starred/wa-crypt-tools
1
0
Fork 0
mirror of https://github.com/ElDavoo/wa-crypt-tools.git synced 2026-04-27 14:45:57 +03:00
Code Issues 16 Projects Releases 1 Packages Wiki Activity

[GH-ISSUE #123] crypt15 decryption not working anymore? #57

New issue
Closed
opened 2026-03-02 03:59:44 +03:00 by kerem · 16 comments
kerem commented 2026-03-02 03:59:44 +03:00
Owner
Copy link

Originally created by @YannikBe on GitHub (Apr 30, 2024).
Original GitHub issue: https://github.com/ElDavoo/wa-crypt-tools/issues/123

Originally assigned to: @ElDavoo on GitHub.

Hexdump of your key file

❯ hexdump encrypted_backup.key
0000000 edac 0500 7275 0200 425b f3ac f817 0806
0000010 e054 0002 7800 0070 0000 6e20 0842 8e68
0000020 bd7d 9d1a c618 1b9a 5de2 5642 ff34 d5cf
0000030 7ca8 7046 5f79 487e 288a 00ab
000003b

Without the "line numbers": edac050072750200425bf3acf8170806e05400027800007000006e2008428e68bd7d9d1ac6181b9a5de25642ff34d5cf7ca870465f79487e288a00ab
Created with: wacreatekey --hex 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab

Hexdump of the encrypted DB

❯ hexdump -n 512 msgstore.db.crypt15
0000000 0184 0108 121a 100a 6474 af99 957b a22f
0000010 588f 52c7 8725 8d94 6c22 090a 2e32 3432
0000020 382e 382e 1a35 3902 2032 2801 3001 3801
0000030 4001 4801 5001 5801 6001 6801 7001 7801
0000040 8001 0101 0188 9001 0101 0198 a001 0101
0000050 01a8 b001 0101 01b8 c001 0101 01c8 d001
0000060 0101 01d8 e001 0101 01e8 f001 0101 01f8
0000070 8001 0102 0288 9001 0102 0298 a001 0102
0000080 02a8 b801 0102 49b2 d9d7 446a 620d 07af
0000090 5a61 6e99 09db 5721 25a9 7967 b629 05ba
00000a0 7d04 dbc6 e2c2 ec6c aebc 45b0 7285 9f8c
00000b0 b0fc d81e c6dd a009 c078 26f3 1f66 d71d
00000c0 958d 4a50 c3e0 a575 be31 8d9b 276b 8f8a
00000d0 c937 02de baed 555f c115 973e e893 eea4
00000e0 54ca 618c ef9a c6ee aeb9 8001 94d4 71cd
00000f0 75b2 a18c 2059 7f49 5af5 c360 9d6b d405
0000100 0b00 933a b566 917f 98c4 3915 2eb8 5ab5
0000110 74ff 1aa9 eeda a7ad b4b6 b053 74f6 1960
0000120 df1e efff 3e41 876a 4bec d2a1 fd7a d4c1
0000130 5bf0 baec 3399 9b39 f0ed d731 e7b6 3415
0000140 0a9c 8c2c 98b8 66a2 7c54 c09e d2c9 db68
0000150 7dc7 4c68 d187 1364 29c6 a582 a356 5a7c
0000160 562d 9e20 9352 f5e9 2cc7 04cd ea2c 9315
0000170 d8ff 585a d573 73e2 295e 7b74 170d 68dd
0000180 bd5c 04f1 9702 b3a4 a377 b267 b31b 7a7c
0000190 4e62 3538 b208 ae5f 81d5 a54e ee3f e3de
00001a0 8505 87ee f067 6ed1 9d2f eb25 7dfe 4ae6
00001b0 edf0 85e1 a881 4954 cc33 f635 21a8 33b1
00001c0 279b 0e5f 00ad 5c50 39b2 a2a7 06c1 4712
00001d0 30a1 099d 1eb8 a6db 41c5 088c c7ac 9614
00001e0 7363 68ba 659a c87a 82c3 f6d9 914b dc0d
00001f0 9554 6b1f 7843 0d56 79d9 c341 b697 c240
0000200

Again just the pure hex string in case that is easier: 01840108121a100a6474af99957ba22f588f52c787258d946c22090a2e323432382e382e1a353902203228013001380140014801500158016001680170017801800101010188900101010198a001010101a8b001010101b8c001010101c8d001010101d8e001010101e8f001010101f8800101020288900101020298a001010202a8b801010249b2d9d7446a620d07af5a616e9909db572125a97967b62905ba7d04dbc6e2c2ec6caebc45b072859f8cb0fcd81ec6dda009c07826f31f66d71d958d4a50c3e0a575be318d9b276b8f8ac93702debaed555fc115973ee893eea454ca618cef9ac6eeaeb9800194d471cd75b2a18c20597f495af5c3609d6bd4050b00933ab566917f98c439152eb85ab574ff1aa9eedaa7adb4b6b05374f61960df1eefff3e41876a4becd2a1fd7ad4c15bf0baec33999b39f0edd731e7b634150a9c8c2c98b866a27c54c09ed2c9db687dc74c68d187136429c6a582a3565a7c562d9e209352f5e92cc704cdea2c9315d8ff585ad57373e2295e7b74170d68ddbd5c04f19702b3a4a377b267b31b7a7c4e623538b208ae5f81d5a54eee3fe3de850587eef0676ed19d2feb257dfe4ae6edf085e1a8814954cc33f63521a833b1279b0e5f00ad5c5039b2a2a706c1471230a1099d1eb8a6db41c5088cc7ac9614736368ba659ac87a82c3f6d9914bdc0d95546b1f78430d5679d9c341b697c240

Screenshots
If applicable, add screenshots to help explain your problem.
Not sure what to upload here... Just in case that is my screenshot of the key I took:
image

Program output using -v and -f

❯ wadecrypt --force -v 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab files/Databases/msgstore.db.crypt15 msgstore.db
keyfactory.py:31        : [D] Reading keyfile...
keyfactory.py:46        : [I] The keyfile could not be opened.
key15.py:47     : [D] Root key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab
key15.py:51     : [I] Crypt15 / Raw key loaded
wadecrypt.py:235        : [D] Key15(key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab)
dbfactory.py:41         : [D] Parsing database header...
dbfactory.py:75         : [D] WhatsApp version: 2.24.8.85
dbfactory.py:78         : [D] Your phone number ends with 92
dbfactory.py:128        : [D] Crypt15 info:
Header information in your crypt15 file:IV: 746499af7b952fa28f58c7522587948d
Key type: 1
WhatsApp version: 2.24.8.85
The last two numbers of the user's Jid: 92
Backup version: 1
Features: [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39]
Max feature number: 39

db15.py:132     : [D] Checksum OK (d06d42d90d93bcc0f59633017a447c94). Decrypting...
db15.py:155     : [E] Authentication tag mismatch: MAC check failed.
    This probably means your backup is corrupted.
wadecrypt.py:260        : [E] I can't recognize decrypted data. Decryption not successful.
    The key probably does not match with the encrypted file.
    Or the backup is simply empty. (check with --force)
wadecrypt.py:271        : [I] Done

Additional context
I am getting the same error output when using the keyfile instead of the raw key. In case it matters: the media files are mcrypt1 encrypted but I have not even attempted decrypting them yet.
The backup is 16G in size which is why I waited for the past 12 hours for it to upload to then download it. I am certain that the screenshotted key matches the backup I am trying to decrypt.

I would appreciate any help a lot!! Thank you!

Originally created by @YannikBe on GitHub (Apr 30, 2024). Original GitHub issue: https://github.com/ElDavoo/wa-crypt-tools/issues/123 Originally assigned to: @ElDavoo on GitHub. **Hexdump of your key file** ``` ❯ hexdump encrypted_backup.key 0000000 edac 0500 7275 0200 425b f3ac f817 0806 0000010 e054 0002 7800 0070 0000 6e20 0842 8e68 0000020 bd7d 9d1a c618 1b9a 5de2 5642 ff34 d5cf 0000030 7ca8 7046 5f79 487e 288a 00ab 000003b ``` Without the "line numbers": `edac050072750200425bf3acf8170806e05400027800007000006e2008428e68bd7d9d1ac6181b9a5de25642ff34d5cf7ca870465f79487e288a00ab` Created with: `wacreatekey --hex 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab` **Hexdump of the encrypted DB** ``` ❯ hexdump -n 512 msgstore.db.crypt15 0000000 0184 0108 121a 100a 6474 af99 957b a22f 0000010 588f 52c7 8725 8d94 6c22 090a 2e32 3432 0000020 382e 382e 1a35 3902 2032 2801 3001 3801 0000030 4001 4801 5001 5801 6001 6801 7001 7801 0000040 8001 0101 0188 9001 0101 0198 a001 0101 0000050 01a8 b001 0101 01b8 c001 0101 01c8 d001 0000060 0101 01d8 e001 0101 01e8 f001 0101 01f8 0000070 8001 0102 0288 9001 0102 0298 a001 0102 0000080 02a8 b801 0102 49b2 d9d7 446a 620d 07af 0000090 5a61 6e99 09db 5721 25a9 7967 b629 05ba 00000a0 7d04 dbc6 e2c2 ec6c aebc 45b0 7285 9f8c 00000b0 b0fc d81e c6dd a009 c078 26f3 1f66 d71d 00000c0 958d 4a50 c3e0 a575 be31 8d9b 276b 8f8a 00000d0 c937 02de baed 555f c115 973e e893 eea4 00000e0 54ca 618c ef9a c6ee aeb9 8001 94d4 71cd 00000f0 75b2 a18c 2059 7f49 5af5 c360 9d6b d405 0000100 0b00 933a b566 917f 98c4 3915 2eb8 5ab5 0000110 74ff 1aa9 eeda a7ad b4b6 b053 74f6 1960 0000120 df1e efff 3e41 876a 4bec d2a1 fd7a d4c1 0000130 5bf0 baec 3399 9b39 f0ed d731 e7b6 3415 0000140 0a9c 8c2c 98b8 66a2 7c54 c09e d2c9 db68 0000150 7dc7 4c68 d187 1364 29c6 a582 a356 5a7c 0000160 562d 9e20 9352 f5e9 2cc7 04cd ea2c 9315 0000170 d8ff 585a d573 73e2 295e 7b74 170d 68dd 0000180 bd5c 04f1 9702 b3a4 a377 b267 b31b 7a7c 0000190 4e62 3538 b208 ae5f 81d5 a54e ee3f e3de 00001a0 8505 87ee f067 6ed1 9d2f eb25 7dfe 4ae6 00001b0 edf0 85e1 a881 4954 cc33 f635 21a8 33b1 00001c0 279b 0e5f 00ad 5c50 39b2 a2a7 06c1 4712 00001d0 30a1 099d 1eb8 a6db 41c5 088c c7ac 9614 00001e0 7363 68ba 659a c87a 82c3 f6d9 914b dc0d 00001f0 9554 6b1f 7843 0d56 79d9 c341 b697 c240 0000200 ``` Again just the pure hex string in case that is easier: `01840108121a100a6474af99957ba22f588f52c787258d946c22090a2e323432382e382e1a353902203228013001380140014801500158016001680170017801800101010188900101010198a001010101a8b001010101b8c001010101c8d001010101d8e001010101e8f001010101f8800101020288900101020298a001010202a8b801010249b2d9d7446a620d07af5a616e9909db572125a97967b62905ba7d04dbc6e2c2ec6caebc45b072859f8cb0fcd81ec6dda009c07826f31f66d71d958d4a50c3e0a575be318d9b276b8f8ac93702debaed555fc115973ee893eea454ca618cef9ac6eeaeb9800194d471cd75b2a18c20597f495af5c3609d6bd4050b00933ab566917f98c439152eb85ab574ff1aa9eedaa7adb4b6b05374f61960df1eefff3e41876a4becd2a1fd7ad4c15bf0baec33999b39f0edd731e7b634150a9c8c2c98b866a27c54c09ed2c9db687dc74c68d187136429c6a582a3565a7c562d9e209352f5e92cc704cdea2c9315d8ff585ad57373e2295e7b74170d68ddbd5c04f19702b3a4a377b267b31b7a7c4e623538b208ae5f81d5a54eee3fe3de850587eef0676ed19d2feb257dfe4ae6edf085e1a8814954cc33f63521a833b1279b0e5f00ad5c5039b2a2a706c1471230a1099d1eb8a6db41c5088cc7ac9614736368ba659ac87a82c3f6d9914bdc0d95546b1f78430d5679d9c341b697c240` **Screenshots** If applicable, add screenshots to help explain your problem. Not sure what to upload here... Just in case that is my screenshot of the key I took: ![image](https://github.com/ElDavoo/wa-crypt-tools/assets/57064400/53839d20-9930-4c53-9a6c-7b791e55662c) **Program output using -v and -f** ``` ❯ wadecrypt --force -v 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab files/Databases/msgstore.db.crypt15 msgstore.db keyfactory.py:31 : [D] Reading keyfile... keyfactory.py:46 : [I] The keyfile could not be opened. key15.py:47 : [D] Root key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab key15.py:51 : [I] Crypt15 / Raw key loaded wadecrypt.py:235 : [D] Key15(key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab) dbfactory.py:41 : [D] Parsing database header... dbfactory.py:75 : [D] WhatsApp version: 2.24.8.85 dbfactory.py:78 : [D] Your phone number ends with 92 dbfactory.py:128 : [D] Crypt15 info: Header information in your crypt15 file:IV: 746499af7b952fa28f58c7522587948d Key type: 1 WhatsApp version: 2.24.8.85 The last two numbers of the user's Jid: 92 Backup version: 1 Features: [5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 39] Max feature number: 39 db15.py:132 : [D] Checksum OK (d06d42d90d93bcc0f59633017a447c94). Decrypting... db15.py:155 : [E] Authentication tag mismatch: MAC check failed. This probably means your backup is corrupted. wadecrypt.py:260 : [E] I can't recognize decrypted data. Decryption not successful. The key probably does not match with the encrypted file. Or the backup is simply empty. (check with --force) wadecrypt.py:271 : [I] Done ``` **Additional context** I am getting the same error output when using the keyfile instead of the raw key. In case it matters: the media files are mcrypt1 encrypted but I have not even attempted decrypting them yet. The backup is 16G in size which is why I waited for the past 12 hours for it to upload to then download it. I am certain that the screenshotted key matches the backup I am trying to decrypt. I would appreciate _any_ help a lot!! Thank you!
kerem 2026-03-02 03:59:44 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 1, 2024):

hi, would you mind sending the DB file to t.me/eldavo ?

<!-- gh-comment-id:2088642471 --> @ElDavoo commented on GitHub (May 1, 2024): hi, would you mind sending the DB file to t.me/eldavo ?
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 1, 2024):

In case it matters: the media files are mcrypt1 encrypted but I have not even attempted decrypting them yet.

You need additional metadata to decrypt those files, you can download them with the master branch version of whapa.

<!-- gh-comment-id:2088765251 --> @ElDavoo commented on GitHub (May 1, 2024): > In case it matters: the media files are mcrypt1 encrypted but I have not even attempted decrypting them yet. You need additional metadata to decrypt those files, you can download them with the master branch version of whapa.
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@YannikBe commented on GitHub (May 3, 2024):

Thank you @ElDavoo for your quick reply! Unfortunately, I have to admit that I would not feel comfortable sending so much private information about my family, friends and myself to anyone online. I hope you understand. Thank you for your offer though!

<!-- gh-comment-id:2092522887 --> @YannikBe commented on GitHub (May 3, 2024): Thank you @ElDavoo for your quick reply! Unfortunately, I have to admit that I would not feel comfortable sending so much private information about my family, friends and myself to anyone online. I hope you understand. Thank you for your offer though!
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 3, 2024):

That's understandable. Are you able to try and decrypt other DB files, like avatar_backup, stickers, etc etc?

<!-- gh-comment-id:2092617908 --> @ElDavoo commented on GitHub (May 3, 2024): That's understandable. Are you able to try and decrypt other DB files, like avatar_backup, stickers, etc etc?
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@YannikBe commented on GitHub (May 3, 2024):

Thank you for understanding and still trying to help!

Unfortunately, decrypting other files results in the exact same error message. Even though details like the WhatsApp version number or the last two digits of my phone number are correct, the decryption fails.

❯ wadecrypt --force -v 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab 4915738962092/files/Backups/stickers.db.crypt15 st
ickers.db
keyfactory.py:31        : [D] Reading keyfile...
keyfactory.py:46        : [I] The keyfile could not be opened.
key15.py:47     : [D] Root key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab
key15.py:51     : [I] Crypt15 / Raw key loaded
wadecrypt.py:235        : [D] Key15(key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab)
dbfactory.py:41         : [D] Parsing database header...
dbfactory.py:59         : [D] No feature table found (not a msgstore DB or very old)
dbfactory.py:75         : [D] WhatsApp version: 2.24.8.85
dbfactory.py:78         : [D] Your phone number ends with 92
dbfactory.py:128        : [D] Crypt15 info:
Header information in your crypt15 file:IV: c084f456209d726bddec3d6ec253d7a8
Key type: 1
WhatsApp version: 2.24.8.85
The last two numbers of the user's Jid: 92
Backup version: 0
No feature table found (not a msgstore DB or very old)

db15.py:155     : [E] Authentication tag mismatch: MAC check failed.
    This probably means your backup is corrupted.
wadecrypt.py:260        : [E] I can't recognize decrypted data. Decryption not successful.
    The key probably does not match with the encrypted file.
    Or the backup is simply empty. (check with --force)
wadecrypt.py:271        : [I] Done

Could I maybe have made a mistake while downloading my backup from Google Drive? I used whapa (https://github.com/B16f00t/whapa) to download the files. Whapa's author actually linked to your repo in an issue and that is how I found this project. In the whapa settings I entered my Android Device ID but I never gave it to wa-crypt-tools.

Or is there a way to get a backup directly from my unrooted Samsung phone to circumvent Google's decryption? Or would it help if I uploaded a new WhatsApp backup from my phone into Google Drive without end-to-end encrypting it? In the end I only want to have all my messages and media on my computer to keep them safe there.

<!-- gh-comment-id:2092646049 --> @YannikBe commented on GitHub (May 3, 2024): Thank you for understanding and still trying to help! Unfortunately, decrypting other files results in the exact same error message. Even though details like the WhatsApp version number or the last two digits of my phone number are correct, the decryption fails. ``` ❯ wadecrypt --force -v 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab 4915738962092/files/Backups/stickers.db.crypt15 st ickers.db keyfactory.py:31 : [D] Reading keyfile... keyfactory.py:46 : [I] The keyfile could not be opened. key15.py:47 : [D] Root key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab key15.py:51 : [I] Crypt15 / Raw key loaded wadecrypt.py:235 : [D] Key15(key: 6e4208688e7dbd1a9d18c69a1be25d425634ffcfd5a87c4670795f7e488a28ab) dbfactory.py:41 : [D] Parsing database header... dbfactory.py:59 : [D] No feature table found (not a msgstore DB or very old) dbfactory.py:75 : [D] WhatsApp version: 2.24.8.85 dbfactory.py:78 : [D] Your phone number ends with 92 dbfactory.py:128 : [D] Crypt15 info: Header information in your crypt15 file:IV: c084f456209d726bddec3d6ec253d7a8 Key type: 1 WhatsApp version: 2.24.8.85 The last two numbers of the user's Jid: 92 Backup version: 0 No feature table found (not a msgstore DB or very old) db15.py:155 : [E] Authentication tag mismatch: MAC check failed. This probably means your backup is corrupted. wadecrypt.py:260 : [E] I can't recognize decrypted data. Decryption not successful. The key probably does not match with the encrypted file. Or the backup is simply empty. (check with --force) wadecrypt.py:271 : [I] Done ``` Could I maybe have made a mistake while downloading my backup from Google Drive? I used `whapa` (https://github.com/B16f00t/whapa) to download the files. Whapa's author actually linked to your repo in an issue and that is how I found this project. In the whapa settings I entered my Android Device ID but I never gave it to `wa-crypt-tools`. Or is there a way to get a backup directly from my unrooted Samsung phone to circumvent Google's decryption? Or would it help if I uploaded a new WhatsApp backup from my phone into Google Drive without end-to-end encrypting it? In the end I only want to have all my messages and media on my computer to keep them safe there.
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 3, 2024):

would it help if I uploaded a new WhatsApp backup from my phone into Google Drive without end-to-end encrypting it? I

You would then need to extract the key with some other projects.

Anyway, I can reproduce the issue, it looks like the actual key is different from what wacreatekey generates

<!-- gh-comment-id:2092766441 --> @ElDavoo commented on GitHub (May 3, 2024): > would it help if I uploaded a new WhatsApp backup from my phone into Google Drive without end-to-end encrypting it? I You would then need to extract the key with some other projects. Anyway, I can reproduce the issue, it looks like the actual key is different from what `wacreatekey` generates
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@YannikBe commented on GitHub (May 3, 2024):

You would then need to extract the key with some other projects.

Okay I see.

Anyway, I can reproduce the issue, it looks like the actual key is different from what wacreatekey generates

Thank you for taking the time and giving it a shot as well! Is there anything I can do to find the correct key or help improving wacreatekey without sending my entire WhatsApp history accross the internet?

<!-- gh-comment-id:2092777725 --> @YannikBe commented on GitHub (May 3, 2024): > You would then need to extract the key with some other projects. Okay I see. > Anyway, I can reproduce the issue, it looks like the actual key is different from what wacreatekey generates Thank you for taking the time and giving it a shot as well! Is there anything I can do to find the correct key or help improving `wacreatekey` without sending my entire WhatsApp history accross the internet?
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 3, 2024):

No, let me see how to fix it

<!-- gh-comment-id:2092792841 --> @ElDavoo commented on GitHub (May 3, 2024): No, let me see how to fix it
kerem commented 2026-03-02 03:59:45 +03:00
Author
Owner
Copy link

@diyathrajapakshe commented on GitHub (May 13, 2024):

Any update the on the issue above @ElDavoo, having the same issue myself.

<!-- gh-comment-id:2108840772 --> @diyathrajapakshe commented on GitHub (May 13, 2024): Any update the on the issue above @ElDavoo, having the same issue myself.
kerem commented 2026-03-02 03:59:46 +03:00
Author
Owner
Copy link

@asabeeh18 commented on GitHub (May 19, 2024):

So the solution is to use the util hex_string_to_encrypted_backup_key.py included in the repo. and then use the generated file in the decrpyt command
Example usage
hex_string_to_encrypted_backup_key.py 8d692080deea0a624125b787618c269a5dd29d8cfbbfd7a00cd57efd739eb8b9 ouput_key

<!-- gh-comment-id:2119139927 --> @asabeeh18 commented on GitHub (May 19, 2024): So the solution is to use the util `hex_string_to_encrypted_backup_key.py` included in the repo. and then use the generated file in the decrpyt command Example usage `hex_string_to_encrypted_backup_key.py 8d692080deea0a624125b787618c269a5dd29d8cfbbfd7a00cd57efd739eb8b9 ouput_key`
kerem commented 2026-03-02 03:59:46 +03:00
Author
Owner
Copy link

@diyathrajapakshe commented on GitHub (May 22, 2024):

So the solution is to use the util hex_string_to_encrypted_backup_key.py included in the repo. and then use the generated file in the decrpyt command Example usage hex_string_to_encrypted_backup_key.py 8d692080deea0a624125b787618c269a5dd29d8cfbbfd7a00cd57efd739eb8b9 ouput_key

Thank you @asabeeh18 for sharing that solution, I am however using the rooted - key, the 128-bit converted 64-bit and used with hex_string_to_encrypted_backup_key.py renders the same error.

<!-- gh-comment-id:2123849621 --> @diyathrajapakshe commented on GitHub (May 22, 2024): > So the solution is to use the util `hex_string_to_encrypted_backup_key.py` included in the repo. and then use the generated file in the decrpyt command Example usage `hex_string_to_encrypted_backup_key.py 8d692080deea0a624125b787618c269a5dd29d8cfbbfd7a00cd57efd739eb8b9 ouput_key` Thank you @asabeeh18 for sharing that solution, I am however using the rooted - key, the 128-bit converted 64-bit and used with hex_string_to_encrypted_backup_key.py renders the same error.
kerem commented 2026-03-02 03:59:46 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 24, 2024):

So the solution is to use the util hex_string_to_encrypted_backup_key.py included in the repo. and then use the generated file in the decrpyt command Example usage hex_string_to_encrypted_backup_key.py 8d692080deea0a624125b787618c269a5dd29d8cfbbfd7a00cd57efd739eb8b9 ouput_key

wacreatekey does the same, and both that and the old script generate the same encrypted_backup.key that's in my phone, but I've been unable to decrypt my db.

<!-- gh-comment-id:2129963630 --> @ElDavoo commented on GitHub (May 24, 2024): > So the solution is to use the util `hex_string_to_encrypted_backup_key.py` included in the repo. and then use the generated file in the decrpyt command Example usage `hex_string_to_encrypted_backup_key.py 8d692080deea0a624125b787618c269a5dd29d8cfbbfd7a00cd57efd739eb8b9 ouput_key` wacreatekey does the same, and both that and the old script generate the same encrypted_backup.key that's in my phone, but I've been unable to decrypt my db.
kerem commented 2026-03-02 03:59:46 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 24, 2024):

but I've been unable to decrypt my db.
I tried with a fresh backup and it worked.

Sorry everyone, but I've been shallow and I've deleted the old test files, so I can't test anymore if there is / was a problem.
Can you just.... try again?

<!-- gh-comment-id:2130001928 --> @ElDavoo commented on GitHub (May 24, 2024): > but I've been unable to decrypt my db. I tried with a fresh backup and it worked. Sorry everyone, but I've been shallow and I've deleted the old test files, so I can't test anymore if there is / was a problem. Can you just.... try again?
kerem commented 2026-03-02 03:59:46 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (May 24, 2024):

As a last resort, you might try using waguess.

<!-- gh-comment-id:2130052460 --> @ElDavoo commented on GitHub (May 24, 2024): As a last resort, you might try using `waguess`.
kerem commented 2026-03-02 03:59:46 +03:00
Author
Owner
Copy link

@ElDavoo commented on GitHub (Jun 24, 2024):

I will close this issue since I got no news on this

<!-- gh-comment-id:2187336120 --> @ElDavoo commented on GitHub (Jun 24, 2024): I will close this issue since I got no news on this
kerem commented 2026-03-02 03:59:46 +03:00
Author
Owner
Copy link

@YannikBe commented on GitHub (Jun 25, 2024):

Sorry ElDavoo, I don't have the old phone anymore because I had to return it when the contract ran out. So there is nothing left I could test it on at this point.
Either way, thank you very much for your support!

<!-- gh-comment-id:2188111244 --> @YannikBe commented on GitHub (Jun 25, 2024): Sorry ElDavoo, I don't have the old phone anymore because I had to return it when the contract ran out. So there is nothing left I could test it on at this point. Either way, thank you very much for your support!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/pip/protobuf-7.34.1
windows
dev
v0.1.0
v0.0.9
0.0.8
Labels
Clear labels   
bug

   
documentation

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
info needed

   
invalid

   
low priority

   
pull-request

Mirrored from GitHub Pull Request

  
skill issue

   
wontfix
No labels
bug
documentation
enhancement
enhancement
good first issue
help wanted
info needed
invalid
low priority
pull-request
skill issue
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/wa-crypt-tools#57
No description provided.