Closed maiqueg closed 3 years ago
I have exactly the same problem, some help please. Thank you very much in advance
Offsets need to be updated. Take a look at:
andreas-mausch/whatsapp-viewer#114 (comment)
the following code results:
andreas-mausch/whatsapp-viewer@7035b9c
Thanks a million ElDavoo!!!!
I've opened a pull request with the new offsets, but only for decryption.
Thanks to @ElDavoo for look for the problem and @maiqueg for the fix.
Did your offset change again in this night's backup? I noticed IV now starts at byte 67, but don't know about the rest.
The new offsets are:
data = db_data[191:] iv = db_data[67:83]
"Server salt" also changes from byte 14 to byte 15, but... you don't use server salt in your code ?? wtf? Can someone explain plz?
Not opening a pull request because I think this needs to be further improved: Format may change again in the future, users might be able to input their own offsets, there should be a list of offsets to try, and so on.
The new offsets are:
data = db_data[191:] iv = db_data[67:83]
@B16f00t
Around 1 May, Whatsapp began to use crypt14 instead of crypt12 on the msgstore.db backup.
Since then I'm getting this error when trying to decrypt:
I saw that the key is exactly the same used for crypt12, maybe only the decrypt method that changed? Any ideas?