encrypt password from publickey.pem - Android Q&A, Help & Troubleshooting

fistly i have zero level in programming and i need help.
I have local ebook android app.
If your rooted, u can extract pdf.
But problem is that pdf is protected by password(128 bits AES), that not possible with password recovery.
Anyway this pdf is opened with that
Ebook android app without any password.
So i extrat android app, that showing publickey.pem, .rsa...ect.
I think password is autofill when reading book with local android app using publickey.pem, .rsa..ect..
Is that any way to know password?

Hello
Can anyone help to me? Please

Related

Password-ing in Pocket PC

Hi.. want to ask a few questions regarding passwording in Pocket PC (WM2003SE) :
1. Is there any other program like Omega One 1-Pass? I used 1-pass but experienced problems like : sometimes the password screen just don't come out or comes out very late that I have to do the soft reset sometime..
2. Is there any application or anyway that I can protect an application with password to run? For example, if my friend want to run the "Strip Poker" games in my XDA, then he will be asked for password to be able to run the program..
3. I have an excel file that I put in my XDA & my PC that I often update the file in both device. But as there are some friends like to play with my XDA which I dont want them to peep on my excel file, I want to have the file protected with password. When I password the excel file in the XDA, then I synchronize, the PC asked for the password.. then after I key-in the password & synchronize, and I open again the file in my XDA, the password is gone.. it doesn't ask anymore password..
If I password the excel file in PC, both won't synchronice (unresolved). Any idea how to solve this ??
Thank youuuuu... gurus..
Hi dukun
I think u must encrypt u files...that's all... :wink:

Recovering Android Passwords

Hi all!
My GF is getting a new phone and we are having real trouble remembering her Google mail password!
We have tried all the recovery options on-line, but Google are pretty useless at recovering passwords and its driving me insane!
Now, on her old phone, it all still works, and Im just wondering if there is anyway at all as to recover or dig out the password from in the phone somewhere!
Any help would be appreciated as this is driving me insane haha
Cheers
Keith
I found this with google from another forum, password could be stored in
/data/data/com.google.android.gm/database/gmail.db
and related files to google account in
Code:
/data/system/accounts.db
/data/system/sync/accounts.xml
/data/data/com.google.android.gm/databases/gmail.db
/data/data/com.google.android.providers.calendar/databases/calendar.db
/data/data/com.google.android.providers.gmail/databases/mailstore.#######@gmail.com.db
/data/data/com.google.android.providers.talk/databases/talk.db
/data/data/com.google.android.providers.subscribedfeeds/databases/subscribedfeeds.db
Haven't tried myself cause I have no account of any type, so I dont know if passwords are plain text or hashed...
If this fails, I can share you my method anyway:
Connect both your PC and phone to the same home wifi network.
Install a POP3 server on your PC (ok this could be a pain in the @ss, I give you a hint on a easy one: Argo Mail server)
Activate and run it, then take your PCs IP (let's say it's 192.168.0.2)
Edit your Gmail account from the phone, and change the server from gmail's to 192.168.0.2, edit the ports and set it to use POP and plain authentication without encryption (default port should be 110).
Check your mail from the phone ! You just hijacked your credentials from the gmails secure server to your home mail server, that will of course give you an error because there is no account for that address. But you are then able to intercept the password because it's sent as plain text !! And should work for any email address, as long as you are able to edit the server address in the mailbox settings.
Just don't use it to bash into ur GFs email
not a clue how to get into /data/data/com.google.android.gm/database/gmail.db! haha
But i just tried you 2nd method, and i have the e-mail server setup no problem, but there isnt any options to change the Gmail address/port on the phone :s ARGH!
Keefo said:
not a clue how to get into /data/data/com.google.android.gm/database/gmail.db! haha
But i just tried you 2nd method, and i have the e-mail server setup no problem, but there isnt any options to change the Gmail address/port on the phone :s ARGH!
Click to expand...
Click to collapse
You can use adb shell to get that file, but I always use my dear QuickSSHd and get it with WinSCP on my pc. If I get any permission error, I open my Root Explorer and mount the root with r/w permission ! With that you can access any file in your phone/memory card.
As for the second, this is supposed to work only if you can change the address of the server and auth method ... if you are using an app with hardcoded server and port (and you could even hijack it that connection to your server) it will still be encrypted and you might not get the password...
Wow! Didn't realize recovering a password would be such a pain in the ass! My issue is I have been using LastPass and last night it decided to lose my Gmail info. Now I can only get to it from my DInc. I had LastPass generate a 20 digit secure password and it is too long to remember it all.
Google, being the dicks they are expect you to jump through hoops to try to get it back and will "get back to you" in 3-5 days. if you haven't tried They want the last password you remember, when you opened the account and on and on....
Reading this second method here, I am unsure exactly what to do. I am a noob at this linux based stuff and not terribly familiar with adb. I barely muddled through all it took to root my DInc and install a custom ROM.
A little more help? Maybe?
EDIT: Got QuickSSHd and WinSCP working together, but I have no idea where to look for the file to change the POP IP address to try to recover this password.
Never mind .....
Hello! I have a little bit different problem.... I have changed the password in Facebook last month and is stored in my Samsung Galaxy 5... How i can recover the password? My android app has stored the password so i can login only from this... i can't restore the password from my pc because i don't have anymore access to this email account.... is there any solution?
cloudtrax said:
Hello! I have a little bit different problem.... I have changed the password in Facebook last month and is stored in my Samsung Galaxy 5... How i can recover the password? My android app has stored the password so i can login only from this... i can't restore the password from my pc because i don't have anymore access to this email account.... is there any solution?
Click to expand...
Click to collapse
If you had added any mobile number of yours then it could help you enough or if any alternative email address.Either you got no choise to get it back.
Help me to decrypt please
in accounts.db file and accounts table I have:
1/Csd9isUuYtNpka5reHGjLshQ1nztm5YliiJlaQMjp70 2p78x01x1iRttFP70uH-tWhz as password field for com.google type
and
YUhOdmIyaHpiMjl0 as password field for com.htc.android.mail type
So can anybody help me to decrypt it?
Success!
ell3 said:
If this fails, I can share you my method anyway:
Connect both your PC and phone to the same home wifi network.
Install a POP3 server on your PC (ok this could be a pain in the @ss, I give you a hint on a easy one: Argo Mail server)
Activate and run it, then take your PCs IP (let's say it's 192.168.0.2)
Edit your Gmail account from the phone, and change the server from gmail's to 192.168.0.2, edit the ports and set it to use POP and plain authentication without encryption (default port should be 110).
Check your mail from the phone ! You just hijacked your credentials from the gmails secure server to your home mail server, that will of course give you an error because there is no account for that address. But you are then able to intercept the password because it's sent as plain text !! And should work for any email address, as long as you are able to edit the server address in the mailbox settings.
Just don't use it to bash into ur GFs email
Click to expand...
Click to collapse
Thanks ell3!! It's a really witty solution that i would never have come up with and I just used it to recover my mail password from kitkat's mail app. I used Wireshark to sniff the traffic during the authentication attempt and it worked really fine.
end_092 said:
Thanks ell3!! It's a really witty solution that i would never have come up with and I just used it to recover my mail password from kitkat's mail app. I used Wireshark to sniff the traffic during the authentication attempt and it worked really fine.
Click to expand...
Click to collapse
The method is good but you do not need to complicate yourself. Do not install mail server install wireshark and with a r73 or any wifi that can capture promiscuous you can sniff your username and password
---------- Post added at 02:47 AM ---------- Previous post was at 02:42 AM ----------
ell3 said:
You can use adb shell to get that file, but I always use my dear QuickSSHd and get it with WinSCP on my pc. If I get any permission error, I open my Root Explorer and mount the root with r/w permission ! With that you can access any file in your phone/memory card.
As for the second, this is supposed to work only if you can change the address of the server and auth method ... if you are using an app with hardcoded server and port (and you could even hijack it that connection to your server) it will still be encrypted and you might not get the password...
Click to expand...
Click to collapse
Maybe wireshark and live Kali linux ...do the job
Recover passwords of stock browser
I found an app, which can recover and edit stored browser Passwords. You can give it a try: play.google.com/store/apps/details?id=tkstudio.browserpasswordrecovery
mrhamed said:
in accounts.db file and accounts table I have:
1/Csd9isUuYtNpka5reHGjLshQ1nztm5YliiJlaQMjp70 2p78x01x1iRttFP70uH-tWhz as password field for com.google type
and
YUhOdmIyaHpiMjl0 as password field for com.htc.android.mail type
So can anybody help me to decrypt it?
Click to expand...
Click to collapse
For recovery of password from HTC Email app you unbase64 the password field, then you unbase64 the result and then you switch pair of characters like this "0123..." -> "1032..."
Following this procedure your password should be "shooshoom".
Can you please confirm this is correct?
Yes it works but I can't understand exactly how?!
I decode the "YUhOdmIyaHpiMjl0" via base64decode.net and result is: "aHNvb2hzb29t"
What is your mean about "switch pair of characters" exactly?
mrhamed said:
Yes it works but I can't understand exactly how?!
I decode the "YUhOdmIyaHpiMjl0" via base64decode.net and result is: "aHNvb2hzb29t"
What is your mean about "switch pair of characters" exactly?
Click to expand...
Click to collapse
At first you have "YUhOdmIyaHpiMjl0"
you decode base64, you get "aHNvb2hzb29t"
then you decode base64 the result, you get "hsoohsoom"
now you switch pairs of characters (first with second, third with fourth...) and you finally get "shooshoom"
CuberX said:
For recovery of password from HTC Email app you unbase64 the password field, then you unbase64 the result and then you switch pair of characters like this "0123..." -> "1032..."
Following this procedure your password should be "shooshoom".
Can you please confirm this is correct?
Click to expand...
Click to collapse
Hi!!! I have the same problem! I forget my password on mail app but is a imap account ... how i find this file? I have HTC m9 plus with android 6.0
Tks!
eduaf1 said:
Hi!!! I have the same problem! I forget my password on mail app but is a imap account ... how i find this file? I have HTC m9 plus with android 6.0
Tks!
Click to expand...
Click to collapse
if your device is rooted then navigate to "data/data/com.htc.android.mail/databases" and copy the file "mail.db". Then open given file in some program that can open sqlite database for example SQLiteStudio. Then locate the table with name "accounts" in which are the _password and _outpassword values obfuscated in a way that was described above. If your device is not rooted, then you can extract the file through ADB backup.
nice one bro
ell3 said:
I found this with google from another forum, password could be stored in
/data/data/com.google.android.gm/database/gmail.db
and related files to google account in
Code:
/data/system/accounts.db
/data/system/sync/accounts.xml
/data/data/com.google.android.gm/databases/gmail.db
/data/data/com.google.android.providers.calendar/databases/calendar.db
/data/data/com.google.android.providers.gmail/databases/mailstore.#######@gmail.com.db
/data/data/com.google.android.providers.talk/databases/talk.db
/data/data/com.google.android.providers.subscribedfeeds/databases/subscribedfeeds.db
Haven't tried myself cause I have no account of any type, so I dont know if passwords are plain text or hashed...
If this fails, I can share you my method anyway:
Connect both your PC and phone to the same home wifi network.
Install a POP3 server on your PC (ok this could be a pain in the @ss, I give you a hint on a easy one: Argo Mail server)
Activate and run it, then take your PCs IP (let's say it's 192.168.0.2)
Edit your Gmail account from the phone, and change the server from gmail's to 192.168.0.2, edit the ports and set it to use POP and plain authentication without encryption (default port should be 110).
Check your mail from the phone ! You just hijacked your credentials from the gmails secure server to your home mail server, that will of course give you an error because there is no account for that address. But you are then able to intercept the password because it's sent as plain text !! And should work for any email address, as long as you are able to edit the server address in the mailbox settings.
Just don't use it to bash into ur GFs email
Click to expand...
Click to collapse
mate in defalt email in glacsy s5 i just used imap insted of pop but gave me no security options and boom wiershark i was going to try ssl srtip or some **** u saved me the head ake thanks bro
Hello I bump this old thread I got similar Problems. I wonder if there is an app that can do this job?
Tks!!!!
CuberX said:
if your device is rooted then navigate to "data/data/com.htc.android.mail/databases" and copy the file "mail.db". Then open given file in some program that can open sqlite database for example SQLiteStudio. Then locate the table with name "accounts" in which are the _password and _outpassword values obfuscated in a way that was described above. If your device is not rooted, then you can extract the file through ADB backup.
Click to expand...
Click to collapse
Thats works!!!!! Thanks so much!!!!!
Can anyone help me, I lost my yahoo mail password, i cant recovery because is a old account and the number that they have on file is from another country , im been looking for help everyone, i have the email on my android phone but i dont receive mail for some reason, i try to reade the database of the samsung.mail but all i see is the email that im trying to recovery and at the password field i see a code encryted i think . 4fLOS0UXlNkBh1Uc8kDW6g== ..
how do i decrypt that no idea someone help i really need this email back

[Q] Mint App/Account (Android) Recovery Help

Not really related to TP, sorry, but I really need the help.
I signed up with Mint.com via the app, I must've put in the wrong email address while signing up, Mint.com does not see my email address (says is does not exist).
Now my device is rooted, is there a way I can open the mint data via the text/db viewer and get the email address that I signed up with? Anyone know where the Mint data is stored?
Thanks.

[Q] How To View password protected .ppt on Android as Read Only as on PC?

I have something to ask to you.
"You know we can easily read password protected .ppt files on our computers by clicking onto READ ONLY..This allows us to check these files even if we don't know the password.
On Android,some softwares such as Office Suite Pro etc. Can open password protected files but they demand password for it.
Is there any possibility or way that I can view these password protected .ppt on my android without entering password as Read Only as I do on my computer."
Plz plz do reply,I am very much in need of this help.
Thanx.
Regards,
Farhan
kingsoft office
The only app that opens as read only is kingsoft. You will need a powerful device though. Because it requires a lot of memory space. Good luck. Tell us if you have found any other software

Opening Zinio PDFs

I was digging around in Zinio app folder on my tablet and it appears that each page of a magazine is stored as a PDF. When I try to open it, it says it's password protected. Has anyone taken a look at this? Is the password floating around or is there a way to open the file without the password?
Thanks!
fruv said:
I was digging around in Zinio app folder on my tablet and it appears that each page of a magazine is stored as a PDF. When I try to open it, it says it's password protected. Has anyone taken a look at this? Is the password floating around or is there a way to open the file without the password?
Thanks!
Click to expand...
Click to collapse
Hey it seems peeps here either can't or won't answer this question.
I have the same problem ... Common everyone, please assist us. Any answer is cool, but preferably a solution.
Thank you
Zinio PDF files
Hello there. Look into the same folder where those PDFs are downloaded. There you will find the same exact files but in JPEG format and they will open freely with any image viewer
Sorry but they are just thumbnails - not large enough to read...
It seems that each magazine's PDFs are encrypted using a different password, although the PDFs for the same magazine all use the same password. Two such passwords I recovered are ca2f3a202e73a5588510be105454d8f3 and f51daacd3e62829f0088f387bf5b311d. What I basically did was make a dump of the Zinio process's memory using gdb, run "strings" on it, then feed it into John the Ripper (jumbo) to crack the password. Unfortunately, I'm not sure how this password is generated - it must be stored/accessible somewhere locally, as you can read magazines you've already downloaded without an internet connection. However, the string only appeared once in memory, and it did not appear in plaintext in any of the other stored files, leading me to believe it is probably generated by the app at runtime somehow. MD5 of something maybe?
My device is running jailbroken iOS, so you all will have to figure out how to dump the process's memory for yourselves, but after I tarred and scp'd everything off my device:
Code:
pdf2john page0.pdf > crackme
strings memdumps.tar | tr -d ' ' | john --stdin crackme
then you can mass-decrypt and merge all the PDFs with something like this (replace 200 with the last-numbered file in the directory, I do this because simply doing *.pdf would merge the pages in the wrong order.):
Code:
mkdir decrypted
for i in *.pdf; do qpdf --decrypt --password=de4dbeeflongpasswordhere "$i" decrypted/"$i"; done
cd decrypted
pdfunite page{0..200}.pdf allpages.pdf
Hi, I have jailbroken IOS also but IOS 14.8. Is dumping the application heap what is needed to get the app's memory? I would be looking for ideas how to do this as I can't find gdb for 14.8?
thank you

Categories

Resources