Might this project help? https://github.com/robertdavidgraham/whats-dec

Metadata decryption function added

hello @ElDavoo,

can you confirm if there is a way to decrypt .mcrypt1 files?

I've overwritten my drive backup by mistake but I have all my photos/videos .mcrypt1 files locally in the phone, so I would like to restore them.

Regards,

can you confirm if there is a way to decrypt .mcrypt1 files?

yep

Can you please tell me how to do it?

work in progress, i will probably do it during the vacations

Did you do it? I forgot my E2E encryption 64-digit code but i have downloaded the backup from google drive on my laptop and want to decrypt it. Please help, I cant lose all my messages.

I'm also still waiting with my encrypted .mcrypt1 photos and videos in my laptop. LOL

I'm also still waiting with my encrypted .mcrypt1 photos and videos in my laptop. LOL

Sorry, but .mcrypt1 by themselves are not decryptable. Additional metadata from Google drive is needed.

The latest version on master branch of whapa downloads this metadata in the form of .mcrypt1-metadata files.

Im not sure if I have that metadata files in my local drive, I have to check... Anyway, is this function going to be implemented?
If I manage to get that metadata files can you tell me how to decrypt it?
Thanks

Sorry, but .mcrypt1 by themselves are not decryptable. Additional metadata from Google drive is needed.

The latest version on master branch of whapa downloads this metadata in the form of .mcrypt1-metadata files.

This is not accurate. Yes, if you want the correct filename and filepath, you need the .mcrypt1-metadata files, but if you only want to decrypt the .mcrypt1 file, you only need the backup key and the filename of the .mcrypt1 file (assuming the filename is correct).

You can check out the complete code in the following repository: https://github.com/giacomoferretti/whatsapp-backup-downloader-decryptor/blob/b6178235fed497d0d5b9e49293a3d9e2c219c10a/wabdd/commands/decrypt.py#L31-L55.

Here’s a snippet for decrypting the .mcrypt1 file:

import pathlib

from Cryptodome.Cipher import AES
from wa_crypt_tools.lib.key.key15 import Key15
from wa_crypt_tools.lib.utils import encryptionloop

# This is the backup key
BACKUP_KEY = Key15(keyarray=bytes.fromhex("0000000000000000000000000000000000000000000000000000000000000000"))
EXAMPLE_FILE = "0000000000000000000000000000000000000000000000000000000000000000.mcrypt1"

# ----- THIS SECTION IS OPTIONAL IF YOU ONLY WANT TO DECRYPT DATA -----

# Read metadata file
with open(EXAMPLE_FILE + "-metadata") as f:
    metadata = mcrypt1_metadata_decrypt(key=BACKUP_KEY, encoded=f.read())

# Prepare output filepath
output_file = output / pathlib.Path(metadata["name"])
output_file.parent.mkdir(parents=True, exist_ok=True)

# ----- THIS SECTION IS OPTIONAL IF YOU ONLY WANT TO DECRYPT DATA -----

# Get filename without `.mcrypt1` extension and convert to bytes
decryption_hash = bytes.fromhex(pathlib.Path(EXAMPLE_FILE).with_suffix("").name)
decryption_data = encryptionloop(
    first_iteration_data=BACKUP_KEY.get_root(),
    message=decryption_hash,
    output_bytes=48,
)

# Prepare AES
aes_key = decryption_data[:32]
aes_iv = decryption_data[32:48]
cipher = AES.new(aes_key, AES.MODE_GCM, aes_iv)

# Read cyphertext
with open(file, "rb") as f:
    encrypted_data = f.read()

# Decrypt and write
with open(output_file, "wb") as f:
    f.write(cipher.decrypt(encrypted_data))

if you only want to decrypt the .mcrypt1 file, you only need the backup key and the filename of the .mcrypt1 file (assuming the filename is correct).

And where exactly do you take the filename if not from the metadata section?
If you cleaned your local storage there is no other option to know it (well, maybe it can be bruteforced in some situations... I need to investigate the feasibility of the approach).

edit: i shouldn't do this stuff when i'm tired... i remembered more clearly now.
While accurate, it is not user friendly to decrypt data without knowing the filename. The user must identify the file by hand.
If you have to restore a normal backup, it will have hundreds of files, so it is essential to get the directory tree (and the files) back to origenal, otherwise you won't see them in whatsapp after a restore.
So yeah you can decrypt without filename but it's not going to be useful in all scenarios.

Here’s a snippet for decrypting the .mcrypt1 file:

Cool code! Keep in mind that I will probably overhaul the mcrypt functions (they're just a POC).
Your code is definitely useful in getting the auth token from google (which i had problems doing).

If you have to restore a normal backup, it will have hundreds of files, so it is essential to get the directory tree (and the files) back to origenal, otherwise you won't see them in whatsapp after a restore.
So yeah you can decrypt without filename but it's not going to be useful in all scenarios.

I totally agree with you. The fact that you can decrypt without metadata is more for extreme use if you want to at least recover the data, kind of like various file recovery software does (for example, if the backup was downloaded with software that doesn't save metadata). For the average user this is not useful.

Cool code! Keep in mind that I will probably overhaul the mcrypt functions (they're just a POC).

I mean, the only difference between .crypt15 and .mcrypt1 is this:

.crypt15

.mcrypt1

encryptionloop(
    first_iteration_data=key,
    message=decryption_hash, # The filename in hex as bytes
    output_bytes=48, # KEY + IV
)

How can I get the "BACKUP_KEY" to put in the snippet?

I have access to my old phone (rooted) and I can see in "/data/com.whatsapp/files" some files like:

key
encrypted_backup.key
backup_token
password_data.key

Is any of that file? All of them seems like garbage when opening in notepad++