Usage in WhatsappKeyDatabaseExtractor

[ghost]

I want to ask whether an Android port is possible.

Background and the reason for this is, I would like to transfer my WhatsApp Chats to Signal via this project: https://community.signalusers.org/t/signal-fork-with-whatsapp-migration/21004

For it to work, one needs to get an unencrypted copy of their Chats (msgstore.db). This is possible via this tool:
https://github.com/YuvrajRaghuvanshiS/WhatsApp-Key-Database-Extractor

This project is using your wonderful tool. Unfortunatly, it was currently not possible to port this to Android.
See this issue: YuvrajRaghuvanshiS/WhatsApp-Key-Database-Extractor#14

[nelenkov]

Not exactly sure what you are trying to do, but adb backup just call the bu command on the device. If you can execute commands on the device, should be able to call directly. bu is just a script:

#!/system/bin/sh
# Script to start "bu" on the device
#
base=/system
export CLASSPATH=$base/framework/bu.jar
exec app_process $base/bin com.android.commands.bu.Backup "$@"

Also, WhatsApp backs up to Google Drive, might be easier to just fetch your data from there.

[ghost]

Sounds promising.
"adb backup" is neccesary to extract the whatsapp-database-encryption-key from WhatsApp, after a legacy WhatsApp version is installed.
Planning on using https://github.com/tytydraco/ladb for the commands.
Thanks for answering so fast!

[ghost]

However, I also then need to get the key out of the backup, what currently your tool (ok to be fair an abbrevation of your tool https://sourceforge.net/projects/adbextractor/) is used for

[nelenkov]

Once you have the file, you should be able to extract it easily, it just a tar file with a header. If it's encrypted, you might need this tool, but running from Android should be trivial. It's just Java code. Check the README for details.

[YuvrajRaghuvanshiS]

Hey @nelenkov , I have tried that but got an exception.
YuvrajRaghuvanshiS/WhatsApp-Key-Database-Extractor#3 Here.

[nelenkov]

Again, what is the point of this? If you want to do this from an app, you can use the code in your Android app quite easily. If you are running in a terminal, might as well run in it on the PC. Not sure what's running in Tremux, but either the password is wrong, or the Java libraries you use somehow handle password derivation differently and you get the wrong key.

[YuvrajRaghuvanshiS]

Point was to make this process PC independent. Could not implement that inside of app because that is WhatsApp and I do not own their keystores. I believe Java libraries causing this as they are one of different variables in Termux. However it is just an idea. I have labelled that as "wontfix"

[ghost]

Main goal is to get an unencrypted copy of your msgstore.db (your WhatsApp chat history).
This can currently be done with Yuvrajs tool via PC, but I'd like to port this into an android app for convinience.

[nelenkov]

The tricky part is kick starting the backup from an app. That generally won't work, because you need the shell permission (see below) to connect to backup daemon. You could do this if device is rooted, but then you could just copy the WhatsApp backup file directly.

uid=2000(shell) gid=2000(shell) groups=2000(shell),1004(input),1007(log),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats),3009(readproc),3011(uhid) context=u:r:shell:s0

If you really want this to be an app, easiest would be to use Google Drive API and download the WhatsApp file from Google Drive. This script likely doesn't work as is anymore, but should give you an idea where to look for the backup.

https://github.com/nelenkov/gdrive-appdata

HTH

[ghost]

Doesn't this project work with shell permissions? Because it uses adb

G-Drive unfortunatly wont work, because the unlock key is afaik not uploaded.

[nelenkov]

LADB is a clever trick, but it still just connects to ABD over the wireless interface. Not sure why they don't provide the JNI code.

You are right about the key not being uploaded, but restore on new device works, so it is possible to derive it somehow without dumping all internal data.

[ghost]

AFAIK the key is associated with ones WhatsApp account /number.
So they download the encrypted database from G-Drive, then decrypt it with the key, unfortunatly al of this happens within root.

[nelenkov]

Details here, but yes, you'd have to authenticate to get the key.

https://security.stackexchange.com/questions/136072/how-can-whatsapp-restore-local-or-google-drive-backups

[ghost]

But to get to the original question:
Provided it is possible to start "adb backup" via LADB, and it saves a WhatsApp backup to someplace on the phone (lets say /storage/emulated/0/Downloads/). Would it be possible to then run your code on the same device, picking up the generated file and extracting a certain file?

[nelenkov]

You might have to link a tar library (or parse the tar header) to extract, but yes, there is nothing special, it's standard Java. You won't need the bouncy castle library, as it's bundled with Android.

[ghost]

Hey @nelenkov , is there a runnable .jar file for the latest release?
If not, could you please porvide one?

[ghost]

Also, the Gradlew way doesn't work for me:

Trying on Windows 10, 20H2, with Oracle JDK Java SE 15.0.2

[nelenkov]

Releases page has a relatively recent build. You should be able to build with Java 11, not sure why 15 doesn't work.

[ghost]

Could you provide a current build please?
I am an absolute noob concerning Java 😅

[nelenkov]

I've fixed the Travis CI build and there is now an abe.jar binary uploaded with each release/tag.

[ghost]

I've fixed the Travis CI build and there is now an abe.jar binary uploaded with each release/tag.

Thanks a lot! Could you try to compile it with JDK15 (and release it)? Would just be interested to know if it's working for you.

[nelenkov]

I don't have JDK15, but building with 1.8 and 11 work fine.
Latest release should be class-compatible with Java 1.8 though, should work for the WhatsApp project.

[ghost]

I don't have JDK15, but building with 1.8 and 11 work fine.
Latest release should be class-compatible with Java 1.8 though, should work for the WhatsApp project.

@YuvrajRaghuvanshiS did you try that?

[YuvrajRaghuvanshiS]

Thank you @nelenkov , testing it

[YuvrajRaghuvanshiS]

@nelenkov you are a legend for sure.

$ cd /sdcard/WA_TEST/

$ ls
abe_20210224105130-e30cc24.jar  nopass.ab  qqqq.ab

$ java -jar abe_20210224105130-e30cc24.jar unpack nopass.ab nopass.tar
0% 1% 2% 3% 4% 5% 6% 7% 8% 9% 10% 11% 12% 13% 14% 15% 16% 17% 18% 19% 20% 21% 22% 23% 24% 25% 26% 27% 28% 29% 30% 31% 32% 33% 34% 35% 36% 37% 38% 39% 40% 41% 42% 43% 44% 45% 46% 47% 48% 49% 50% 51% 52% 53% 54% 55% 56% 57% 58% 59% 60% 61% 62% 63% 64% 65% 66% 67% 68% 69% 70% 71% 72% 73% 74% 75% 76% 77% 78% 79% 80% 81% 82% 83% 84% 85% 86% 87% 88% 89% 90% 91% 92% 93% 94% 95% 96% 97% 98% 99% 100%
375570944 bytes written to nopass.tar.

$ java -jar abe_20210224105130-e30cc24.jar unpack qqqq.ab qqqq.tar qqqq
WARNING: Maximum allowed key-length seems smaller than needed. Please check that unlimited strength cryptography is available, see README.md for details
Exception in thread "main" java.lang.RuntimeException: java.security.InvalidKeyException: Illegal key size
        at org.nick.abe.AndroidBackup.extractAsTar(AndroidBackup.java:233)
        at org.nick.abe.Main.main(Main.java:40)
Caused by: java.security.InvalidKeyException: Illegal key size
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
        at javax.crypto.Cipher.implInit(Cipher.java:805)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1396)
        at javax.crypto.Cipher.init(Cipher.java:1327)
        at org.nick.abe.AndroidBackup.extractAsTar(AndroidBackup.java:128)
        ... 1 more

Error with password can be solved with file java.security in $PREFIX/share/jdk8/jre/lib/security, line 823 crypto.policy=unlimited I believe but this did work on termux. Can't thank you enough.

[nelenkov]

For Java 8 you will need the unlimited policy jar files too: https://www.oracle.com/java/technologies/javase-jce8-downloads.html

[YuvrajRaghuvanshiS]

When I was working on termux I tried downloading those but couldn't some site issues were there. Are these totally necessary or just with "backups with password"?

[nelenkov]

Those are necessary to be able to use AES-256 keys which Android uses to encrypt backups. If the backup is not encrypted, should work without the policy files too.

[ghost]

The backups are encrypted tho

[YuvrajRaghuvanshiS]

Not necessarily, android encrypts /data partition with android PIN but I think if password is not provided while creating backup they are not encrypted, how else would it work on nopass.ab if that was encrypted?

[ghost]

I think I remember that I've read somewhere that this is actually what happens...

[nelenkov]

Look at the header of the file to find out if encrypted (it's just text).

[YuvrajRaghuvanshiS]

Not unless I provide password while creating backup. Can't say about modified ROMs tho.