wa-crypt-tools
wa-crypt-tools copied to clipboard
ElDavoo
Can't decrypt Crypt14 - key format change?
Dont decrypt14
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python ./decrypt14_15.py ./key ./msgstore.db.crypt14 ./msgstore.db [I] Crypt12/14 key loaded [E] Key version mismatch: b'3' != b'2' To bypass checks, use the "--force" parameter
or E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python ./decrypt14_15.py ./key ./msgstore.db.crypt14 ./msgstore.db -f -v [V] Reading keyfile... [I] Crypt12/14 key loaded [V] Parsing database header... [V] WhatsApp version: 2.22.14.74 [V] Your phone number ends with [E] Key version mismatch: b'3' != b'2' [E] Server salt mismatch: .... [E] Google ID mismatch: .... != b.... [I] Database header parsed [V] Decrypting... [E] I can't recognize decrypted data. Decryption not successful. The key probably does not match with the encrypted file. [I] Done
OR
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python ./decrypt14_15.py ./key ./msgstore.db.crypt14 ./msgstore.db -v -np -f [V] Reading keyfile... [I] Crypt12/14 key loaded [V] WhatsApp version: 2.22.14.74 [F] Could not create a decryption cipher
The Key and the Backup are from the same Phone.
[E] Server salt mismatch: .... [E] Google ID mismatch: .... != b.... -> may i post this here?
Is the key updated? WhatsApp started auto-regenerating keys in recent versions.
Is the key updated? WhatsApp started auto-regenerating keys in recent versions.
i dont know -> the key is from 15.7. copy from the phone
Is the key updated? WhatsApp started auto-regenerating keys in recent versions.
Is decryption then possible at all?
You are trying to decrypt a backup created with an older key (the key you currently have is version 3, while the backups want a version 2 key). As the version 2 key got overridden by the version 3 key, unfortunately your backup is lost. The only thing you can try is to restore from these older backups using the official WhatsApp client. It shouldn't work, but you never know.
You are trying to decrypt a backup created with an older key (the key you currently have is version 3, while the backups want a version 2 key). As the version 2 key got overridden by the version 3 key, unfortunately your backup is lost. The only thing you can try is to restore from these older backups using the official WhatsApp client. It shouldn't work, but you never know.
can't I just install an older Whatsapp version and import the backup there? And export the key from there?
I exported everything from the old cell phone. Unfortunately, the key was no longer in the directory. Probably because my new cell phone was already registered.
And the keystore.xml file doesn't help me here?
I don't think those keys are related to backups.
Even a current file with the right key cannot be decrypted....
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python ./decrypt14_15.py ./key ./msgstore.db.crypt14 ./msgstore.db -v -f [V] Reading keyfile... [I] Crypt12/14 key loaded [V] Parsing database header... [V] WhatsApp version: 2.22.15.74 [V] Your phone number ends with ... [E] Server salt mismatch: b'\xb9\x......................................... [E] Google ID mismatch: b'^\xb9\x04^\xbei\xe3......................................' != b'_f\xb5......................... [I] Database header parsed [V] Decrypting... [E] I can't recognize decrypted data. Decryption not successful. The key probably does not match with the encrypted file. [I] Done
or:
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python ./decrypt14_15.py ./key ./msgstore.db.crypt14 ./msgstore.db -v -f -np [V] Reading keyfile... [I] Crypt12/14 key loaded [V] WhatsApp version: 2.22.15.74 [F] Could not create a decryption cipher
No idea, it works for me. The keys you are using do not match the keys used to encrypt the DB. I can't know for sure, but I think WhatsApp regenerates the key if you delete the account and recreate it, or if you reinstall the app without restoring a backup. Honestly I wouldn't even know what to do if you sent me the files as the program output is clear: the key format is still the same, the backup header is still the same. The only thing I can think about is, if WhatsApp decryption method really changed, other people should complain.
https://forum.xda-developers.com/t/help-thread-export-whatsapp-key-crypt14-android-11-decrypting-database.4285625/page-5#posts
...Apparently others have the same problem
Hmmmm. WhatsApp is up to something. In the device i used for testing, the key file auto-regenerated, but I grabbed the new one and everything works.
As I already said, however, I have no idea of what to do. :(
Can you send me all the keys you have and some backups? You can see my email in the profile page. I'm on vacation however so I will take a look in 2 weeks.
thank you for the offer. The key is from 15.7. he cannot decrypt the current backup. The old backups apparently still have an old key 2.....that would actually be more important than the new one. I have everything there. ... I will soon see that I try the decryption on my cell phone. However, the original cell phone is broken, so I would have to take another one, will that work? (Other IMEI) ....
This is what my batch file looks like:
python -m venv venv source venv/bin/activate .\venv\Scripts\activate.bat .\venv\Scripts\Activate.ps1 python -m pip install --upgrade pip python -m pip install -r requirements.txt python ./decrypt14_15.py ./key ./msgstore.db.crypt14 ./msgstore.db -v -f -np
OUTPUT:
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python -m venv venv source venv/bin/activate .\venv\Scripts\activate.bat .\venv\Scripts\Activate.ps1 Error: Unable to create directory 'E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main\venv\Scripts\activate.bat'
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python -m pip install --upgrade pip Requirement already satisfied: pip in c:\users\martin\appdata\local\programs\python\python310\lib\site-packages (22.2.1)
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python -m pip install -r requirements.txt Requirement already satisfied: javaobj-py3==0.4.3 in c:\users\appdata\local\programs\python\python310\lib\site-packages (from -r requirements.txt (line 1)) (0.4.3) Requirement already satisfied: pycryptodomex==3.15.0 in c:\users\appdata\local\programs\python\python310\lib\site-packages (from -r requirements.txt (line 2)) (3.15.0) Requirement already satisfied: protobuf==4.21.3 in c:\users\appdata\local\programs\python\python310\lib\site-packages (from -r requirements.txt (line 3)) (4.21.3)
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>python ./decrypt14_15.py ./key ./msgstore.db.crypt14 ./msgstore.db -v -f -np [V] Reading keyfile... [I] Crypt12/14 key loaded [V] WhatsApp version: 2.22.15.74 [F] Could not create a decryption cipher
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>cmd Microsoft Windows [Version 10.0.19044.1826] (c) Microsoft Corporation. Alle Rechte vorbehalten.
E:\Backup\Whatsapp\WhatsApp-Crypt14-Crypt15-Decrypter-main\WhatsApp-Crypt14-Crypt15-Decrypter-main>
thank you for the offer. The key is from 15.7. he cannot decrypt the current backup. The old backups apparently still have an old key 2.....that would actually be more important than the new one. I have everything there. ... I will soon see that I try the decryption on my cell phone. However, the original cell phone is broken, so I would have to take another one, will that work? (Other IMEI) ....
You should get the key of today and the backup of today and try.
I was able to restore all backups despite different keys on the Whatsapp client.
No idea then, send me the files and I will take a look, the only case in which I can do something is that the key file format changed
Closing as stale. If WhatsApp decides to change your backup key, I can't do anything about it. Please only reopen if the program can't decrypt today's backup with today's key.