i tried with Samsung Galaxy S8+
ufed 4pc dont have support for this type extraction..
root method is not forensic. because you need to go back to factory settings during root
so what can i do else?
1. Method
Go into each and every WhatsApp chat and select Send via E-Mail. Included attachments and then you can cancel the process. Now you will find a txt for each chat in the WhatsApp/.Shared folder.
So you can do a "adb pull /sdcard/WhatsApp/" and you'll get the text files.
2. Method
If you have the sim card for the WhatsApp number and it is still active, you can install WhatsApp with that number on a phone of your choice where you can get root access. If it is successful, you will find the key file on your rooted phone in "/data/com.whatsapp/files/key" and can extract it and use it to decrypt your msgstore.crypt files.
https://
Decrypt Encrypted Databases
Andriller supports decryption of encrypted WhatsApp databases
msgstore.db.crypt
msgstore.db.crypt5
msgstore.db.crypt7
msgstore.db.crypt8
msgstore.db.crypt9
msgstore.db.crypt10
msgstore.db.crypt12
Plain Crypt (msgstore.db.crypt)
The encrypted database is automatically decrypted into an SQLite3 database. Browse and select the encrypted file, Andriller will decode to a new file in the same directory.
msgstore.db.crypt ==> msgstore.db
Crypt5 (msgstore.db.crypt5)
To successfully decrypt this type of database, an email address is required, which is synchronised with the Android device. Browse and select the encrypted file, you will be prompted to enter the email address. Once successful, it will decode to a new file in the same directory.
msgstore.db.crypt5 ==> msgstore.db
Crypt7-12 (msgstore.db.crypt7-12)
To successfully decrypt this type of database, an encryption key file is required for the following location
'/data/data/com.whatsapp/files/key' <– absolute path
'apps/com.whatsapp/f/key' <– from Android backup
This file should be automatically extracted during normal Andriller extraction (root and AB), and saved in the 'db' folder of the extraction
Browse and select the encrypted file, you will be prompted to browse and select the key file next. Once successful, it will decode to a new file in the same directory.
msgstore.db.crypt7 ==> msgstore.db
Did you also try the File System APK downgrade method ?
Did you also try the File System APK downgrade method ?
yep.. it didnt work
Before the latest Version of WhatsApp came out, i used a self-made batch script with an modded apk to get the hole whatsapp decrypted database..
Since latest version this isnt possible cuz whatsapp itself checks if the latest version is installed. If not u cant run whatsapp.
Idk if there is another solution besides physical imaging the phones flashmemory.
greez
Dear are plenty of ways and tools.
http//whatcrypt.com/
etc
Did you also try the File System APK downgrade method ?
APK downgrade doesn't work in Android 7 and 8.
Jamie
Dear are plenty of ways and tools.
http//whatcrypt.com/etc
Without the key this website is useless.