Closed martinodonnell closed 2 years ago
Whoops. Did I really forget to delete print(key) from main?
You can just use a previous commit https://github.com/ElDavoo/WhatsApp-Crypt14-Crypt15-Decrypter/tree/2e146c69e3dfdda3b17a1ddac4962130b8d75c37 while I fully wake up and fix whatever I've done
Or, easier, delete lines 627 and 628 (i forgot to remove them before committing!!!)
There you go. Apologies for any disruption. This is why #10 is needed haha
@ElDavoo Thanks. That worked!
How can I go about buying you a coffee?
Thank you! ❤️ Just a star is enough for now :) I also have no idea on how to as I never donated/received on github
@ElDavoo I'll come back and write some tests for you once I work out how to get media from android to IOS
Thanks!
Thanks! I still have to fix str() properly though
Sorry, got carried away!
Ok I am fully operative now.
@ElDavoo Thanks. That worked!
Did it? It... shouldn't :)
self.key_version.hex(), self.googleid.hex()) AttributeError: 'NoneType' object has no attribute 'hex'
That means that your key_version and/or your googleid is None, which means you must have had some warnings about the key (?) Did you have to use --force? Can you plz send logs?
That means that your key_version and/or your googleid is None
Only the key_version actually as the googleid is checked before
Can you also send the first 32 bytes of your key file please?
od -t x1 -N 32 key
That will be:
1) The Java bytes[] deserialization header, just to see if it's the same with standard ones
2) Cipher version
3) Key version
4) First two bytes of server salt (just in case the key got somehow longer than usual)
So no sensitive material
Thank you very much
Ok, looks like you posted it and then edited the post. Be more careful next time: the post history is public! I've deleted the revisions containing the key for you.
So it looks like Whatsapp started pushing version 3 of the key. However, nothing changes, and you said the program worked, so I think just adding \x03 to supported_key_versions will be enough.
Thank you for the issue :)
Ok Martin please confirm that the program works in the latest commit without using --force, thank you.
Sorry for the delay, different time zones
Did it? It... shouldn't :)
I think I may have been wrong. I used the previous commit rather than delete the lines and the msgstore.db
was created. Looking back now, the file was empty!
Ok, looks like you posted it and then edited the post. Be more careful next time: the post history is public! I've deleted the revisions containing the key for you. So it looks like Whatsapp started pushing version 3 of the key. However, nothing changes, and you said the program worked, so I think just adding \x03 to supported_key_versions will be enough. Thank you for the issue :)
I did post it and decided to remove it as I didn't think you would need it. I knew it was easy enough to create a new one and didn't really know how to send it the correct way.
Might be a good idea to add the od -t x1 -N 32 key
command to your issues template
Current Key File
0000000 ac ed 00 05 75 72 00 02 5b 42 ac f3 17 f8 06 08
0000020 54 e0 02 00 00 78 70 00 00 00 83 00 01 03 41 48
0000040
Ok Martin please confirm that the program works in the latest commit without using --force, thank you.
I have updated main and ran the new code. This error occurred
WhatsApp2iOS python3 WhatsApp-Crypt14-Decrypter/decrypt14_15.py key msgstore.db.crypt14 msgstore.db -vf
[V] Reading keyfile...
[I] Crypt12/14 key loaded
[V] Parsing database header...
[V] WhatsApp version: 2.22.7.71
[V] Your phone number ends with ..
[I] Database header parsed
Traceback (most recent call last):
File "./WhatsApp2iOS/WhatsApp-Crypt14-Decrypter/decrypt14_15.py", line 658, in <module>
main()
File "./WhatsApp2iOS/WhatsApp-Crypt14-Decrypter/decrypt14_15.py", line 640, in main
cipher = parse_protobuf(key=key, encrypted=args.encrypted)
File "./WhatsApp2iOS/WhatsApp-Crypt14-Decrypter/decrypt14_15.py", line 525, in parse_protobuf
return AES.new(key.key, AES.MODE_GCM, iv)
AttributeError: module 'Crypto.Cipher.AES' has no attribute 'MODE_GCM'
Looking through some docs, I found that that MODE_GCM
is no longer supported (MODE_GCM)
I installed pycryptodomex and changed line 10 to from Cryptodome.Cipher import AES
When I ran the script again, I got this result with a populated msgstore.db
file
python3 WhatsApp-Crypt14-Decrypter/decrypt14_15.py key msgstore.db.crypt14 msgstore.db -vf
[V] Reading keyfile...
[I] Crypt12/14 key loaded
[V] Parsing database header...
[V] WhatsApp version: 2.22.7.71
[V] Your phone number ends with ..
[I] Database header parsed
[V] Decrypting...
[I] Done
I will test if I can get the files to IOS later tonight.
Hi Martin, As written multiple times, you need to install pycryptodome, not pycryptodomex (EDIT: pycryptodomex is fine, pycrypto is the problem). I might add a check about that.
The important thing is that your key file (the first seen in the wild with version 3) is decoded correctly. (E.g. no errors like "unsupported key version" or similar)
I also see that you have no phone number (?) I will check more in detail when I get home
I also see that you have no phone number (?) I will check more in detail when I get home
I removed that. The number came up correct
As written multiple times, you need to install pycryptodome, not pycryptodomex. I might add a check about that.
I deleted all the python packages and and reinstalled them with the versions in the requirements.txt
.
The important thing is that your key file (the first seen in the wild with version 3) is decoded correctly. (E.g. no errors like "unsupported key version" or similar)
The output from script looks good and msgstore.db
file has data. I will let you know later when I finish work if I can get the data over to my iPhone
the
msgstore.db
was created. Looking back now, the file was empty!
Yeah, the way it works is that the argparse library automatically creates the filestream for you, on a "wb" mode that means the file will be created and it will be empty if the program errors out before writing anything
Might be a good idea to add the
od -t x1 -N 32 key
command to your issues template
I don't think so, the part that i need to see really depends on which part of the parsing fails, so it's better to just send the whole thing directly
When I ran the script again, I got this result with a populated
msgstore.db
file I will test if I can get the files to IOS later tonight.
This script checks if the decrypted output makes sense so you 99% have a valid msgstore.db. If you want to be sure, open it with a sqlite3 viewer. If you can't import it in iOS i'm afraid you'll have to open an issue at whatsapp2ios.
AttributeError: module 'Crypto.Cipher.AES' has no attribute 'MODE_GCM'
I guess this happens when you install pycrypto and not pycryptodome. Pycrypto is old and unsupported.
Looking through some docs, I found that that
MODE_GCM
is no longer supported (MODE_GCM)
That's MODE_CCM , not MODE_GCM .
I added some informative messages for this kind of errors, I know it can be confusing
To save you some headaches I suggest you to use venv . Virtual environments are very nice: They are a way to make a project's libraries and the system's libraries separate from each other.
From the project's directory, run:
python -m venv venv
This will create a virtual environment in the venv folder.
Check this table to see the command you need to run to activate the venv (it's like "entering inside it"). After that, you can install the libraries as usual with pip. The important concept is that the libraries installed will be stored in the venv folder and will be separate from your system! :)
Ok, that should be it! Let me know if you have other problems
To save you some headaches I suggest you to use venv
Good idea, been a while since I did python
@ElDavoo Thanks very much for your help! I'll be back next week to write some tests
I was able to use SQLite on the terminal to open the msgstore.db
and see all the messages.
For the next person Installing SQLite Common Commands
Run
sqlite3 msgstore.db
select * from message;
or just use sqlite browser
Hexdump of the encrypted DB
Program output using -v and -f
Normal
Force
Additional context My android phone doesn't connect to a laptop so I used an emulator from android studio to spin up a Pixel_3a_API_30_x86 device.
I installed version
2.22.7.71
of WhatsApp on the device by downloading it from their website and dragging it onto the emulator. I then logged in and took my backup from google drive.To get the
key
andmsgstore.db.crypt14
file off the emulator, I used android studio and used the device file explorer - stackoverflow postI am using Python
3.9.6
I am following the guide by @tim25651 from here to use @residentsummer watio tool