without reregistration. Does it sounds cool?
Nice idea , but whats the use of it when it comes to whatsapp uses your phone number ? they will identify you by that one thing !
 
Posts: 262 | Thanked: 206 times | Joined on May 2010
#57
Originally Posted by ColaCheater View Post
....

But nevertheless the URL I found to where it tries to connect is:
Code:
socket://bin-short.whatsapp.net:5222
....
Yes that is the default port for the xmpp protocol u did everything right

right now i am busy with 3 projects already , and i dont have time to make the whatsapp though i have started to learn how to build a pidigin plugin .
 
Posts: 262 | Thanked: 206 times | Joined on May 2010
#58
i know a guy "Eion Robb" the creator of MSN and facebook chat plugin for libpurple , he once offered to build the plugin . i gave him link to this page so probably he is the man who will build the plugin for maemo community
 
Posts: 24 | Thanked: 40 times | Joined on Feb 2012 @ Germany
#59
Originally Posted by didik.wahyono View Post
Does it necessary to generate password using IMEI? I think we can just select a random password, can't we? I have tried using "007" as udid and the registration seems okay. As long as we save that password in the software or remember it in our brain, it would be okay, right? This password probably used by Whatsapp server mainly to identify our cell phone. By assigning a predefined password, maybe we can switch our whatsapp to another machine without reregistration. Does it sounds cool?
Yeah, as said you can choose any password during the registration.
The Problem just is that if you are using a password that is different from the default passwords you may can get caught for using a "non-official Program".
I don't know how whatsapp saves the passwords but if they save them in plain-text (what they shouldn't do) they can delete/block your account even when you already did register.

Because the password just seemes to be an md5 hash and has the length of one you may can just use any pw, get the md5-hash of it and register with this md5.
In this case you shouldn't stand out during registration but still having an easy to remember password. Making an md5 of it an pw isn't that hard


Originally Posted by teamer View Post
i know a guy "Eion Robb" the creator of MSN and facebook chat plugin for libpurple , he once offered to build the plugin . i gave him link to this page so probably he is the man who will build the plugin for maemo community
Too bad that you don't have time to work on it at the moment

It would be great to have an expert for libpurple-plugins to work with. If he would do the coding-part maybe I could try to interpret the source code further giving him the information how to connect etc.?
I don't want to promise anything but so far the code I have looks like it would be doable for me to look for sending/recieving messages etc. and if Eion knows how "standard" XAMPP works (I think facebook uses mostly default XAMPP?!) we may can get a working version. At least sending/recieving messages.

If there is a guy who is good at qt programming (or whatever N900 Applications need to be programmed with) maybe we could do like an App for register an Account and, depending on how WhatsApp finds other WhatsApp-User, the searching for other WhatsApp users in the contacts and then as "main" part an libpurple plugin which does the chatting?!


The biggest problem at the moment which I forgot to mention in my fist post is, that Accounts registered the way I explained don't get found via the "default" WhatsApp App at the Moment :S
But I didn't find any more code related to registration up to now so maybe you just had to log-in once or to be logged in to get found
 

The Following User Says Thank You to ColaCheater For This Useful Post:
Posts: 262 | Thanked: 206 times | Joined on May 2010
#60
Originally Posted by ColaCheater View Post
Yeah, as said you can choose any password during the registration.
The Problem just is that if you are using a password that is different from the default passwords you may can get caught for using a "non-official Program".
I don't know how whatsapp saves the passwords but if they save them in plain-text (what they shouldn't do) they can delete/block your account even when you already did register.

Because the password just seemes to be an md5 hash and has the length of one you may can just use any pw, get the md5-hash of it and register with this md5.
In this case you shouldn't stand out during registration but still having an easy to remember password. Making an md5 of it an pw isn't that hard



Too bad that you don't have time to work on it at the moment

It would be great to have an expert for libpurple-plugins to work with. If he would do the coding-part maybe I could try to interpret the source code further giving him the information how to connect etc.?
I don't want to promise anything but so far the code I have looks like it would be doable for me to look for sending/recieving messages etc. and if Eion knows how "standard" XAMPP works (I think facebook uses mostly default XAMPP?!) we may can get a working version. At least sending/recieving messages.

If there is a guy who is good at qt programming (or whatever N900 Applications need to be programmed with) maybe we could do like an App for register an Account and, depending on how WhatsApp finds other WhatsApp-User, the searching for other WhatsApp users in the contacts and then as "main" part an libpurple plugin which does the chatting?!


The biggest problem at the moment which I forgot to mention in my fist post is, that Accounts registered the way I explained don't get found via the "default" WhatsApp App at the Moment :S
But I didn't find any more code related to registration up to now so maybe you just had to log-in once or to be logged in to get found
there are contact sync process , the app uploads your contacts (numbers and names i think) to whatsapp server , checks who have whatsapp installed and returns that info back to you as an ofline/online buddies
 
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 09:50.