CGG The first one... a rce you trigger all GOS protections... and inside the logs you can see clearly if the attack isn´t a null pointer derreference which is constant on wapp...
But the second one, the session stole, is almost impossible to see as errors in whatsapp logs inside GOS... simply because they don´t throw a exception or anything... the flaw is on whatsapp level of execution and is a "legit" file which is bad processed by the application itself that stole your cookies...
One tip if you can´t read logs is: if you have any logs that you are in doubt (they are almost in the crash session) you submit to gemini (free) and it will say to you if is possibly a null pointer or if is there anything that you should pay attention...
Let me just correct this part...
The first one... in a rce case, it WILL trigger all GOS protections... and inside the logs you can see clues if the attack isn´t a null pointer derreference (which is constant on wapp...)
But the second one, the session stole, is almost impossible to see as errors in whatsapp logs inside GOS... simply because they don´t throw a exception or anything (and for consequence MTE can´t catch)... the flaw is on whatsapp level of execution and is a "legit" file/audio/media/etc which is bad processed by the application itself that stole your cookies...
One tip if you can´t read logs is: if you have any logs that you are in doubt (they are almost in the crash session) just submit it to gemini (free) and it will say to you if is possibly a null pointer or if is there anything that you should pay attention...