Decrypting the WhatsApp Database

INTRODUCTION

WhatsApp Messenger is an application used across various Mobile Platforms for instant messaging. It uses the internet to send and receive audios, videos, documents, location details, messages etc.

WhatsApp saves all the message of user onto a database file in crypt form, which means no one could read anyone’s private messages. WhatsApp uses crypt2, crypt5, crypt7, crypt8 to encrypt all the data so that no one could read the messages from the database file. But those very same files can be easily decrypted without a key.

Steps to Perform WhatsApp Database Extraction With Android

Step 1: To use adb, first we need to enable the USB Debugging feature under Setting -> Developer options on the device.

Decrypting the Whatsapp database 1

Decrypting the Whatsapp database 2

Step 2: From the command prompt, we can initiate the connection with the android device with ‘adb devices’  command.

Decrypting the Whatsapp database 3

Step 3: Download any WhatApp version between 2.11.4xx range and degrade your preinstalled WhatsApp by installing it using the command as shown below.

Decrypting the Whatsapp database 4

NOTE: Here you are overwriting your WhatsApp application with older one. Once installation is done you will always receive an error as it is an older version of WhatsApp. 

Step 4: Using ‘adb backup’ create a backup file named ‘whatsapp.ab’ from the WhatsApp package that is  entitled as “com.whatsapp” on the android devices.
The ‘.ab’ file extension which is shown in the below image is associated with the Google’s Android Debug Bridge (adb) command line utility which is circulated as a part of Google Android SDK that allows the developers to communicate with the android phones through cables. A ‘.ab’ file stores the backup of the device comprising of apps, system data, system settings etc.
NOTE: If any no backup is generated or any error occurs then, go to whatsapp à select ‘settings’  à select ‘chat’ à select ‘backup option as back up on local device’ à Then select ‘Backup’ and wait for the backup to get completed.

Decrypting the Whatsapp database 5

Step 5: Select ‘Back Up My Data’ option on your android device and keep password field blank.

Decrypting the Whatsapp database 6

Step 6: Now, a ‘whatsapp.ab’ file is created as shown below:

Decrypting the Whatsapp database 7

Step 7: ‘abe.jar’ is a utility used to extract and repack the android backup files  that are created with the ‘adb backup’ command. We will now extract the ‘whatsapp.ab’ file and name the extracted file as ‘whatapp.tar’ where ‘.tar’ is the archived file containing many other files.

Decrypting the Whatsapp database 8

Step 8: Once ‘whatsapp.tar’ file is created, then extract it with WinRAR (or ‘tar -x’ command in Linux).

Decrypting the Whatsapp database 9

Step 9: After extraction completes, a folder named ‘whatsapp’ is created and following are contents of that folder shown in image.

Decrypting the Whatsapp database 10

Step10:  We are only interested in ‘msgstore.db’ and ‘wa.db’ file. Use a utility called ‘Whatsapp Viewer’ and give the path of ‘msgstore.db’ and ‘wa.db’ as shown below.
Here ‘msgstore.db’ stores all the messages along with attachments and ‘wa.db’ stores all the information related to the contacts.
NOTE: IOS whatsapp database extraction commands are different than that of android. Also after doing the above process, user has to upgrade his WhatsApp from Playstore in order to use it again.

Decrypting the Whatsapp database 11

Step 11:  Below Screenshot, shows you will see all the chat messages, that were extracted from the database.

Decrypting the Whatsapp database 12

References

Author


16 comments

This is freak awesome article till the date….. Great share though! Good one young man… Keep going 🙂

Wonderful bloggers like yourself who would positively reply encouraged me to be more open and engaging in commenting.So know it’s helpful.

Wow! This is a very interesting information. That’s really a clever hack that can be used on things such as investigation. Thank you for sharing this!

Thank you . But i have problem with a database file in crypt 12 form without key . How can i do ? Could u help me?

crypt12 works sometimes.. What’s the problem ?

how to get adp command

Download the android studio or APPIE framework to get adb.

Hi,

After STEP 4, a whatsapp.ab file is created but of 41B (less than 1KB). Whereas your snapshot shows you got a big size file of 12100 KB.
Please help on this.

generally whatsapp creates backup files and those files are the one which we extract through this method. so if there is no backup files in your device, then the chats will not be extracted. That’s why you have 41kb file size.

This is really really interesting and I will certainly try it out myself, but can you explain the motivation if there is one other than entertainment? Assuming a normal Android user does not have USB debugging enabled, you would have to unlock the phone to enable USB debugging. If you can unlock the phone, you can read the messages in WhatsApp anyway. Am I missing anything?

You can connect to the device using adb via device’s recovery mode.

Highly energetic blog, I enjoyed that bit. Will there be a part 2?|

hi, i am also looking for a key to open msgstore.db.crypt12. the peoblem is i don’t have the android mobile and am having it in my laptop. now ow to open it or restore it?

let say i have crypt12 database file without the key file from other phone. Does it possible to decrypt? How to do that?

My whatsapp account is closed and my phone number no more exist.
Only i have my crypt12 db file, i downloaded it from Google drive.
is there any way to decrypt 12 database file without the key file?
if yes please share.. i have some very important information , which i need to extract ASAP

I have my own whatsapp database crypt5 & that same mobile number too. Is there any way to make that database readable without key now ? Please tell .

Leave a Reply

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.