0x01.安装sqlcipher
windows下的安装步骤忽略
自行搜索
0x02.解密数据库
通过sqlcipher打开加密数据库,解密后就可以直接通过sql语句操作数据库.
➜ sqlcipher-master ./sqlcipher z-cipher.db
sqlCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter sql statements terminated with a ";"
sqlite> PRAGMA key = 'xxxxxx';
sqlite> SELECT count(*) FROM sqlite_master;
Error: file is not a database
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> SELECT count(*) FROM sqlite_master;
3
sqlite> .tables
_USER_ android_Metadata
sqlite> SELECT count(*) FROM _USER_;
80
sqlite> ATTACH DATABASE 'z-uncipher.db' AS plaintext KEY '';
sqlite> .exit
0x03.从加密数据库导出非加密数据库
➜ sqlcipher-master ./sqlcipher z-cipher.db
sqlCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter sql statements terminated with a ";"
sqlite> PRAGMA key = 'xxxxxx';
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> ATTACH DATABASE 'z-plaintext.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('z-plaintext');
Error: near "-": Syntax error
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> ATTACH DATABASE 'plaintext.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> .exit
➜ sqlcipher-master
上面导出非加密数据库:plaintext.db
➜ sqlcipher-master ./sqlcipher z-www.db
sqlCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter sql statements terminated with a ";"
sqlite> PRAGMA key = 'xxxxxx';
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> ATTACH DATABASE 'z-www-text.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> .exit
➜ sqlcipher-master
上面导出了非加密数据库:z-www-text.db
➜ sqlcipher-master ./sqlcipher z-yyy.db
sqlCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter sql statements terminated with a ";"
sqlite> PRAGMA key = 'asfjkalsueijfasldkjfalksjfkasjdfaslkdf';
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> ATTACH DATABASE 'z-yyy-txt.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> .exit
➜ sqlcipher-master
上面导出了非加密数据库:z-yyy-text.db
通过上面的步骤生成的plaintext.db就可以直接通过sqlitebrowser打开了.
0x04. 解密微信的数据库
密码算法还是之前的算法,但是可视化工具是解密不了了.
➜ sqlcipher-master ./sqlcipher
sqlCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter sql statements terminated with a ";"
Connected to a transient in-memory database.
Use ".open FILENAME" to reopen on a persistent database.
sqlite> .open EnMicroMsg.db
sqlite> pragma key='xxxxxxx';
sqlite> pragma cipher_use_hmac=off;
sqlite> pragma ciper_page_size=1024;
sqlite> pragma kdf_iter=4000;
sqlite> attach database 'MicroMsg.db' as wc key '';
sqlite> select sqlcipher_export('wc');
sqlite> detach database wc;
sqlite> .quit
sqlcipher相关操作命令
WCDB issue
原文链接:https://www.f2er.com/ubuntu/349570.html
