ppwwyyxx / wechat-dump Goto Github PK
View Code? Open in Web Editor NEWCracking encrypted wechat message history from android
License: GNU General Public License v3.0
Cracking encrypted wechat message history from android
License: GNU General Public License v3.0
It seems to be something is in the way for parse the talker:
./dump-msg.py decrypted.db OutDir/
[18:36:32 [email protected]:wechat.parser] Your username is: wxid_xxxxxxxxxxxxxx
[18:36:32 [email protected]:wechat.parser] Found XX contacts.
[18:36:32 [email protected]:wechat.msg] Unhandled message type: xxxxxxx
[18:36:32 [email protected]:wechat.msg] Unhandled message type: xxxx
Traceback (most recent call last):
File "./dump-msg.py", line 23, in
parser = WeChatDBParser(db_file)
File "/home/myuser/Downloads/WechatBackup/wechat/parser.py", line 39, in init
self._parse()
File "/home/myuser/Downloads/WechatBackup/wechat/parser.py", line 120, in _parse
self._parse_msg()
File "/home/myuser/Downloads/WechatBackup/wechat/parser.py", line 63, in _parse_msg
values = self._parse_msg_row(row)
File "/home/myuser/Downloads/WechatBackup/wechat/parser.py", line 151, in _parse_msg_row
logger.warn("Unknown contact, probably deleted: {}".format(tk_id))
UnboundLocalError: local variable 'tk_id' referenced before assignment
Why reading the database(decrypted.db), it seems to be OK(table 'message' converts to csv output):
index,msgId,msgSvrId,type,status,isSend,isShowTimer,createTime,talker,content,imgPath,reserved,lvbuffer,transContent,transBrandWording,talkerId,bizClientMsgId,bizChatId,bizChatUserId,msgSeq,flag
0,2,3.32903169404e+18,1,3.0,0.0,,1438259445000,weixin,歡迎你再次回到WeChat。如果你在使用過程中有任何的問題或建議,記得告訴我哦。,,,{,,,22,,,,,0
...
Any clue for finding the bug?
版本 6.6.2
wechat-dump-2018-0826
转发给自己的信息,导出 html 后 全部是下面这个链接,没有转发的信息。
Dear Dev,
After struggling to setup all environment requirement, I finally managed to run this script but still stuck at the end of "./android-interactive.sh db-decrypt"
Please help to look at what else am I missing.
UBuntu 3.19.0-25-generic #26~14.04.1-Ubuntu SMP Fri Jul 24 21:16:20 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Hi,
I would like to have the support for Windows for this method? Or maybe is this working already?
Thanks
hello,
im trying to use this tool on ubuntu 14.04.2 LTS
when i run decrypt-db.sh, i got followng errors
error near line3 : files is not encrypted or is not a database
error near line4 : files is not encrypted or is not a database
error near line5 : no such database:db
i double checked imei & uin.. they are correct.
any idea how to fix this ?
Amazing job with this tool! I truly appreciate your effort, this was really nicely done. (By the way, used it on Windows 10 + Bash, worked perfectly.)
Now, about the issue. In my conversations, only the internal_emoji stickers work, all the others fail to load. The reason is that they show up as "data:image/None" in HTML, which I traced back to the imghdr library which seems to be unable to identify the type of these files.
All of these stickers do have a base64 encoding present, so everything else in your code seems to be working fine (or at least as expected). However, I don't know if the encoding is actually good. I attempted to decode as PNG/JPEG/GIF and it was all without luck. My guess is that the sticker files need further preprocessing done on them before encoding them to base64.
Unfortunately, I know nothing about the way WeChat stores its stickers, and the binary files were of little help to me, since I could not find any documentation online. From your code, it seems that you understand them and I also noticed a TODO there. So, do you know how to fix this issue? Do any stickers work for you? Is it possible that some packages work and others do not?
I am very curious to find out more. Once again, great job! These tools are amazing.
./android-interact.sh db-decrypt
should be ./android-interact.sh db_decrypt
in README.md
( -
vs _
)
Also, ./android-interact.sh imei
failed silently (console printed: Getting imei... Getting db...
). I circumvented by hardcoding IMEI into .sh :P
Anyway, this project looks like the only working solution to export Wechat chatlog for Android, thanks for your work!
I cound found the file named by [md5] in directory Resource/emoji/, but it keep warn me that "Cannot get emoji [md5] in None'. I compared the chat history by chat time and found that those which counld not be found in None were all emoji that added by user themselves, and those official emoji or most downloaded emoji's album from wechat official shop can be showed as normal. I cound not figure it out why there is certain file under the right directory but it kept saying nothing found.
(ps: I add some code and with these output below, it seems that problem occured in function query)
Different phones / users may experience different failures of decryption. Three directions can improve the decryption success rate:
echo -n mm$UIN | md5sum
is the directory name. This can be used.Please comment on this issue only if you have ideas for improvements. Please DO NOT comment in this issue about decryption failures. People who don't have your phone will not know why decryption fails on your phone.
我已经将EnMicroMsg.db文件imei和uin全获取到,能否直接在电脑上解码?不链接手机用adb
直接运行时显示如下结果:
[20:18:01 [email protected]:wechat.common.procutil] Command 'adb root' failed, return code=1
Traceback (most recent call last):
File "D:\HG\Downloads\SD\wechat-dump-master\wechat\common\procutil.py", line 21, in subproc_call
shell=True, timeout=timeout)
File "D:\Projects\Lib\Python\Python36\lib\subprocess.py", line 356, in check_output
**kwargs).stdout
File "D:\Projects\Lib\Python\Python36\lib\subprocess.py", line 438, in run
output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command 'adb root' returned non-zero exit status 1.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "decrypt-db.py", line 153, in <module>
subproc_succ("adb root")
File "D:\HG\Downloads\SD\wechat-dump-master\wechat\common\procutil.py", line 43, in subproc_succ
output, ret = subproc_call(cmd)
File "D:\HG\Downloads\SD\wechat-dump-master\wechat\common\procutil.py", line 32, in subproc_call
logger.warn(e.output.decode('utf-8'))
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xb2 in position 6: invalid start byte
By following the steps I've found some difficulties if one is not professional (like me).
Thank you really much for this awesome tool, it's amazing how much effort you've put in there and how nice the result looks!
Sincerely Malte
EDIT: Btw it's working for me with LG Optimus 4X HD Android 4.4.4 Omni Rom, I'm not able to write that in the wiki
model: google pixel
Android version: 8.1.0
wechat version: 6.6.2
你好,请问Android下能获取群聊群成员的群昵称吗?
Hello, I try ./decrypt-db.py by manual, the title is what I get ,while my env is
wechat version:6.3.13
mobile:H30-U10
OS: OS X
pysqlcipher version:2.6.4
My imei and wxuid is Ok.
for Lenovo E450 user like me, just change from right to left-side worked!
Is it possible retrieve the deleted text message and voice message? If no, will plan to develop on this?
Due to #51, I modified "dump-html.py" to remove the try block and instead accept chatid
directly from args. Not sure if this will actually work. Following this, I am getting another issue when running "dump-html.py". See below image:
WeChat version: 6.3.27
Not sure if this is due to the change I made (see #51) or some other reason.
You can also see that the contact name comes up with diamonds in the name, this is also due to my terminal not being able to render those special characters; see paragraph at the top of #51.
First,thanks for providing this perfect tool!
Second, I found a bug In line 26:
with open(os.path.join(output_dir, name + '.txt'), 'w') as f:
If someone named "jackson@first/second", it will be error.Last, can you show the members' alias-name field in the chatroom?
Example: my nickname is "Jackson", and my alias-name in the chatroom is "Jackson_IBM".Print "Jackson_IBM" to history file. The data_path is : EnMicroMsgDb.db -> chatroom -> roomdata , a blob field it is.
; ./list-chats.py decrypted.db
[parser.py:wechat.parser] Your username is: wxid_****
[parser.py:wechat.parser] Found ** contacts.
[msg.py:wechat.msg] Unhandled message type: 285212721
[msg.py:wechat.msg] Unhandled message type: 35
[msg.py:wechat.msg] Unhandled message type: 268435505
[parser.py:wechat.parser] Found ** message records.
[parser.py:wechat.parser] Found ** hd image records.
Traceback (most recent call last):
File "./list-chats.py", line 14, in <module>
parser = WeChatDBParser(db_file)
File "/pool/repos/contrib/wechat-dump/wechat/parser.py", line 39, in __init__
self._parse()
File "/pool/repos/contrib/wechat-dump/wechat/parser.py", line 122, in _parse
self._parse_emoji()
File "/pool/repos/contrib/wechat-dump/wechat/parser.py", line 107, in _parse_emoji
""" SELECT md5, catalog, name, cdnUrl FROM EmojiInfo""")
sqlite3.OperationalError: no such column: cdnUrl
Same error with dump-msg.py
and dump-html.py
.
WeChat 5.2 (Too old to be compatible with current WeChat database schema?)
I recently deleted my chat log with parents on the phone by accident. Fortunately, the log has been synced to the Mac wechat portal. I wonder whether I can use a variant of your script to backup the chat log?
If not, is there any other work on analyzing wechat Mac database? Thanks!
get_emoji_encryption_key returns None because EmojiInfo table is empty
Hi people,
I use wechat a lot for a long time and given Tencent's power, it is just not understandable why we cannot just keep all wechat history online, searchable with online interface, and easily download an archive.
It's all about data for people's lives and memories, pictures with friends and kids etc, which are so valuable. I am going to fix this, either I do it, or force Tencent's to notice me and do it themselves.
Either way, it will be a good outcome.
If you like to join forces, please give me a message at my email [email protected]
Thanks!
hello
is there a way to dump friend ext info ? like Region, Tags , Description?
As it is indicated in the title, adb shell dumpsys iphonesubinfo
is not working since Android 5.0 Lollipop, causing ./android_interact.sh imei
to fail with these devices
This page on stackoverflow pointed out the correct way of getting imei on Lollipop devices, please consider supporting this, as Lollipop devices are getting more and more around us.
My situation: I am using Ubuntu Server 17.10. Presumably due to the terminal capabilities, I am not able to view the special characters in nicknames in the output of "list-chats.py". They just come up in the terminal as a diamond followed by a space. So it's seemingly impossible for me to pass this nickname to "dump-html.py".
Issue: I don't understand why "dump-html.py" accepts only the nickname and not the username, which is also written out by "list-chats.py". Is it possible for "dump-html.py" to accept the username, e.g. "wxid_45vu0n3vt"?
If not, is it possible for "list-chats.py" to be able to write out the "nickname" using some pure ASCII via some encoding, which could then be decoded inside "dump-html.py"?
Note: Sorry I am not very familiar with Python. I am proficient with Java. Also, I know very little about UNIX character encoding behaviours.
In get_emoji_by_md5
, the id of the emoji is known. The corresponding emoji file with that id can be found in resource/emoji
. However, the file is not a regular image file and is encrypted with unknown methods.
Only the static thumbnail/cover files in resource/emoji
are unencrypted - as a result, many animated stickers will become static in the rendered HTML.
Only the first 1024B of the file is encrypted. I attempted to recover the image without knowing its first 1KB (by reading PNG format spec) and got limited success.
By comparing the original emoji file (obtained from older dumps) and encrypted file, we know that:
Note: most emojis have a "encrypturl" and "aeskey" field in database. They can be used like this:
openssl enc -d -aes-128-cbc -in ./encrypturl.download -K <aeskey> -out decrypted.file -iv <aeskey>
and they are not useful to decrypt emojis in resource/emoji
.
updated: done after one more ./android-interact.sh decrypt-db with shutting down any connection and wechat!
Decrypt and dump database to decrypted.db ...
Traceback (most recent call last):
File "./decrypt-db.py", line 54, in
c.execute("ATTACH DATABASE '" + args.db + "' AS db KEY '';")
while i can see the .dbinfo result of sqlite3, i cannot get it even i stopped the wechat application and disconnect both wifi and 4G, then run either way:
the enviroment is
note sue whether its due to other component incompability?
wechat6.5 how to decrypt ?
Device: Nexus 6
Wechat Version: 6.5.10
➜ wd git:(master) ./android-interact.sh db
Starting rooted adb server...
adbd cannot run as root in production builds
Looking for user dir name...
Found 4 user(s). User chosen: 090faed739d2a5781aecd129f786ed7a
Pulling database and avatar index file...
adb: error: remote object '/data/data/com.tencent.mm/MicroMsg/090faed739d2a5781aecd129f786ed7a/EnMicroMsg.db' does not exist
Failed to pull database by adb
➜ wd git:(master) adb ls /data/data/com.tencent.mm/MicroMsg
➜ wd git:(master)
Irrelevant question, but is it possible to retrieve wxid_**************/WeChat ID from red envelope history since it shows user avatar and nickname? Thanks
wechat-dump is brilliant. Thanks for sharing it.
Would it be possible to integrate call history (voice/video) into the message dump? When I'm in WeChat, messages and calls are displayed inline so I hope the data is available
It would be great if your program can dump wechat messages from iOS backup as well.
Reference: http://candleforlove.com/forums/topic/46146-how-to-download-wechat-logs-from-an-iphone/
are you dump wechat sns data?
Decrypt and dump database to decrypted.db ...
Traceback (most recent call last):
File "./decrypt-db.py", line 54, in
c.execute("SELECT sqlcipher_export('db');" )
pysqlcipher.dbapi2.OperationalError: database disk image is malformed
./dump-msg.py decrypted.db rawMsg
[23:20:40 [email protected]:wechat.parser] Your username is: wxid_x
[23:20:40 [email protected]:wechat.parser] Found x contacts.
[23:20:40 [email protected]:wechat.msg] Unhandled message type: x
Traceback (most recent call last):
File "./dump-msg.py", line 23, in
parser = WeChatDBParser(db_file)
File "wechat-dump-master/wechat/parser.py", line 35, in init
self._parse()
File "wechat-dump-master/wechat/parser.py", line 113, in _parse
self._parse_msg()
File "wechat-dump-master/wechat/parser.py", line 64, in _parse_msg
for k, v in self.msgs_by_talker.iteritems()}
File "wechat-dump-master/wechat/parser.py", line 64, in
for k, v in self.msgs_by_talker.iteritems()}
KeyError: u'x@chatroom'
Just FYI, x@chatroom is a deleted chatroom.
Did anybody tried to put the database file and the other files in a new phone to restore the data ?
It would probably involve crypting it back.
Hi, thanks for this awesome project at first!
I got question for the setup. I could successfully run the project in Ubuntu.
However, in mac os, when trying to pip install pysox, received below error.
pysox/sox.c:227:10: fatal error: 'sox.h' file not found
#include "sox.h"
^
1 error generated.
This seems to be a problem related to lack of libsox-dev in Mac. I searched all across google and stackoverflow, but have not figured out a way to do it.
Would you help on this? Thanks!
Here's what I've tried to decrypt my wechat database. They are all failed:
I read from other post that since WeChat 6.5.*, the encryption mechanism is changed.
Is that the reason that I failed?
And btw, some of my chat history has reached almost 60000 lines. Is it possible to export?
I can't use wechat dump for some reason. (my IMEI is randomized and i have to crack the key)
So before dumping chat history, I need to know something about the exported data, I need to make my chat history as index-able as the built-in wechat.
Is it possible? For long history, is the HTML file very long?
Hi:
when i try use this object export my wechat_history find some issues.
My Device : Moto X Style , Android 6.0.1 , Rooted . double Sim
1 The Script can't get the right Imei ,must be defind devices imei . (Because my devices have two imei)
2 And can't use "eu.chainfire.adbd" open "adb root" , could we don't use root to get EnMicroMsg.db , tech user use example code manual copy this file to sdcard or other space .
adb shell
su
cp -fR /data/data/com.tencent.mm/ /sdcard/somewhere
thanks
Hi @ppwwyyxx ,
There is no avatar.index file under /data/data/com.tencent.mm/MicroMsg/${userid}/sfs/
Do you have an idea?
WeChat version: 6.5.8
Android: 7.1.1
phone: Oneplus 3
Thanks
Is it because tencent updating ,or I use wrong method?
I can't find the document named avatar.index.
Does that matter?
Can anyone help me?Thanks!
Can someone check if this program work for wechat desktop backups? Since you can backup chats on desktop to couple files: BAK_0_MEDIA BAK_0_TEXT Backup.db, can this program decrypt those file? In this way you do not need to root your phone (suppose I know my IMEI and UID).
手机是64位的,我在虚拟机安装了32 ubuntu18,解密提示 “文件加密或不是数据库”。请问32系统影响解密吗? 谢谢!
Basically, besides all of the dependencies mentioned in the README.md, still need to install the sox package.
via
sudo apt-get install sox
on Ubuntu for example.
Otherwise it will raise Failed to decode audio file error and the voices won't be rendered in the html file.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.