close
    search Buscar

    Decrypt WhatsApp messages and databases

    Who I am
    Alejandra Rangel
    @alejandrarangel

    Item Feedback:

    content warning

    WhatsApp is one of the most used instant messaging apps in the world, with numbers that have continued to rise since its launch in 2009. From 5 April 2016 all the messages that pass on the application note are encrypted and therefore much more difficult to intercept. Together with the messages they were encrypted (so encrypted with a security key) also backup of messages that previously could be consulted in plain text and opened with a normal text editor.



    This is why you ask us more and more what files are crypt12, how new backups are opened and if WhatsApp is safe. In this post we will try to answer your questions and clarify how you can decrypt messages exchanged on WhatsApp, so as to know to what extent your privacy is protected.

    WhatsApp is an app with many options, if you want to use it to the fullest and learn all the secrets, don't miss all our guides!

    Is it true that not even WhatsApp Inc. can read my messages?

    The answer is no, the algorithm used it has no known vulnerabilities to date, but the implementation that made it WhatsApp according to some observers is was deliberately imperfect. In April 2016 Tobias Boelter of the University of California discovered a flaw that allows WhatsApp Inc to request the client on your phone a new encryption key without your knowledge.

    Facebook which now owns WhatsApp was notified of the vulnerability, and claimed that it is a deliberate behavior. In fact, therefore, even if not all security experts agree, it seems that this vulnerability is a backdoor: it is clear that the company has retained the possibility of access messages exchanged by users without their knowledge.



    It is interesting to note that Facebook has correctly implemented the same algorithm on this time Signal, in this case without vulnerabilities. So if you want your messages to remain safe and not legible by third parties between you and the recipient, it is advisable to turn to other solutions.

    What is crypt12 and why do WhatsApp databases have this format?

    Il crypt12 is the new encryption method put up by WhatsApp to secure i databases that you save on your phone from the eyes of the bad guys. Crypt12 appears to be the direct evolution of Crypt9, which was itself based on Spongy Castle (one of the most widely used open source cryptographic libraries for Android).

    In fact it uses AES with a 256-bit key, this translated means that to decrypt a database encoded in this way you need the key.

    I have a database in crypt12 format that I would like to decode what can I do?

    We assume that if you only have database files (therefore the backup ones) and neither the key file nor the phone at hand then you can give up. There are no viable ways that allow you to retrieve the key.

    If, on the other hand, you have the Android phone on which those backups were created, recovering the key is not difficult and messages can be decoded.

    The key is in the file whatsapp.cryptkey which is located at this path /data/data/com.whatsapp/files/key and if your smartphone has the root installed then extracting the key is very simple. Often apps that decrypt backups automatically know how to search for this file.


    If you don't have root privileges, the situation is a little more complex, but we found a fairly quick way to get the key out again.


    How to decrypt messages with root?

    There are two handy apps that allow you to decrypt WhatsApp backup messages if you are rooted:

    • Whatcrypt is one of the most famous free solutions, it is present in double version Android app and web service, for privacy reasons it is recommended to use the first. Whatcrypt if you have the root allows you to convert the crypt12 databases into normal .db files, also if you have the root allows you to extract with a tap the file with the decryption key. It is really simple to use. Once started you will find a very simple menu, just a tap on Decrypt WhatsApp database to enter the appropriate menu and, at this point, a further tap on Decrypt database is usually enough. If the app does not find the databases you will have to fix the path provided under the Encrypted Database Path entry. If the app does not find the Key file it is because you don't have root privileges.

    • Backup Text for Whatsapp it is an excellent solution and allows, as long as you have the root, to make a clear backup in the format you prefer (txt, csv, xlsx, html) of your conversations. With the latest updates it supports perfectly i file crypt 12. It is also fully translated into our language, easy to use and very complete, it also allows you to backup individual conversations (via the Filter by conversation option), or to save only messages with a certain date. The app is really simple to use, but as mentioned it won't work if you don't have root. Backup Text for Whatsapp is available for free on the Play Store at this address with advertising.


    What if I don't have root?

    There is an interesting way that runs on XDA. The experiment was done using an old version of WhatsApp that inserted the Key into the backups of conversations, and therefore allowed it to be extracted much more easily. Hence a tool that will do everything for you: backup your current WhatsApp before replacing it with the old version and extracting the files. Once the extraction has been completed, it will report things exactly as before, including messages.


    To use this handy tool you need:

    • Di un Pc con Windows Vista, Windows 7, Windows 8, Windows 10, MacOS o Linux.
    • Java installed on your PC (you can download it from here)
    • The installed ADB drivers (we have already talked about it in a previous in-depth study)
    • You need to enable USB debugging on your phone (it's easy just follow the guide)
    • An Android device running on a later version of Ice Cream Sandwich (Android 4.0)

    At this point you can proceed, on your PC download this file which is a compressed archive that contains the WhatsApp Key / DB Extractor tool and decompress it in a known folder:

    • Go to the folder where you extracted the archive and click on WhatsAppKeyDBExtract.bat (if you are on Windows) or on WhatsAppKeyDBExtract.sh (if you are on MacOS / Linux). In both cases, a terminal window with the application will open.

    • Connect your Android device to the PC via a USB cable, unlock your smartphone and wait for the following screen to appear:

    • Then do not enter any passwords and tap on Back up my data.
    • In the terminal window on your PC, it will ask you for the set password, if you have not entered any as I have recommended, press Enter on the keyboard to continue.
    • At this point you will find the precious file whatsapp.cryptkey inside the extracted folder, inside the folder of the tool you have launched.

    At this point, since you are connected via cable, I recommend that you pass the Key file on your phone in a known folder, I put it inside the WhatsApp folder. So you can easily indicate to the two excellent apps recommended above the path where to find the Key file (for Backup Text for Whatsapp just go to Settings) and they they will work exactly as if you had root, then they will be able to perfectly decrypt the backups of your conversations.

    Our guide on how to decrypt WhatsApp conversations has come to an end we hope it has answered your doubts and questions. Please let us know if you have any difficulties or further questions with a comment.



    Audio Video Decrypt WhatsApp messages and databases
    add a comment from Decrypt WhatsApp messages and databases
    Comment sent successfully! We will review it in the next few hours.