Can anyone know in detail about Pegasus spyware

I heard a lot about it,

I know it is created by NSO isreal company, this works on WhatsApp voice call vulnerability

And WhatsApp remotely get hijacked via this vulnerability

But how this works???

Is it possible to make similar spyware??

How to check if we are infected by it or not and

How to remove it??

Indian national ? :laughing:

I am a malware coder, I wrote few ethical hacking tools

Check it out :

Want to make similar spyware in future

A simple Google search returned this result It tells everything you need. If you need more deep detail then ask in specific manner.

Thanks for your answer but, there is no method till now I found to remove it or check if your phone is compromised

A professional ethical hacker might reverse engineer that spyware or know anything more

The information available on Wikipedia is just a history type of content

You can’t code your own spyware just by reading wiki

And by the way I checked that link already

1 Like

Ohk but how would you reverse engineer pegasus spyware? We know that it is only sold to government agencies for spying purposes.

Taking victim phone for spyware sample might help to reverse engineer that spyware

And how would you take victim phone knowing that all of the compromised ppl were high profile ones? I don’t think it’s as easy to do as it looks.

If I am capable to do it by my own then I might not here

If it is so then the talk is over now. However all i can tell you is that
Pegasus exploited a high severity vulnerability in WhatsApp to compromise high profile victims. After Pegasus exploited WhatsApp vulnerability it again exploited a high severity vulnerability in Apple’s IOS as it jail breaked all the devices and rooted android phones. Hence we conclude that it also exploited high severity vulnerability in Android as it works in android devices too. Whatsapp vulnerability exploited is a type of RCE . This much should be enough to give you quite lot information. In order for you to build such thing you need to:

Find high class (similar to RCE) in Android and IOS.
Find out sample of pegasus spyware when it is made public and you know better what to do next.

These resources will help you:

Thanks a lot bro

So it basically whatsapp VoIP stack buffer overflows vulnerability

Which leads to remote code execution

1 Like

Yes you are right as far as i know. Doubt cleared? @R4gn4r why don’t you help him here?

1 Like

So after reading a lot of blogs

I concluded that Pegasus is just a spyware which has some cool features.

Apart from Pegasus,
Meterpreter payload, any other keylogger , rat, or any other malicious piece of code can be used to make control on victim mobile

We usually use social engineering techniques to trick victim to install these malicious software on there system/phone

BUT this latest WhatsApp vulnerability enables a hacker to install/run piece of code without victim interaction

Buffer overflow vulnerability in VoIP stack can be exploited by sending crafted SRTCP packets to victim phone which leads to new vulnerability,

THE most dangerous vuln. I.e. RCE (remote code execution)

The only barrier to perform this attack is that we don’t know how these specially crafted SRTCP packet look like.

Without that info we can’t code our exploit

Or one must know deep knowledge of VOIP, and it’s protocol like SIP, SRCTCP, etc

Hope researcher release a exploit soon

1 Like

Well, I am not very studied on voip buffer overflow, so I cannot help very much😅…
But if I was MrRobot, I would move on simjacking and end-to-end encryption vulns. Personally I am not very end2end encryption fan, because there are proof of concepts that can hack it.
And these days a very good bug was found on Sim cards that is very serious. If you want, check it out :wink:. Sorry for not helping very much about NSO and whatsapp but…