Hey!
I was just quickly dropping by to check if anyone has had any luck with decrypting the Signal messenger database?
I have tried using the signal2john.py script.. But I am unfortunatly not smart enough to know what the heck I am to do next.
#Signal2john.py \org.thoughtcrime.securesms\shared_prefs\SecureSMS-Preferences.xml
SecureSMS-Preferences.xml$signal$1$4032$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Is the output I get (Thought the X's the usual hash-value-format) and that I would like to decrypt to open up the signal.db.
Any thoughts?
)
# ./signal2john.py \org.thoughtcrime.securesms\shared_prefs\SecureSMS-Preferences.xml > hash.txt
wait…?
# ./john hash.txt
Hey! )
John tells me that no passwordhashes are loaded.. So think something might be missing in my rather excelent plan of getting out the content of the database @
Hey! )
John tells me that no passwordhashes are loaded.. So think something might be missing in my rather excelent plan of getting out the content of the database @
Your hash.txt file will contain the following;
SecureSMS-Preferences.xml$signal$1$4032$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXX
The hash itself is everything following the after SecureSMS-Preferences.xml.
The file loaded by JTR should be in the following format;
$signal$1$4032$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$XXXXXXXXXXX