标签: crypt12

WhatsApp将所有消息存储在sqlite文件中，该文件首先经过zlib压缩，然后经过AES加密。

解密/解压缩可以很容易地完成，例如：

def decrypt(db_file, key_file):
    """ Function decrypt Crypt12 Database """
    try:
        with open(key_file, "rb") as fh:
            key_data = fh.read()

        key = key_data[126:]
        with open(db_file, "rb") as fh:
            db_data = fh.read()

        iv = db_data[51:67]
        aes = AES.new(key, mode=AES.MODE_GCM, nonce=iv)
        with open("msgstore.db", "wb") as fh:
            fh.write(zlib.decompress(aes.decrypt(db_data[67:-20])))

        print db_file + " decrypted, msgstore.db created."
    except Exception as e:
print "An error has ocurred decrypting the Database:", e

但是，如果要撤消该过程，则必须生成页眉，页脚和IV。起初我以为您可以从另一个已经存在的crypt12文件中复制它们，如下所示：

def encrypt(db_file, key_file, db_cript):
    """ Function encrypt msgstore Database """
    try:
        with open(key_file, "rb") …