Join Us!

Signal database dec...
 
Notifications
Clear all

Signal database decryption  

  RSS
LeGioN
(@legion)
Junior Member

Hey!

I was just quickly dropping by to check if anyone has had any luck with decrypting the Signal messenger database?

I have tried using the signal2john.py script.. But I am unfortunatly not smart enough to know what the heck I am to do next.

#Signal2john.py \org.thoughtcrime.securesms\shared_prefs\SecureSMS-Preferences.xml
SecureSMS-Preferences.xml$signal$1$4032$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Is the output I get (Thought the X's the usual hash-value-format) and that I would like to decrypt to open up the signal.db.

Any thoughts?

)

Quote
Posted : 07/11/2018 11:31 am
AmNe5iA
(@amne5ia)
Active Member

# ./signal2john.py \org.thoughtcrime.securesms\shared_prefs\SecureSMS-Preferences.xml > hash.txt
# ./john hash.txt
wait…?

ReplyQuote
Posted : 07/11/2018 2:53 pm
LeGioN
(@legion)
Junior Member

Hey! )

John tells me that no passwordhashes are loaded.. So think something might be missing in my rather excelent plan of getting out the content of the database @

ReplyQuote
Posted : 08/11/2018 7:14 am
deeFIR
(@deefir)
Junior Member

Hey! )

John tells me that no passwordhashes are loaded.. So think something might be missing in my rather excelent plan of getting out the content of the database @

Your hash.txt file will contain the following;

SecureSMS-Preferences.xml$signal$1$4032$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXX

The hash itself is everything following the after SecureSMS-Preferences.xml.

The file loaded by JTR should be in the following format;

$signal$1$4032$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXX

ReplyQuote
Posted : 15/07/2019 5:44 am
Share: