Database Info

Mortscript's RegWrite Dword problem

Im using a Smartphone and Mortscript Version: 3.2b13.
I tried to run a mscr file with this command:
RegWriteDWord HKLM,Drivers\BuiltIn\usbfndrv,EnableUsbCharging,0
But it says Invalid Parameter Coount for "RegWriteDword"
Line:
RegWriteDWord HKLM,Drivers\BuiltIn\usbfndrv,EnableUsbCharging
what am i doing wrong?

i also cant run any script,
i tried this:
PowerOff
the error says:
Unknow command 'powero'
Line:
PowerO
it seems that it can't read the whole line.
any help please?

qtek s200 unable to start after update failure

Hello,
it was updating the ROM of my s200 and failure to load, since then it only leaves the welcome screen and it does not get to load SO never.
I have read threads of xda-developers, download romupdate, mtty and ntrw, with romupdate i connect with s200, but I cannot restore the ROM.
Also I have tried it the other way around: to overturn a new ROM in card SD and to put it in s200 so that carge of automatic form, but does not make case. Attached log of romupdate, in seems that it connect thes200 and in a while it even says to me that puts the SD card. If attempt the command usb says that this to me in usb already. somebody has been able to happen of this point? Thanks and greetings.
Sorry for my english.
-------------------------
IPL 2.09
SPL 2.20
------------------------
Cmd>info 0
GetDeviceInfo=0x00000000
Prophet
Cmd>info 1
GetDeviceInfo=0x00000001
2.20.0000
Cmd>info 2
GetDeviceInfo=0x00000002
+ SD Controller init
- SD Controller init
+StorageInit
***** user area size = 0x7AC00000 Bytes
HTCSPROQTK35 ¤RHTCE
Cmd>usb
I already connect to USB!
Cmd>l
clean up the image temp buffer at 0x8C100000 Length 0x03900000
BOOTLOAD_PAGE_TABLE_BASE_C_VIRTUAL= 0x8C080000
Clear image temp buffer done .
MTTYDownloadImageNot allow operation!
Error : DownloadImage return error (code = 0xFFFFFFFF)
Cmd>d2s 80000000 02000000
Invalid command : d2s 80000000 02000000
For a help screen, use command ? or h
Cmd>r2sd all
R2SDBackup() Pls. insert SD card !!
Cmd>r2sd all
***** user area size = 0x7AC00000 Bytes
R2SDBackup() - Download type = 5
usTotalBlock = 1 sizeof(SDCARD_SIGNATRUE_TABLE)=512
You didn't get the proper security level to download a specific image
Cmd>

GPRS Connection

I am cooking using Sjk 8 and have cooked a few roms trying to get the perfect one for release. First I would like to thank Ivan for the kitchen and the dev team who work on the new oskitchen.
my problem is I can not get a connection to the internet through GPRS. I have run the network wizard and mms is fine but for some reason I can not get the internet to work. I am on tmobile and have unlimited internet. Have editied the connections manually but have not got it working.
What am I missing?
Build is 21887 WM 6.5 Old Gui
Here is my log from the kitchen
Cleaning up
Starting a new build process. Actual Locale: 0409
Configuring kitchen to USE:
DPI: 96
ResH: 240
ResV: 320
Device name: Herald
Native 6.5 Kernel: False
Creating folders
Copying OEMs
Copying SYS
Copying EXT and scanning for all add2* files
Copying other folders needed to run...
Doing UPX on EXT directory
OK, Letting Device-specific preparations...
Deleting unneeded resolutions in Titanium
Running Platformrebuilder
----------------------------
Running Tool: Resources\Tools\platformrebuilder.exe
Working Folder: Build
Arguments:
PLATFORMREBUILDER Copyright (c) 2008-2009 bepe Feb 15 2009 22:53:49
Building for old kernel!
Build: Premium
Locale: 0409
Preparing release structure...
... done!
Collecting standard packages and initializing hives...
XIP: 3 packages
IMG: 66 packages
... done!
Processing standard packages...
MSXIPKernelLTK
MSXIPKernel
OEMXipKernel
SIM_TKit
SMIME
Bth_A2DP
DRM
MediaOS
RUNTIMES
GPSID
SMS_Providers
ppgprov
Required
ConfettiCore
BTDUN
BaseAppsFiles
MediaOSFiles
SQLCE
OSFiles
BROWSINGCORE
Metadata
MediaOS_Lang_0409
OS
Bth_A2DP_Lang_0409
BROWSING
BROWSING_Lang_0409
BaseApps
browsingie
Office
Office_Lang_0409
browsingie_Lang_0409
Shell
Base_Lang_0409
PhoneRedist
Redist
Phone
Redist_Lang_0409
Phone_Lang_0409
PhoneRedist_Lang_0409
Bluetooth
Bluetooth_Lang_0409
INTERNETSHARING
Base
Base_DPI_96
Base_DPI_96_resh_240_resv_320
Base_Lang_0409_DPI_96
Base_Lang_0409_DPI_96_resh_240_resv_320
BROWSING_DPI_96
CommonEA
MediaOS_DPI_96_resh_240_resv_320
Office_DPI_96
Office_Lang_0409_DPI_96
PhoneRedist_DPI_96
PhoneRedist_Lang_0409_DPI_96
Phone_DPI_96
Phone_DPI_96_resh_240_resv_320
Phone_Lang_0409_DPI_96
Redist_DPI_96
Redist_DPI_96_resh_240_resv_320
Redist_Lang_0409_DPI_96
Keyboard - Wing (Choose only ONE)
LangDB
OEMAPPS
OEMDrivers
OEMMISC
OEMOPERATORS
OEMVERSION
Warning: Overwriting 'mxipupdate_OEMVERSION_100.provxml'
OEM_DPI_96
OEM_Lang_0409
Warning: Overwriting 'mxipcold_zzPIED_101.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_100_PPC+ModelNameRelates_Herald.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+AKv30_UserAgent_Herald.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_AutoDetectSetting.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_BookMarkpIE.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_DisconnectGPRSPressKey.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_EnableDTMF.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_GPRS_authentication.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_HTCThemeLayout.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_NetworkIconDisplay.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC+All_SMSUnicodeEnable.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_101_PPC_SPN+ALL_TaoyuanProj.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_999_PPC+All_DisableEmailSetupWelcome.provxml'
Warning: Overwriting 'mxipupdate_zz_oemoperators_999_PPC+All_EnableNewMailAccount.provxml'
Warning: Overwriting 'mxipupdate_zz_OEMOPERATORS_999_Project+ALL_setSTKregistry.provxml'
Warning: Overwriting 'mxip_pied_100_Certificates_ACE.provxml'
Warning: Overwriting 'mxip_pied_101_Certificates_BrightPoint.provxml'
Warning: Overwriting 'mxip_pied_102_Certificates_Dangaard.provxml'
Warning: Overwriting 'mxip_pied_103_Certificates_LeafWireless.provxml'
Warning: Overwriting 'mxip_pied_104_Certificates_Novabase.provxml'
Warning: Overwriting 'mxip_pied_105_Certificates_HughSymons.provxml'
... done!
Processing extended packages...
2_7_1_9_From_Opal
4_04_27385_02_Herald
AdvancedConfig_3_3_0_0
AdvancedNetwork_1_0_10_4
Warning: Overwriting 'CSDLineType.htm'
Warning: Overwriting 'SMSService.htm'
AdvancedPowerManagement 1_5_18162126_1
Arcsoft_MMS_5_2_8_45
BluetoothSetting_2_11_1_2
BootLauncher_1_0_37394_1
ButtonSetting_3_17_0_0
CAB_No_Delete
ClearStorage_1_40_0_5
CLL 1_0_1_10
Concurrence_Mgr_1_5_19162826_00
ContactUtilityEngine_1_0_19122926_0000
DataDisconnect_2_10_0_0
DeviceInfo_1_35_0_4
DiscretixDRM_1_0_20090630_00
DRM_Middleware_1_5_19162824_00
Dshow_2_0_19162825_01
Home Screen ++ Omap Overclock
Warning: Overwriting 'Calendar.lnk'
Warning: Overwriting 'gprs.bmp'
Warning: Overwriting 'rotate.bmp'
Warning: Overwriting 'Tasks.lnk'
HTCFontLink_1_0_19132133_1
HTCMessage_1_81_281_1
HTCScroll_2_0_19171128_00
HTCUtil_1_7_0_0_OlderDevices
JbedJava_Opera_Mini_5_Beta
Failed to parse value name HKEY_LOCAL_MACHINE\SOFTWARE\Apps\Esmertec Java\Properties!!!
Failed to parse value name HKEY_LOCAL_MACHINE\SOFTWARE\Apps\Esmertec Java\Properties!!!
Keyboard Skins - BL Black
LongPressEndKey_1_2_35861_4
mHub_6_37_070320_T0
MicrophoneAGC_0_91_0_6
MyCPL_3_13_0_6
NetCF3_7_8345_00
Warning: Overwriting 'GAC_Microsoft.WindowsMobile.Configuration_v1_0_0_0_cneutral_1.dll'
Warning: Overwriting 'GAC_Microsoft.WindowsMobile.Forms_v1_0_0_0_cneutral_1.dll'
Warning: Overwriting 'GAC_Microsoft.WindowsMobile.PocketOutlook_v1_0_0_0_cneutral_1.dll'
Warning: Overwriting 'GAC_Microsoft.WindowsMobile.Status_v1_0_0_0_cneutral_1.dll'
Warning: Overwriting 'GAC_Microsoft.WindowsMobile.Telephony_v1_0_0_0_cneutral_1.dll'
Warning: Overwriting 'GAC_Microsoft.WindowsMobile.Utilities_v1_0_0_0_cneutral_1.dll'
Warning: Overwriting 'GAC_Microsoft.WindowsMobile_v1_0_0_0_cneutral_1.dll'
Network Wizard_Conection Setup
Warning: Overwriting 'option.xml'
Package Tools - dotFred Task Manager
Warning: Overwriting 'option.xml'
Warning: Overwriting 'TaskMgr.exe'
Package Tools - Glossy Black Bars
Warning: Overwriting 'option.xml'
Package Tools - psShutXP
Warning: Overwriting 'option.xml'
Package Tools - RC Mod
Warning: Overwriting 'option.xml'
PCMKeyboard_.23
Warning: Overwriting 'option.xml'
PhoneCanvas_3_00_1917_1_Optimized
PhoneSettings_6_31_0_2
Warning: Overwriting 'TimeZones.htm'
Picture_Enhancement_1_50_19171326_00
PKG_1_1_0_0
Power_2_25_0_2
Power_Service 2_23_0_2
Redial_1_3_0_0
Warning: Overwriting 'Redial.exe'
ReenableHiddenSettings
Registry_Vibe_And_Ring
Service_1_69_0_0
Set_Arcsoft_MMS_to_QVGA_mode
Warning: Overwriting 'res_240x320.txt'
ShareDLL_2_0_070711_0000
Warning: Overwriting 'HTCDrmAPI.dll'
SharedResource_1_0_19163524_00
Shared_Modules_1_01_19143331_01
Warning: Overwriting 'HTCABOUTLOGO.bmp'
Warning: Overwriting 'VerInfou2.dll'
SIPChange
SlidingSounds_1_0
SMS Chat
Warning: Overwriting '1.JPG'
Warning: Overwriting '2.JPG'
Warning: Overwriting 'option.xml'
softkey Changer
Warning: Overwriting 'option.xml'
SPB_Black_47
SYS_SecurityOff
TCPMP_81_AllCodec
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Failed to parse value name HKEY_LOCAL_MACHINE\Software\TCPMP\DLLStamp!!!
Total_Comander
Warning: Overwriting 'SetupDLL.dll'
TouchFlo_3_0_31508_9
USBtoPC_exe_1_23_0_0
VersionInfo 1_0_18182525_0
Warning: Overwriting 'HTCABOUTLOGO.bmp'
Warning: Overwriting 'VerInfou2.dll'
VoiceRecorder_1_10_18192131_6
WiFiSettings_1_2_4_3
WLANSettings_2_6_0_0
zlibce_m_1_2_3_1
zzz_feROM_version_pkg
Warning: Overwriting 'welcomehead.96.png'
... done!
Finalizing and optimizing ROM structure...
... done!
Memory Map...
SLOT 0: 0x02000000 - 0x01e30000 (END: 0x00060000, 0 MODULES)
0x02000000 - 0x01fd0000 - ROM 0
0x01f90000 - 0x01e30000 - ROM 1
SLOT 1: 0x04000000 - 0x02760000 (END: 0x02020000, 246 MODULES)
RAM IMAGE: 0x8c100000 - 0x8c39d9d0
RAM: 0x8c39e000 - 0x8c3ce000 - Used for kernel modules
0x8c3ce000 - 0x8fc00000 - 56 MB free
... done!
Donations...
If you're using one of my tools and feel a need to support development
and/or buy me a drink, please feel free to send a donation through PayPal.
Created link in the root of the kitchen.
Updating all files with add2*:
Inserting XIP
----------------------------
Running Tool: Resources\Tools\implantxip.exe
Working Folder: Build\Temp
Arguments: -xip "xip.bin" -payload "OS.nb.payload" -PP 8 -imgstart 0 -uldr -nocert
Getting IMGFS from NB
----------------------------
Running Tool: Resources\Tools\imgfsfromnb.exe
Working Folder: Build\Temp
Arguments: "os.nb.payload" "imgfs.bin"
ImgfsFromNb 2.1rc2
Sector size is 0x200 bytes
ImgFs partition starts at 0x002b0000 and ends at 0x002c0000
Dumping IMGFS at offset 0x002b0000 (size 0x00010000)
Done!
Generating IMGFS from DUMP
----------------------------
Running Tool: Resources\Tools\imgfsfromdump.exe
Working Folder: Build\Temp
Arguments: "imgfs.bin" "imgfs-new.bin"
ImgfsFromDump 2.1rc2 TURBO with Prefetching and MultiThreading Support, by Plax
Using compression type 'LZX'!
Sector size is 0x200
Total Sectors: 0x17f43
And putting IMGFS into NB
----------------------------
Running Tool: Resources\Tools\ImgfsToNb.exe
Working Folder: Build\Temp
Arguments: "imgfs-new.bin" "OS.nb.payload" "OS-new.nb.payload" -bigstoragemove
ImgfsToNb 2.1rc2
Using bigstorage mode
Sector size is 0x200 bytes
Writing imgfs to offset byte 0x2b0000, sector 0x1580
Padding ImgFs from 0x2fe8600 bytes (0x17f43 sectors)
to 0x2ff0000 bytes (0x17f80 sectors)
Not conservative mode. Changing imgfsEnd from 0x2c0000 to 0x32a0000
Partition entry before:
File System: 0x25
Start Sector: 0x00001580
Total Sectors: 0x00000080
Boot indicator: 0x00
First Head: 0x00
First Sector: 0x01
First Track: 0x2b
Last Head: 0x7f
Last Sector: 0x01
Last Track: 0x2b
Partition entry after:
File System: 0x25
Start Sector: 0x00001580
Total Sectors: 0x00017f80
Boot indicator: 0x00
First Head: 0x00
First Sector: 0x01
First Track: 0x2b
Last Head: 0x7f
Last Sector: 0x01
Last Track: 0x329
ImgFs Flash Region log blocks was 0x1, now is 0x2ff
No Storage Flash Region found!
Done!
Generating NBH
----------------------------
Running Tool: Resources\Tools\htcrt.exe
Working Folder:
Arguments: /buildrom ".\FLASH\ferom.htcrtproj" ".\FLASH\RUU_Signed_0409.nbh"
Cleaning again
DONE! Now you can flash!

You may have forgotten to cook in ADC.. follow my guide in my signature below if you need any help..

I don't show ADC available in the selections in this build 21887.

Probably have to manually add it in..

How would I do that.

Ok well Im gonna see if I can break something. I coppied it from the 28205 folders to the 21887 folders.. gonna give it a go.

Find the kitchen files in my guide, in the first post, I think its 'Link 7.'
You'll find that there is a folder named ADC in there. And you will also need the ADC_Lang_0409 folder as well.
Put the ADC folder in the Common folder in the SHARED folder.
Put the ADC_lang_0409 in the 0409 folder in the SHARED folder.
So navigate to C:\kitchens\SuperJustKitchen\Working_Folder\SYS and then choose your build number.. actually you should add it to all your builds..

Okay I tried it from my 28205 folders and ran the the build process flashed and phone booted to first splash and did not go any further. Flashing to a another build through sd right now will try using the files from your links and will report back.

Let meh know

Phone completely booted ADC ran and could not complete the config. Ran network wizard and re ran the auto config still no dice.

My suggestion would be to use the older kitchen and follow my guide.. Not sure what else you might be missing.. I figured ADC because that is what is used for gprs..

I'll give it a shot and report back

Tried your kitchen and your selections where they matched for 21887. Still no love.

Did you make the same ext selections as I did. Because I do believe that I have included everything you'll need.
One last thing you can also try is enabling the DRM and the RMGR packages. These two also have to do with cellular service..

Sure did. I did have DRM enabled but cant find the RMGR in the list. Wierd thing is I don't have a problem under WM 6.1 just the WM 6.5 old gui. I even tried a diferent radio.

I really want to find a resolution to this one as I really like this version on WM. Fast stable and easy on the Ram and storage. My builds are about 50 to 55 mb and running about 18-16 free ram. I just need to get over this hurdle.

Okay, go ahead and add the roaming manager (the RMGR) package files too just like you did last time.. in the SHARED folder make sure that you have the 0409 files and the common files setup right..

Cant find RMGR. I noticed in your walk through you are using 28223. The download I got only has 28008 and does not have the RMGR in it.

I really appreciate all your help.

You can use the RMGR from 28223. In my SYS and xip files I actually should have 28230 too. Just locate the files in the SHARED folder and copy the RMGR from the COMMON folder over to your COMMON folder.

[Q]

i buy this chines gps from ebay..its running win ce 6.0 ... i use a modified script to acces all my navcore that i instaled. the problem is i don`t know the command for exit...this script was for mio but it works on my gps but the exit button doesent work...the script look like this:
ICONXPBUTTON
x = -8
y = -16
Command = "\Storage Card\MioAutoRun\Programs\Utils\mspower.exe"
SizeNormal = 80
SizePushed = 70
ScaleAlpha = 100
IconNormal = ..\Icons\ff.ico
ScaleAlpha = 100
IconPushed = ..\Icons\ff_.ico
i change the path...still not working....i need the command to exit from a window
i want to be able to exit my script once i hit the exit button

Decrypting WhatsApp crypt12 files

I will just leave this here. :good:
Python:
Code:
#!/usr/bin/env python
""" decrypt12.py: Decrypts WhatsApp msgstore.db.crypt12 files. """
""" Requires pycrypto and pycryptodome packages. """
__author__ = 'TripCode'
__copyright__ = 'Copyright (C) 2016'
__license__ = 'GPLv3'
__status__ = 'Production'
__version__ = '1.0'
from Crypto.Cipher import AES
import os
import sys
import zlib
def keyfile(kf):
global t1, key
if os.path.isfile(kf) == False:
quit('The specified input key file does not exist.')
elif os.path.getsize(kf) != 158:
quit('The specified input key file is invalid.')
with open(kf, 'rb') as keyfile:
keyfile.seek(30)
t1 = keyfile.read(32)
keyfile.seek(126)
key = keyfile.read(32)
return True
def decrypt12(cf, of):
global t2, iv
if os.path.isfile(cf) == False:
quit('The specified input crypt12 file does not exist.')
tf = cf+'.tmp'
with open(cf, 'rb') as crypt12:
crypt12.seek(3)
t2 = crypt12.read(32)
if t1 != t2:
quit('Key file mismatch or crypt12 file is corrupt.')
crypt12.seek(51)
iv = crypt12.read(16)
crypt12.seek(67)
primer(tf, crypt12, 20)
cipher = AES.new(key, AES.MODE_GCM, iv)
sqlite = zlib.decompress(cipher.decrypt(open(tf, 'rb').read()))
with open(of, 'wb') as msgstore:
msgstore.write(sqlite)
msgstore.close()
os.remove(tf)
return True
def primer(tf, crypt12, sb):
with open(tf, 'wb') as header:
header.write(crypt12.read())
header.close()
with open(tf, 'rb+') as footer:
footer.seek(-sb, os.SEEK_END)
footer.truncate()
footer.close()
def validate(ms):
with open(ms, 'rb') as msgstore:
if msgstore.read(6).decode('ascii').lower() != 'sqlite':
os.remove(ms)
msg = 'Decryption of crypt12 file has failed.'
else:
msg = 'Decryption of crypt12 file was successful.'
msgstore.close()
quit(msg)
def main():
if len(sys.argv) > 2 and len(sys.argv) < 5:
if len(sys.argv) == 3:
outfile = 'msgstore.db'
else:
outfile = sys.argv[3]
if keyfile(sys.argv[1]) and decrypt12(sys.argv[2], outfile):
validate(outfile)
else:
print('\nWhatsApp Crypt12 Database Decrypter '+__version__+' '+__copyright__+' by '+__author__+'\n')
print('\tUsage: python '+str(sys.argv[0])+' key msgstore.db.crypt12 msgstore.db\n')
if __name__ == "__main__":
main()
Code:
Usage: python decrypt12.py key msgstore.db.crypt12 msgstore.db
Java:
Code:
package decrypt12;
/*
*
*** decrypt12.jar: Decrypts WhatsApp msgstore.db.crypt12 files. ***
*
* Author : TripCode
* Copyright : Copyright (C) 2016
* License : GPLv3
* Status : Production
* Version : 1.0
*
*/
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.RandomAccessFile;
import java.security.Security;
import java.util.zip.Inflater;
import java.util.zip.InflaterInputStream;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
// import org.spongycastle.jce.provider.BouncyCastleProvider; // Android
public class decrypt12 {
static {
Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);
// Security.insertProviderAt(new org.spongycastle.jce.provider.BouncyCastleProvider(), 1); // Android
}
public static void decrypt(String KeyFile, String C12File, String SQLFile) throws Exception {
final File tempFile = new File(System.getProperty("java.io.tmpdir") + "/"
+ (int) (System.currentTimeMillis() / 1000L) + "-msgstore.enc");
if (!new File(KeyFile).isFile())
quit("The specified input key file does not exist.");
else if (new File(KeyFile).length() != 158)
quit("The specified input key file is invalid.");
else if (!new File(C12File).isFile())
quit("The specified input crypt12 file does not exist.");
InputStream KeyIn = new FileInputStream(KeyFile);
InputStream WdbIn = new BufferedInputStream(new FileInputStream(C12File));
byte[] KeyData = new byte[158];
KeyIn.read(KeyData);
byte[] T1 = new byte[32];
System.arraycopy(KeyData, 30, T1, 0, 32);
byte[] KEY = new byte[32];
System.arraycopy(KeyData, 126, KEY, 0, 32);
KeyIn.close();
byte[] C12Data = new byte[67];
WdbIn.read(C12Data);
byte[] T2 = new byte[32];
System.arraycopy(C12Data, 3, T2, 0, 32);
byte[] IV = new byte[16];
System.arraycopy(C12Data, 51, IV, 0, 16);
if (!new String(T1, 0, T1.length, "ASCII").equals(new String(T2, 0, T2.length, "ASCII")))
quit("Key file mismatch or crypt12 file is corrupt.");
int InputLength = WdbIn.available();
RandomAccessFile raf = new RandomAccessFile(tempFile, "rw");
byte[] tempBuffer = new byte[1024];
int I;
while ((I = WdbIn.read(tempBuffer)) != -1)
raf.write(tempBuffer, 0, I);
raf.setLength(InputLength - 20);
raf.close();
WdbIn.close();
InputStream PdbSt = new BufferedInputStream(new FileInputStream(tempFile));
Cipher cipher;
Security.addProvider(new BouncyCastleProvider());
cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC"); // BouncyCastle
// cipher = Cipher.getInstance("AES/GCM/NoPadding", "SC"); // SpongyCastle (Android)
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(KEY, "AES"), new IvParameterSpec(IV));
CipherInputStream CipherStream = new CipherInputStream(PdbSt, cipher);
InflaterInputStream CryptOutput = new InflaterInputStream(CipherStream, new Inflater(false));
try {
FileOutputStream InflateBuffer = new FileOutputStream(SQLFile);
int N = 0;
byte[] CryptBuffer = new byte[8192];
while ((N = CryptOutput.read(CryptBuffer)) != -1) {
InflateBuffer.write(CryptBuffer, 0, N);
}
InflateBuffer.close();
} catch (IOException ex) {
quit("Fatal error:" + ex);
}
CipherStream.close();
tempFile.delete();
InputStream SqlDB = new FileInputStream(SQLFile);
byte[] SqlData = new byte[6];
SqlDB.read(SqlData);
byte[] MS = new byte[6];
System.arraycopy(SqlData, 0, MS, 0, 6);
SqlDB.close();
if (!new String(MS, 0, MS.length, "ASCII").toLowerCase().equals("sqlite")) {
new File(SQLFile).delete();
quit("Decryption of crypt12 file has failed.");
}
else
quit("Decryption of crypt12 file was successful.");
}
private static void quit(String Msg) {
System.out.println(Msg);
System.exit(0);
}
public static void main(String[] args) throws Exception {
String outFile;
if (args.length > 1 && args.length < 4) {
if (args.length == 3)
outFile = args[2];
else
outFile = "msgstore.db";
decrypt(args[0], args[1], outFile);
} else {
System.out.println("\nWhatsApp Crypt12 Database Decrypter 1.0 Copyright (C) 2016 by TripCode");
System.out.println("\tUsage: java -jar decrypt12.jar key msgstore.db.crypt12 msgstore.db\n");
}
}
}
Code:
Usage: java -jar decrypt12.jar key msgstore.db.crypt12 msgstore.db
GitHub Repository: WhatsApp-Crypt12-Decrypter

Just a quick question: My phone was swapped by a repair shop and the other person who got my phone didn't realize this at first. She did a factory reset, and probably installed Whatsapp with her SIM card before I got my phone back. I'm so angry right now...
I guess my key file is gone - either deleted by the factory reset or overwritten with her Whatsapp's key file. I have several backups of the Whatsapp directory and still the same Google account, IMEI and phone number. Can I restore my messages or are any attempts futile?
(I see that the code asks for a key file, so if I cannot get it/extract it somewhere, there is probably no chance anymore?)

hi, realy great tool
with that i could open the msgstore.db and see my chats
but is it possible to convert this file into a .db.crypt12 file or something like that, so i can open it with whatsapp an have my chats back?
or are there other ways, i can use this msgstore.db + wa.db to recover the chats?

Hi!
I have a crypt12 database but no key...is there anyone out there able to decrypt it?
How much will it cost to me to do this? Can anyone do it for me?
Is the code written here above working in decrypting a crypt12 database?
I don't want to root or install any spyware, just trying to decrypt the file.
anyone interested in trying?
Please write dawn here if you're interested and we'll get in contact...

ettorebonfanti said:
Hi!
I have a crypt12 database but no key...is there anyone out there able to decrypt it?
How much will it cost to me to do this? Can anyone do it for me?
Is the code written here above working in decrypting a crypt12 database?
I don't want to root or install any spyware, just trying to decrypt the file.
anyone interested in trying?
Please write dawn here if you're interested and we'll get in contact...
Click to expand...
Click to collapse
There is a program out there which claims to obtain the key file without root. If it's still working today, I don't know. Here: https://forum.xda-developers.com/showthread.php?t=2770982
If you want the key file, it's better to root your phone and get it. It's not that hard. You can even unroot your phone after catching the key.
And no, someone can't just decrypt the database, because the key is there for a reason, and this reason is security.

Excellent! Just used this to fix a Whatapp DB.
---------- Post added at 10:57 AM ---------- Previous post was at 10:50 AM ----------
This is great thanks! How do I encrypt the database again with crypt12?
I have both, the DB and the key.
TripCode said:
I will just leave this here. :good:
Python:
Code:
#!/usr/bin/env python
""" decrypt12.py: Decrypts WhatsApp msgstore.db.crypt12 files. """
""" Requires pycrypto and pycryptodome packages. """
__author__ = 'TripCode'
__copyright__ = 'Copyright (C) 2016'
__license__ = 'GPLv3'
__status__ = 'Production'
__version__ = '1.0'
from Crypto.Cipher import AES
import os
import sys
import zlib
def keyfile(kf):
global t1, key
if os.path.isfile(kf) == False:
quit('The specified input key file does not exist.')
elif os.path.getsize(kf) != 158:
quit('The specified input key file is invalid.')
with open(kf, 'rb') as keyfile:
keyfile.seek(30)
t1 = keyfile.read(32)
keyfile.seek(126)
key = keyfile.read(32)
return True
def decrypt12(cf, of):
global t2, iv
if os.path.isfile(cf) == False:
quit('The specified input crypt12 file does not exist.')
tf = cf+'.tmp'
with open(cf, 'rb') as crypt12:
crypt12.seek(3)
t2 = crypt12.read(32)
if t1 != t2:
quit('Key file mismatch or crypt12 file is corrupt.')
crypt12.seek(51)
iv = crypt12.read(16)
crypt12.seek(67)
primer(tf, crypt12, 20)
cipher = AES.new(key, AES.MODE_GCM, iv)
sqlite = zlib.decompress(cipher.decrypt(open(tf, 'rb').read()))
with open(of, 'wb') as msgstore:
msgstore.write(sqlite)
msgstore.close()
os.remove(tf)
return True
def primer(tf, crypt12, sb):
with open(tf, 'wb') as header:
header.write(crypt12.read())
header.close()
with open(tf, 'rb+') as footer:
footer.seek(-sb, os.SEEK_END)
footer.truncate()
footer.close()
def validate(ms):
with open(ms, 'rb') as msgstore:
if msgstore.read(6).decode('ascii').lower() != 'sqlite':
os.remove(ms)
msg = 'Decryption of crypt12 file has failed.'
else:
msg = 'Decryption of crypt12 file was successful.'
msgstore.close()
quit(msg)
def main():
if len(sys.argv) > 2 and len(sys.argv) < 5:
if len(sys.argv) == 3:
outfile = 'msgstore.db'
else:
outfile = sys.argv[3]
if keyfile(sys.argv[1]) and decrypt12(sys.argv[2], outfile):
validate(outfile)
else:
print('\nWhatsApp Crypt12 Database Decrypter '+__version__+' '+__copyright__+' by '+__author__+'\n')
print('\tUsage: python '+str(sys.argv[0])+' key msgstore.db.crypt12 msgstore.db\n')
if __name__ == "__main__":
main()
Code:
Usage: python decrypt12.py key msgstore.db.crypt12 msgstore.db
Java:
Code:
package decrypt12;
/*
*
*** decrypt12.jar: Decrypts WhatsApp msgstore.db.crypt12 files. ***
*
* Author : TripCode
* Copyright : Copyright (C) 2016
* License : GPLv3
* Status : Production
* Version : 1.0
*
*/
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.RandomAccessFile;
import java.security.Security;
import java.util.zip.Inflater;
import java.util.zip.InflaterInputStream;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
// import org.spongycastle.jce.provider.BouncyCastleProvider; // Android
public class decrypt12 {
static {
Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);
// Security.insertProviderAt(new org.spongycastle.jce.provider.BouncyCastleProvider(), 1); // Android
}
public static void decrypt(String KeyFile, String C12File, String SQLFile) throws Exception {
final File tempFile = new File(System.getProperty("java.io.tmpdir") + "/"
+ (int) (System.currentTimeMillis() / 1000L) + "-msgstore.enc");
if (!new File(KeyFile).isFile())
quit("The specified input key file does not exist.");
else if (new File(KeyFile).length() != 158)
quit("The specified input key file is invalid.");
else if (!new File(C12File).isFile())
quit("The specified input crypt12 file does not exist.");
InputStream KeyIn = new FileInputStream(KeyFile);
InputStream WdbIn = new BufferedInputStream(new FileInputStream(C12File));
byte[] KeyData = new byte[158];
KeyIn.read(KeyData);
byte[] T1 = new byte[32];
System.arraycopy(KeyData, 30, T1, 0, 32);
byte[] KEY = new byte[32];
System.arraycopy(KeyData, 126, KEY, 0, 32);
KeyIn.close();
byte[] C12Data = new byte[67];
WdbIn.read(C12Data);
byte[] T2 = new byte[32];
System.arraycopy(C12Data, 3, T2, 0, 32);
byte[] IV = new byte[16];
System.arraycopy(C12Data, 51, IV, 0, 16);
if (!new String(T1, 0, T1.length, "ASCII").equals(new String(T2, 0, T2.length, "ASCII")))
quit("Key file mismatch or crypt12 file is corrupt.");
int InputLength = WdbIn.available();
RandomAccessFile raf = new RandomAccessFile(tempFile, "rw");
byte[] tempBuffer = new byte[1024];
int I;
while ((I = WdbIn.read(tempBuffer)) != -1)
raf.write(tempBuffer, 0, I);
raf.setLength(InputLength - 20);
raf.close();
WdbIn.close();
InputStream PdbSt = new BufferedInputStream(new FileInputStream(tempFile));
Cipher cipher;
Security.addProvider(new BouncyCastleProvider());
cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC"); // BouncyCastle
// cipher = Cipher.getInstance("AES/GCM/NoPadding", "SC"); // SpongyCastle (Android)
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(KEY, "AES"), new IvParameterSpec(IV));
CipherInputStream CipherStream = new CipherInputStream(PdbSt, cipher);
InflaterInputStream CryptOutput = new InflaterInputStream(CipherStream, new Inflater(false));
try {
FileOutputStream InflateBuffer = new FileOutputStream(SQLFile);
int N = 0;
byte[] CryptBuffer = new byte[8192];
while ((N = CryptOutput.read(CryptBuffer)) != -1) {
InflateBuffer.write(CryptBuffer, 0, N);
}
InflateBuffer.close();
} catch (IOException ex) {
quit("Fatal error:" + ex);
}
CipherStream.close();
tempFile.delete();
InputStream SqlDB = new FileInputStream(SQLFile);
byte[] SqlData = new byte[6];
SqlDB.read(SqlData);
byte[] MS = new byte[6];
System.arraycopy(SqlData, 0, MS, 0, 6);
SqlDB.close();
if (!new String(MS, 0, MS.length, "ASCII").toLowerCase().equals("sqlite")) {
new File(SQLFile).delete();
quit("Decryption of crypt12 file has failed.");
}
else
quit("Decryption of crypt12 file was successful.");
}
private static void quit(String Msg) {
System.out.println(Msg);
System.exit(0);
}
public static void main(String[] args) throws Exception {
String outFile;
if (args.length > 1 && args.length < 4) {
if (args.length == 3)
outFile = args[2];
else
outFile = "msgstore.db";
decrypt(args[0], args[1], outFile);
} else {
System.out.println("\nWhatsApp Crypt12 Database Decrypter 1.0 Copyright (C) 2016 by TripCode");
System.out.println("\tUsage: java -jar decrypt12.jar key msgstore.db.crypt12 msgstore.db\n");
}
}
}
Code:
Usage: java -jar decrypt12.jar key msgstore.db.crypt12 msgstore.db
GitHub Repository: WhatsApp-Crypt12-Decrypter
Click to expand...
Click to collapse

error message..line 84..intended error
hi tripcode...i used the python script in python3.6...it showed an intended error..error line 84...can u please help me in this issue..or can u guid me to decrypt the file..am not having that key file..thats y..mobile lost..i retrieved the files from drive..so plz help me in this issue..

error the key file not found
hi it was fine till it shows the key file is not found...plz help me in this issues

GURUMOORTHI said:
hi it was fine till it shows the key file is not found...plz help me in this issues
Click to expand...
Click to collapse
w/o key file ...there is no way to brake the crytp12...
mmmm but i don`t know if there is any chace using brute force to brake the encrytion

Can someone share pycrypto also pycryptodome? or java for Android thanks

gbwhatsapp
Fusseldieb said:
There is a program out there which claims to obtain the key file without root. If it's still working today, I don't know. Here: https://forum.xda-developers.com/showthread.php?t=2770982
If you want the key file, it's better to root your phone and get it. It's not that hard. You can even unroot your phone after catching the key.
And no, someone can't just decrypt the database, because the key is there for a reason, and this reason is security.
Click to expand...
Click to collapse
You can try:
a tutorial from Ik Teach:
https://www.youtube.com/watch?v=4b1f2iTnoO8
link to the file gbwhatsapp:
https://idescargar.com/gbwhatsapp/descargar/
It give you de key file whithout root. It worked for me. But it is a little tricky. and you end up with this modded whatsapp.
Cheers!

hii tripcode
I am not having that key file..
i lost my mobile....i retrieved the files from drive..so plz help me to decrypt my database.

shanya_creation said:
hii tripcode
I am not having that key file..
i lost my mobile....i retrieved the files from drive..so plz help me to decrypt my database.
Click to expand...
Click to collapse
You need to re-download WhatsApp in another phone and use your old number. (Yes, you'll need to recover your phone number before recovering your chats). Once you have WhatsApp installed you can take out the Key file from /data/data/com.whatsapp/files
To do that stuff i recommend to use a old phone that can be easily rooted or one that has already rooted.
Good luck :good:

Hello,
Does anyone know if by any chance KEY file gets deleted on old phone when whatsapp is activated on a new phone and old phone whatsapp gets locked asking for conf code by SMS?
I rooted android 4.x.x
I then searched using ez file manager in root and in data/data /com.whatsapp but i do not see a KEY file.

download WhatsApp Plus8.30 it will work for you
https://goapk.org/whatsapp-plus/

Need Help!
I have whatsapp db.crypt12 file. I am novice in Mobile. Can anybody make that file readable professionally for me? I am ready to pay for this.

HI,
I have extracted the key by the procedure of "WhatsApp Key/DB Extractor 4.7 Enhanced 1.0" (https://forum.xda-developers.com/showthread.php?t=2770982&page=55), but eventually your JAVA code failed with message:
Key file mismatch or crypt12 file is corrupt.
Why is that?
Somewhere (guess at Elcomsoft Explorer) I have read, that the key can only decrypt backups taken from a previous time. This should true in my case, isnt?
1) Is the key somehow related to the phone device itself? (I have used a spare phone for this analysis, so not the original WA was regularly running on.)
Since end of August (when an Upgrade of WA has destroyed my chat history database) I have tried several attempts to restore it by downgrading WA to 2.20.64 and 2.20.89, so the key I have now is not the original of what the crypted backup was created with.
Moreover, due to a database schema error my chat history can only be loaded with WA version previous to 2.20.89 (this is why: https://medium.com/@leonardocezaryc...hatsapp-windows-phone-to-android-6b225918af55)
My experiments now led to the situation, that I not any more can register any pre-2.20.89 version by the SMS verification process, even though I dated my phone back to mid of August.
Thus I currently have no working installation with all my chat history where I could extract a crypto key from.
2) Any ideas how i can bypass Whatsapp to complain about its expired versions and register by SMS again?
3) Is it a hard-coded deadline in the binaries of the app?
4) Does the crypt key change between installations and become incompatible? I wonder, how to restore any old backup then...
Thanks!

samruthstom said:
Hello,
Does anyone know if by any chance KEY file gets deleted on old phone when whatsapp is activated on a new phone and old phone whatsapp gets locked asking for conf code by SMS?
I rooted android 4.x.x
I then searched using ez file manager in root and in data/data /com.whatsapp but i do not see a KEY file.
Click to expand...
Click to collapse
Yes - upon inactivation WA 2.20.89+ destroys the "key" file and instead creates a "backup_token" file.
It is recoverable by activating it via SMS code.
---------- Post added at 07:40 PM ---------- Previous post was at 07:26 PM ----------
heyvijay said:
I have whatsapp db.crypt12 file. I am novice in Mobile. Can anybody make that file readable professionally for me? I am ready to pay for this.
Click to expand...
Click to collapse
What kind of problem can't you solve so far?
There is a commercial solution called "Elcomsoft eXplorer for WhatsApp ".
I also would like and am about to try it out, if you are interested, we can share the costs of it.

After years of successfully using this to access MY chat data, this week it stopped working :-(
WhatsApp on my phone looks to have updated to v2.21.8.17 and is now generating local backups with a .crypt14 extension instead of .crypt12.
Unsurprisingly, this chokes on this with the error Key file mismatch or crypt12 file is corrupt.
However, armed with hexdump and a bit cunning, I've worked out how to tweak the python so that it successfully decodes .crypt14 files.
in a .crypt14 file ... [.py hacks in decrypt12 function shown below in square brackets]
... t2 is at offset 14 [so change to crypt12.seek(14) t2 = crypt12.read(32)]
... iv is at offset 66 [change to crypt12.seek(66) iv = crypt12.read(16)]
... encrypted content starts at offset 99, (I haven't yet worked out the correct amount of footer to remove, but removing 0 seems to result in a successful decryption so far) [change to crypt12.seek(99) primer(tf, crypt12, 0)]
I've also noticed that the 16 bytes at offset 62 to 77 in the key file also appear in the .cryptX file, just like the t bytes at offset 30 to 61 do.
In a .crypt12 file they are at offset 35 to 50.
In a .crypt14 file they are at offset 48 to 63.
In my code I've called these x1 and x2 and do the same equality check as happens for t1 and t2.
In addition, in the .crypt14 file, bytes at 86 to 94 look to contain the WA version number, so in my case 2.21.8.17 - presumably the version that wrote the .crypt14 file. I suspect that when the version number rolls over to more digits (e.g. 2.21.10.10) then the offset to the start of the encrypted content (currently 99 in my backup files) might well change?

adflyer said:
After years of successfully using this to access MY chat data, this week it stopped working :-(
WhatsApp on my phone looks to have updated to v2.21.8.17 and is now generating local backups with a .crypt14 extension instead of .crypt12.
Unsurprisingly, this chokes on this with the error Key file mismatch or crypt12 file is corrupt.
However, armed with hexdump and a bit cunning, I've worked out how to tweak the python so that it successfully decodes .crypt14 files.
in a .crypt14 file ... [.py hacks in decrypt12 function shown below in square brackets]
... t2 is at offset 14 [so change to crypt12.seek(14) t2 = crypt12.read(32)]
... iv is at offset 66 [change to crypt12.seek(66) iv = crypt12.read(16)]
... encrypted content starts at offset 99, (I haven't yet worked out the correct amount of footer to remove, but removing 0 seems to result in a successful decryption so far) [change to crypt12.seek(99) primer(tf, crypt12, 0)]
I've also noticed that the 16 bytes at offset 62 to 77 in the key file also appear in the .cryptX file, just like the t bytes at offset 30 to 61 do.
In a .crypt12 file they are at offset 35 to 50.
In a .crypt14 file they are at offset 48 to 63.
In my code I've called these x1 and x2 and do the same equality check as happens for t1 and t2.
In addition, in the .crypt14 file, bytes at 86 to 94 look to contain the WA version number, so in my case 2.21.8.17 - presumably the version that wrote the .crypt14 file. I suspect that when the version number rolls over to more digits (e.g. 2.21.10.10) then the offset to the start of the encrypted content (currently 99 in my backup files) might well change?
Click to expand...
Click to collapse
It's not working for me for some reason. I don't know what I am missing here. Can you provide the modified code itself?