starred/Quasar
1
0
Fork 0
mirror of https://github.com/quasar/Quasar.git synced 2026-04-25 23:35:58 +03:00
Code Issues 137 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #1052] Keylogger: Failed to decrypt and write logs #757

New issue
Closed
opened 2026-02-27 15:51:43 +03:00 by kerem · 6 comments
kerem commented 2026-02-27 15:51:43 +03:00
Owner
Copy link

Originally created by @Jean3795 on GitHub (Feb 10, 2022).
Original GitHub issue: https://github.com/quasar/Quasar/issues/1052

Is there a way to fix that? I didn't used to happen and also tried some possible fixes but none of them were successful

Originally created by @Jean3795 on GitHub (Feb 10, 2022). Original GitHub issue: https://github.com/quasar/Quasar/issues/1052 Is there a way to fix that? I didn't used to happen and also tried some possible fixes but none of them were successful
kerem 2026-02-27 15:51:43 +03:00
  • closed this issue
  • added the
    question
         label
kerem commented 2026-02-27 15:51:44 +03:00
Author
Owner
Copy link

@edcdecl commented on GitHub (Feb 10, 2022):

Try #984 and #673

<!-- gh-comment-id:1035610028 --> @edcdecl commented on GitHub (Feb 10, 2022): Try #984 and #673
kerem commented 2026-02-27 15:51:44 +03:00
Author
Owner
Copy link

@Jean3795 commented on GitHub (Feb 10, 2022):

Try #984 and #673

I tried deleting all the html files but still can't decrypt
When I went to the other thread #673, it mentions a function in order to decrypt or read the log files, what's that function?

<!-- gh-comment-id:1035623253 --> @Jean3795 commented on GitHub (Feb 10, 2022): > Try #984 and #673 I tried deleting all the html files but still can't decrypt When I went to the other thread #673, it mentions a function in order to decrypt or read the log files, what's that function?
kerem commented 2026-02-27 15:51:44 +03:00
Author
Owner
Copy link

@edcdecl commented on GitHub (Feb 10, 2022):

I tried deleting all the html files but still can't decrypt

Is your client on the same version as the server? If it is, are you sure you upgraded the client correctly? Also, if the client that you are trying to access has a different encryption certificate than your server, it may be impossible to get the logs without installing another client (Not sure about this though).

When I went to the other thread #673, it mentions a function in order to decrypt or read the log files, what's that function?

It's this function from a file that was moved (AES.cs). You can't access it normally, however, because it's internal.

<!-- gh-comment-id:1035642398 --> @edcdecl commented on GitHub (Feb 10, 2022): > I tried deleting all the html files but still can't decrypt Is your client on the same version as the server? If it is, are you sure you upgraded the client correctly? Also, if the client that you are trying to access has a different encryption certificate than your server, it may be impossible to get the logs without installing another client (Not sure about this though). > When I went to the other thread #673, it mentions a function in order to decrypt or read the log files, what's that function? It's [this function](https://github.com/quasar/Quasar/blob/ae84898d8b3bdf5329bf37cf0db8ba6f5946a9ea/Client/Core/Cryptography/AES.cs#L154) from a file that was moved (AES.cs). You can't access it normally, however, because it's internal.
kerem commented 2026-02-27 15:51:44 +03:00
Author
Owner
Copy link

@Jean3795 commented on GitHub (Feb 10, 2022):

I tried deleting all the html files but still can't decrypt

Is your client on the same version as the server? If it is, are you sure you upgraded the client correctly? Also, if the client that you are trying to access has a different encryption certificate than your server, it may be impossible to get the logs without installing another client (Not sure about this though).

When I went to the other thread #673, it mentions a function in order to decrypt or read the log files, what's that function?

It's this function from a file that was moved (AES.cs). You can't access it normally, however, because it's internal.

I'm testing on self and the client has the latest version
How can I verify the encryption certificate?
Also, when I deleted all the html files, why do I still get the files once again, they're meant to be deleted, isn't it?

<!-- gh-comment-id:1035647656 --> @Jean3795 commented on GitHub (Feb 10, 2022): > > I tried deleting all the html files but still can't decrypt > > Is your client on the same version as the server? If it is, are you sure you upgraded the client correctly? Also, if the client that you are trying to access has a different encryption certificate than your server, it may be impossible to get the logs without installing another client (Not sure about this though). > > > When I went to the other thread #673, it mentions a function in order to decrypt or read the log files, what's that function? > > It's [this function](https://github.com/quasar/Quasar/blob/ae84898d8b3bdf5329bf37cf0db8ba6f5946a9ea/Client/Core/Cryptography/AES.cs#L154) from a file that was moved (AES.cs). You can't access it normally, however, because it's internal. I'm testing on self and the client has the latest version How can I verify the encryption certificate? Also, when I deleted all the html files, why do I still get the files once again, they're meant to be deleted, isn't it?
kerem commented 2026-02-27 15:51:44 +03:00
Author
Owner
Copy link

@MaxXor commented on GitHub (Feb 12, 2022):

Decryption can fail if you previously used an older version of Quasar clients and then updated the clients to latest version. In order to really delete the old log files, you need to delete them remotely. Open the file manager on the affected client(s) and navigate to C:\users<user>\AppData\Roaming\Logs, delete all files in this directory and restart the client. After this all newly created log files can be decrypted again.

When the clients are connecting to your server you can be sure the encryption certificate is correct, otherwise they wouldn't connect.

What do you mean writing log files also fails?

<!-- gh-comment-id:1037254830 --> @MaxXor commented on GitHub (Feb 12, 2022): Decryption can fail if you previously used an older version of Quasar clients and then updated the clients to latest version. In order to really delete the old log files, you need to delete them remotely. Open the file manager on the affected client(s) and navigate to C:\users\<user>\AppData\Roaming\Logs, delete all files in this directory and restart the client. After this all newly created log files can be decrypted again. When the clients are connecting to your server you can be sure the encryption certificate is correct, otherwise they wouldn't connect. What do you mean writing log files also fails?
kerem commented 2026-02-27 15:51:44 +03:00
Author
Owner
Copy link

@Jean3795 commented on GitHub (Feb 12, 2022):

Decryption can fail if you previously used an older version of Quasar clients and then updated the clients to latest version. In order to really delete the old log files, you need to delete them remotely. Open the file manager on the affected client(s) and navigate to C:\users\AppData\Roaming\Logs, delete all files in this directory and restart the client. After this all newly created log files can be decrypted again.

When the clients are connecting to your server you can be sure the encryption certificate is correct, otherwise they wouldn't connect.

What do you mean writing log files also fails?

I finally solved it, I just deleted all the encrypted logs on C:\users\AppData\Roaming\Logs and then when I tried again it worked well, thanks in regards.

<!-- gh-comment-id:1037470737 --> @Jean3795 commented on GitHub (Feb 12, 2022): > Decryption can fail if you previously used an older version of Quasar clients and then updated the clients to latest version. In order to really delete the old log files, you need to delete them remotely. Open the file manager on the affected client(s) and navigate to C:\users<user>\AppData\Roaming\Logs, delete all files in this directory and restart the client. After this all newly created log files can be decrypted again. > > When the clients are connecting to your server you can be sure the encryption certificate is correct, otherwise they wouldn't connect. > > What do you mean writing log files also fails? I finally solved it, I just deleted all the encrypted logs on C:\users<user>\AppData\Roaming\Logs and then when I tried again it worked well, thanks in regards.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dev
v1.4.1
v1.4.0
v1.3.0.0
v1.2.0.0
v1.1.0.0
v1.0.0.0
RELEASE4.1
RELEASE4
RELEASE3
RELEASE2
RELEASE1
Labels
Clear labels   
bug

   
bug

   
cant-reproduce

   
discussion

   
duplicate

   
easy

   
enhancement

   
help wanted

   
improvement

   
invalid

   
need more info

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
wont-add
No labels
bug
bug
cant-reproduce
discussion
duplicate
easy
enhancement
help wanted
improvement
invalid
need more info
pull-request
question
wont-add
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/Quasar#757
No description provided.