Closed pxss closed 4 years ago
still the same
@ChiChou Thanks very much for the details!! I'll try your method and update the code.
@ppwwyyxx Damn I was fooled. WeChat 6.5 uses the same password generator.
Sorry for misleading.
So I only need to change the device id (previously IMEI number), right?
This may work: https://gist.github.com/ChiChou/36556fd412a9e3216abecf06e084e4d9
It invokes JNI to unserialize the MicroMsg/CompatibleInfo.cfg
file, which stores the actual device id (IMEI or whatever it generates).
Decryption works for me after I tried other methods to get IMEI.
@ppwwyyxx which method did you try to get IMEI?
In the README.
@ChiChou Thanks, it work fine for me!
get the IMEI unexpectedly is 1234567890ABCDEF
. :joy:
@8enet How does that file work? I don't understand.
@cs-usst
The device id that WeChat uses does not always match IMEI. But WeChat will always store this id in file /data/data/com.tencent.mm/MicroMsg/CompatibleInfo.cfg
, which contains a HashMap<Integer, Object>
serialized with ObjectOutputStream
. I wrote the gist with C to call Java runtime (void device_id(char *id, size_t len)
).
Anyways, Java serialized string still looks as is, so simply pull this file from device and strings CompatibleInfo.cfg
to pick it.
Tried deserialize that with python, but the javaobj
from pypi looks buggy
I get :
q@debian wechat-dump$ strings CompatibleInfo.cfg
java.util.HashMap
loadFactorI
thresholdxp?@
java.lang.Integer
valuexr
java.lang.Number
java.lang.Boolean
valuexp
ZUKZUK Z1: swp half thumb fastmult vfp edsp neon vfpv3 tls vfpv4 idiva idivt: ARMv7 Processor rev 1 (v7l): 7: Qualcomm MSM8974PRO-AC: 0000000000000000sq
AXKXESIIOBTUPLVJsq
867695023349383x
use the imei as 867695023349383x still not working!
@QiangF assuming your dump is correct, the IMEI should be AXKXESIIOBTUPLVJ (the sq bit is an artifact from improper deserialization - a proper way to do it can be found here: https://blog.csdn.net/jiezhi2013/article/details/22181771)
How to run on windows?
How to run on windows?
Help me please I tried to compile wechat xposed module (https://github.com/adamyi/AndroidWechatSQLiteDecrypt/issues/1) to fetch pass but didnt work Im stupid, I have a very old laptop so slow I used imei of my first and second phone, fail I cant decrypt! https://drive.google.com/file/d/1fNYFBsIxBgCXZ4cywUe26KpSJeBHXxjY/view?usp=drivesdk Please anyone can help me decrypt my compatibleinfo and send me the contents!
@QiangF assuming your dump is correct, the IMEI should be AXKXESIIOBTUPLVJ (the sq bit is an artifact from improper deserialization - a proper way to do it can be found here: https://blog.csdn.net/jiezhi2013/article/details/22181771)
Tried to run in windows, said that maptest is missing
Decryption works for me after I tried other methods to get IMEI.
i installed ubuntu, i also have compatibleinfo, now what do i do which commands? what do i download? i only want the pragma key so i can open with sqlcipher
This may work: https://gist.github.com/ChiChou/36556fd412a9e3216abecf06e084e4d9
It invokes JNI to unserialize the
MicroMsg/CompatibleInfo.cfg
file, which stores the actual device id (IMEI or whatever it generates).
how do i use this one? add to the folder wechat_dump then strings .. cfg?
ridiculous, it was the original phone, i registered with in 2016, plus uim, and the 7 md5 thingy but i always used capital letters ................................................. i got it, decrypted... haha im so stupid
When I deserialize the HashMap in my CompatibleInfo.cfg I get the following: {98305=false, 94209=0}
The bytes between the instances of sq are 00 7E 00 02 00 01 70 01
. Any ideas?
The latest decryption script (https://github.com/ppwwyyxx/wechat-dump/blob/b2468073045cc256f6f57cb7614eb66efef9c923/decrypt-db.py#L1) now implements the logic to obtain device id from CompatibleInfo.cfg automatically.
Is anyone using Android 10? In Android 10, the IMEI is not available to third-party apps.
I tried to extract whatever WeChat gets by deserializing /data/data/com.tencent.mm/MicroMsg/CompatibleInfo.cfg
file but it turned out that this file is empty (file size 0 byte).
Is anyone using Android 10? In Android 10, the IMEI is not available to third-party apps.
I tried to extract whatever WeChat gets by deserializing
/data/data/com.tencent.mm/MicroMsg/CompatibleInfo.cfg
file but it turned out that this file is empty (file size 0 byte).
Me too, I got the imei in com.tencent.mm/shared_prefs/WLOGIN_DEVICE_INFO.xml
:
<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<map>
<string name="imei">fb8da1fe1cb980202656xxxxxxxx</string>
</map>
But still not working
The above comment was already addressed in https://github.com/ppwwyyxx/wechat-dump/issues/70
The above comment was already addressed in #70
Thanks a lot !!!
wechat6.5 how to decrypt ?