The Hacking Guide (Hack Tool & Tricks World)

hacking by Vineet Bharadwaj, Wifi Hacking, Facbook hacking, Gmail Hacking,android hacking,thehackingguide, Hacking by Vineet Bharadwaj, Website hacking, Mobile Hacking, Security, Hack Account, learn hack by vineet Bharadwaj,kingroot.apk rooting,windows tricks, Hack Facebook Account, Hack Gmail Account, Wifi hacking, Mobile Hacking, Learn Hacking, Security, Mobile USSD Code Hack, Tanki online Hack, Ip Address Hack,Hk rom Editor, Website Hacking, Lucky patcher, Facebook Hack,Kingroot android

Uncategories How to Decrypt and Extract WhatsApp Database

How to Decrypt and Extract WhatsApp Database

5:49 AM

How to Decrypt and Extract WhatsApp Database

Greeting Readers

Nowadays , WhatsApp has become the best interoperable Instant Messaging and VoIP (Voice over Internet Protocol) and Multimedia platform for the end users that provides them an well-serviced environment for Instant Messaging , Voice/Video Calling , File Transfer such as Documents , Videos and Images easily at the scale with high-end encryption encapsulated into it globally .

WhatsApp basically uses a standardised protocol for Instant Messaging called Extensible Messaging and Presence Protocol (XMPP).  It basically uses one of it's most valuable service called Jabber for user account at the time of Installation using the phone no. as the username i.e. (Jabber ID: [phone number]@s.whatsapp.net) and then it estimates all smart phones from it's address book with the help of it's centralised database for adding contacts automatically to their contact list and then it also allows Multimedia Messaging to the end users with the help of HTTP server and generates a hyperlink to the content with Base64 encoded.

Before Demonstration , I'd like to write about the working principle of WhatsApp high-end Encryption

As you know that the Multimedia Messaging and other type of data are simply the decrypted data and need to be encapsulated in order to securely communicate with each other  through a communication channel.



So Firstly ,  the Plain Text is encrypted using Private Key for the Data Encapsulation

i.e. PlainText + Secret Key == Data Encapsulation (Encrypted Data)

Once the data has been received by the receiver needs to be decrypted i.e. plain text using the same Secret Key for it

i.e. Data Encapsulation (Encrypted Data) + Secret Key == PlainText (Original Data)

The Main Problem with the Technique is the usage of Same Key for both encryption and decryption
So , if the sender sends the data to the receiver , the third party is likely to be able to eavesdrop and forge and sniff the conversation , data etc between sender and receiver which could create a massive problem to both of them

In order to overcome the problem , WhatsApp basically uses Two Keys for both encryption and decryption. These two keys are mathematically so related to each other that one key can encrypt the PlainText to Encrypted Data which can be later on decrypted by receiver


 





Both of your public and private keys are generated on your smartphone at the time of installation , So what does that mean by high-end encryption

As your private key is generated on your mobile , The third party Attacker cannot decrypt your messages due to the implementation of private key.



The 60 digit number shown above is shorter form of addition of your and your contact's public key. Remember, you use your contact's public key to encrypt outgoing message and your contact uses their private key to decrypt and vice versa.

Scanning QR code or comparing those 60 digit number is a way to verify and ensure that you are using correct public key of your contact and no one (whatsapp server or others) is spoofing you with wrong public key.

Now let me cut to the chase and write about the mechanism of both decryption and extraction of WhatsApp Database

You got to be thinking that it's impossible to just decrypt and extract the WhatsApp Database so easily with such high-end security attached to it

But let me tell you straight that it's possible and very easy to decrypt and extract the Database easily with the help of built-in tools available today in this technology

After all , Nothing is Impossible in today's technology

If there exists the technology then obviously there exists security tools too

There are following prerequisites software and tools need to be downloaded and installed before it

  • 1. Crypt Key Extractor (https://codeload.github.com/EliteAndroidApps/WhatsApp-Key-DB-Extractor/zip/master)
  • 2. Operating System (Windows , Linux , Mac OS X)
  • 3. Java (https://www.java.com/en/download/)
  • 4. ADB i.e. Android Debug Bridge (https://developer.android.com/studio/releases/platform-tools.html#download)
  • 5. Android Device (with Android 4.0 or Higher than it)
  • 6. USB Debugging must be enabled on the target device
  • 7. Web Browser
  • 8. Internet
  • 9. USB (Universal Serial Bus)

In order to enable USB Debugging , Please navigate to Settings --> Developer Options -->  Enable USB debugging. Please tap multiple times on Build Number  under About Phone unless and until you become the developer if you find no developer option under the Settings option

Note :

  • 01. I apologise Linux and Mac OS X users for the following below demonstration 
  • 02. Windows end users must have minimum knowledge about Windows OS for it
  • 03. This is to be advised that it's for the education purpose , any illegal activity against any                      other unauthorised devices could lead to jail

Are you finally ready to decrypt and extract WhatsApp Database

So , Let's Get Started

  • 04. Download prerequisites software and tools
  • 05. Extract it to your preferred drive
  • 06. Open up your Command Prompt 
  • 07. Navigate to the directory where WhatsApp Key DB Extractor installed
  • 08. Connect your device via USB and change the mode from charging to media
  • 09. Unlock your screen and wait for Full Backup option
  • 10. Enter your backup password or leave the blank (if none set) 
  • 11. Tap on Back up my data.

Note : Please wait as It could take few minutes depending upon your size of data

  • 12. Confirm backup password on your Command Prompt and check for extracted folder.
  • 13. You'll find many files there such as axolotl.db , chatsettings.db , msgstore.db, wa.db.
  • 14. As all these files are in SQL format visible through SQLite Software
  • 15. Visit https://sqliteonline.com for Online Viewing
  • 16. Click on Open DB and select them all in order to view the files online through the website
  • 17. Done
I hope you can now easily decrypt and extract WhatsApp Database

Thank you

Happy Hacking

About

Vineet Bharadwaj is the Founder of this Website. He is a Security Researcher, Pentration Tester and Certified Ethical Hacker with experience in various aspects of Information Security and Co author in "hakin9.org IT Security Magazine" n "E-forensics Magazine" and Author of Ebook "Wireshark: The packet sniffer" Also Got listed In many Big companies site's Hall Of Fame Other then He is a SEO expert,Web Analytic Expert, Blogger, Web Developer n Designer, Social Media Marketing. His all efforts is to make internet more Secure.

Next
« Prev Post
Previous
Next Post »
Subscribe to: Post Comments (Atom)