API tools faq
paste
Advertisement
Guest User

Whatsapp Decrypt

a guest
Mar 16th, 2014
2,264
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.51 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. """
  3. 48bits presents:
  4. 8===============================================D~~~
  5. WhatsApp msgstore crypt5 decryptor by grbnz0 and nullsub
  6. 8===============================================D~~~
  7.  
  8. """
  9. //Importing various libraries
  10. import sys
  11. import hashlib
  12. import StringIO
  13. from M2Crypto import EVP
  14.  
  15. //These are the keys required to unlock the database, they were obtained by some reverse engineering. Apparently, all databases use the SAME key.
  16. key = bytearray([141, 75, 21, 92, 201, 255, 129, 229, 203, 246, 250, 120, 25, 54, 106, 62, 198, 33, 166, 86, 65, 108, 215, 147]) // This is the AES-192 Key (Google it), it's secure as you can't exactly guess it and brute forcing it would take a long time.
  17. iv = bytearray([0x1E,0x39,0xF3,0x69,0xE9,0xD,0xB3,0x3A,0xA7,0x3B,0x44,0x2B,0xBB,0xB6,0xB0,0xB9]) // This is the Initialization Vector (Google it)
  18.  
  19. *DECRYPT METHOD*
  20. //This function takes the two arguments, namely, the source database name and account name. Now here's where I can't tell in detail what's happening, but I'll give you the gist of it. The thing about something that is encrpyted, is that, you can "read" what's there, but not make out anything sensible. This function will read from the database, use the keys above to decrypt (Make it so that things are sensible) and then store it into a new database.
  21. def decrypt(db,acc):
  22. fh = file(db,'rb')
  23. edb = fh.read()
  24. fh.close()
  25. m = hashlib.md5()
  26. m.update(acc)
  27. md5 = bytearray(m.digest())
  28. for i in xrange(24): key[i] ^= md5[i&0xF]
  29. cipher = EVP.Cipher('aes_192_cbc', key=key, iv=iv, op=0)
  30. sys.stdout.write(cipher.update(edb))
  31. sys.stdout.write(cipher.final())
  32.  
  33. *START HERE*
  34. //The program starts here, once the python script is called from a terminal it checks if the arguments passed to it are correct or not, and acts accordingly.
  35. if __name__ == '__main__': // Checks if the userinput is correct (Has three arguments, basically the account name, encrypted database name and the output database name)
  36. if len(sys.argv) != 3:
  37. print 'usage %s <db> <accountname> > decrypted.db' % sys.argv[0] //If the input is incorrect, it explains to the user on how to use the script and stops the script right there.
  38. else:
  39. decrypt(sys.argv[1],sys.argv[2]) // Else, if the input is correct, it moves ahead, calling the decrypt method that does all the magic.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!