Android Read WhatsApp Data

Question

So far I googled a lot about decrypting whatsapp db file with extension as,

.db.crypt5

but no approach worked for me. I tried a Crypto.class which can be seen a lot in stackoverflow links to read WhatsApp database file, but that file also did not work for me.

This is my Crypto.class :

   import java.io.File;
   import java.io.FileInputStream;
   import java.io.FileOutputStream;
   import java.io.InputStream;

   import javax.crypto.Cipher;
   import javax.crypto.CipherInputStream;
   import javax.crypto.spec.SecretKeySpec;

    import android.util.Log;

  public class Crypto
 {

public FileInputStream mIn;
public FileOutputStream mOut;

public Crypto(String fileIn, String fileOut)
{
    try
    {
        mIn = new FileInputStream(new File(fileIn));
        mOut = new FileOutputStream(new File(fileOut));
        decrypt(mIn, mOut);
    }
    catch (Exception e)
    {
        e.printStackTrace();
    }
}

public static void decrypt(InputStream in, FileOutputStream out) throws Exception
{
    final String string = "346a23652a46392b4d73257c67317e352e3372482177652c";
    byte[] hexAsBytes = hexStringToByteArray(string);

    SecretKeySpec keySpec = new SecretKeySpec(hexAsBytes, "AES");
    Cipher cipher = Cipher.getInstance("AES");

    cipher.init(Cipher.DECRYPT_MODE, keySpec);

    in = new CipherInputStream(in, cipher);
    byte[] buffer = new byte[24];
    int bytesRead;
    while ((bytesRead = in.read(buffer)) != -1)
    {
        out.write(buffer, 0, bytesRead);
        String si = new String(buffer);
        Log.d("Crypto", si);
    }

}

public static byte[] hexStringToByteArray(String s)
{
    int len = s.length();
    byte[] data = new byte[len / 2];
    for(int i = 0; i < len; i += 2)
    {
        data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
    }
    return data;
}

       }  

and this is how I am calling the constructor in my activity:

Crypto c = new Crypto("/sdcard/WhatsApp/Databases/msgstore.db.crypt5", "/sdcard/My_Folder_Name/watsapp");

I just want to decrypt this file and see all chats. For testing, I am trying on this file msgstore.db.crypt5.

I need help where I am doing wrong?

Answer 1

I have done this by using following :

Root your device and try this code::

public void copyDbToSdcard()
{
    try
    {
        String comando = "cp -r /data/data/com.whatsapp/databases/msgstore.db /sdcard/My_Custom_Folder/";
        Process suProcess = Runtime.getRuntime().exec("su");
        DataOutputStream os = new DataOutputStream(suProcess.getOutputStream());
        os.writeBytes(comando + "\n");
        os.flush();
        os.writeBytes("exit\n");
        os.flush();
        try
        {
            int suProcessRetval = suProcess.waitFor();
            if(255 != suProcessRetval)
            {
                //
            }
            else
            {
                //
            }
        }
        catch (Exception ex)
        {
            Log.e("ERROR-->", ex.toString());
        }
    }
    catch (Exception e)
    {
        e.printStackTrace();
    }
}  


    private void openAndQueryDatabase()
{
    try
    {
        DataBaseHelper dbHelper = new DataBaseHelper(this.getApplicationContext());
        newDB = dbHelper.getWritableDatabase();

        Cursor c = newDB.rawQuery("SELECT data FROM messages where data!=''", null);

        if(c != null)
        {
            if(c.moveToFirst())
            {
                do
                {

                    String data = c.getString(c.getColumnIndex("data"));

                    results.add(data); //adding to arrayList

                }
                while (c.moveToNext());
            }
        }

                while (c3.moveToNext());
            }
        }
    }

    catch (SQLiteException se)
    {
        Log.e(getClass().getSimpleName(), "Could not create or Open the database");
    }
}  

And then display results in your TextView or wherever you want.

Answer 2

Working Android Code: (No root required)

Once you have access to the dbcrypt5 file , here is the android code to decrypt it:

private byte[] key = { (byte) 141, 75, 21, 92, (byte) 201, (byte) 255,
        (byte) 129, (byte) 229, (byte) 203, (byte) 246, (byte) 250, 120,
        25, 54, 106, 62, (byte) 198, 33, (byte) 166, 86, 65, 108,
        (byte) 215, (byte) 147 };

private final byte[] iv = { 0x1E, 0x39, (byte) 0xF3, 0x69, (byte) 0xE9, 0xD,
        (byte) 0xB3, 0x3A, (byte) 0xA7, 0x3B, 0x44, 0x2B, (byte) 0xBB,
        (byte) 0xB6, (byte) 0xB0, (byte) 0xB9 };
   long start = System.currentTimeMillis();

    // create paths
    backupPath = Environment.getExternalStorageDirectory()
            .getAbsolutePath() + "/WhatsApp/Databases/msgstore.db.crypt5";
    outputPath = Environment.getExternalStorageDirectory()
            .getAbsolutePath() + "/WhatsApp/Databases/msgstore.db.decrypt";

    File backup = new File(backupPath);

    // check if file exists / is accessible
    if (!backup.isFile()) {
        Log.e(TAG, "Backup file not found! Path: " + backupPath);
        return;
    }

    // acquire account name
    AccountManager manager = AccountManager.get(this);
    Account[] accounts = manager.getAccountsByType("com.google");

    if (accounts.length == 0) {
        Log.e(TAG, "Unable to fetch account!");
        return;
    }

    String account = accounts[0].name;

    try {
        // calculate md5 hash over account name
        MessageDigest message = MessageDigest.getInstance("MD5");
        message.update(account.getBytes());
        byte[] md5 = message.digest();

        // generate key for decryption
        for (int i = 0; i < 24; i++)
            key[i] ^= md5[i & 0xF];

        // read encrypted byte stream
        byte[] data = new byte[(int) backup.length()];
        DataInputStream reader = new DataInputStream(new FileInputStream(
                backup));
        reader.readFully(data);
        reader.close();

        // create output writer
        File output = new File(outputPath);
        DataOutputStream writer = new DataOutputStream(
                new FileOutputStream(output));

        // decrypt file
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        SecretKeySpec secret = new SecretKeySpec(key, "AES");
        IvParameterSpec vector = new IvParameterSpec(iv);
        cipher.init(Cipher.DECRYPT_MODE, secret, vector);
        writer.write(cipher.update(data));
        writer.write(cipher.doFinal());
        writer.close();
    } catch (NoSuchAlgorithmException e) {
        Log.e(TAG, "Could not acquire hash algorithm!", e);
        return;
    } catch (IOException e) {
        Log.e(TAG, "Error accessing file!", e);
        return;
    } catch (Exception e) {
        Log.e(TAG, "Something went wrong during the encryption!", e);
        return;
    }

    long end = System.currentTimeMillis();

    Log.i(TAG, "Success! It took " + (end - start) + "ms");

Answer 3

I found this code here code it takes the msgstore.db.crypt5 and produces msgstore.db, then you can open the file with any sqLite bowser.

   package whatsapp;

    import java.io.File;

    import java.io.FileInputStream;

    import java.io.FileOutputStream;

    import java.math.BigInteger;

    import java.security.MessageDigest;

    import java.util.Arrays;

    import javax.crypto.Cipher;

    import javax.crypto.CipherInputStream;

    import javax.crypto.spec.IvParameterSpec;

    import javax.crypto.spec.SecretKeySpec;

    public class WhatsAppDecrypt5 {

        private static final byte[] INITIALIZATION_VECTOR = hexStringToByteArray("1e39f369e90db33aa73b442bbbb6b0b9");
        private static final byte[] ENCRYPTION_KEY = hexStringToByteArray("8d4b155cc9ff81e5cbf6fa7819366a3ec621a656416cd793");
        public static void main(String[] args) throws Exception {



            if (args.length != 3) {
                System.out.println("usage <inputfile> <outputfile> <email>");
            //  System.exit(0);
            }
            decrypt(new File("/Users/ovazquez/Downloads/msgstore.db.crypt5"), new File("/Users/ovazquez/Downloads/msgstore.db"), "theasociatedemail@gmail.com");
            System.out.println("finalizado");
        }

        private static void decrypt(File inputFile, File outputFile, String email)
                throws Exception {

            String emailMD5 = md5(email);

            byte[] emailMD5Bytes = hexStringToByteArray(emailMD5 + emailMD5);

            byte[] decryptionKey = Arrays.copyOf(ENCRYPTION_KEY, 24);

            for (int i = 0; i < 24; i++) {
                decryptionKey[i] ^= emailMD5Bytes[i & 0xF];
            }

            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding", "SunJCE");
            cipher.init(Cipher.DECRYPT_MODE,new SecretKeySpec(decryptionKey, "AES"), new IvParameterSpec(INITIALIZATION_VECTOR));
            CipherInputStream cIn = new CipherInputStream(new FileInputStream(inputFile), cipher);
            FileOutputStream fOut = new FileOutputStream(outputFile);

            byte[] buffer = new byte[8192];

            int n;

            while ((n = cIn.read(buffer)) != -1) {

                fOut.write(buffer, 0, n);

            }

            cIn.close();

            fOut.close();

        }

        private static byte[] hexStringToByteArray(String s) {

            int len = s.length();

            byte[] data = new byte[len / 2];

            for (int i = 0; i < len; i += 2) {

                data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character
                        .digit(s.charAt(i + 1), 16));

            }

            return data;

        }

        private static String md5(String md5) throws Exception {

            MessageDigest m = MessageDigest.getInstance("MD5");

            m.reset();

            m.update(md5.getBytes());

            byte[] digest = m.digest();

            BigInteger bigInt = new BigInteger(1, digest);

            return bigInt.toString(16);

        }

    }