GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → RealityNet → Kobackupdec

RealityNet / Kobackupdec

Licence: mit
Huawei backup decryptor

Programming Languages

python
139335 projects - #7 most used programming language
python3
1442 projects

Labels

androiddecryptiondigital-forensics

Projects that are alternatives of or similar to Kobackupdec

Enigma
Enigma cipher tool
Stars: ✭ 13 (-86.17%)
Mutual labels:  decryption
Horizoncrypt
Animal Crossing: New Horizons Save Encryptor/Decryptor
Stars: ✭ 36 (-61.7%)
Mutual labels:  decryption
Tcpflow
TCP/IP packet demultiplexer. Download from:
Stars: ✭ 1,231 (+1209.57%)
Mutual labels:  digital-forensics
Hat.sh
encrypt and decrypt files in your browser. Fast, Secure client-side File Encryption and Decryption using the web crypto api
Stars: ✭ 886 (+842.55%)
Mutual labels:  decryption
Beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+938.3%)
Mutual labels:  digital-forensics
Helm Secrets
DEPRECATED A helm plugin that help manage secrets with Git workflow and store them anywhere
Stars: ✭ 1,129 (+1101.06%)
Mutual labels:  decryption
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+9597.87%)
Mutual labels:  decryption
Encryptor4j
Strong encryption for Java simplified
Stars: ✭ 92 (-2.13%)
Mutual labels:  decryption
Iocane
An odorless, tasteless NodeJS crypto library that dissolves instantly in liquid
Stars: ✭ 35 (-62.77%)
Mutual labels:  decryption
Simon speck ciphers
Implementations of the Simon and Speck Block Ciphers
Stars: ✭ 74 (-21.28%)
Mutual labels:  decryption
Artifacts
📇 Digital Forensics Artifact Repository (forensicanalysis edition)
Stars: ✭ 21 (-77.66%)
Mutual labels:  digital-forensics
Forensic Tools
CIRCL system forensic tools or a jumble of tools to support forensic
Stars: ✭ 27 (-71.28%)
Mutual labels:  digital-forensics
Android Rsa
big file and string RSA encryption by android
Stars: ✭ 66 (-29.79%)
Mutual labels:  decryption
Java Crypto Utils
Java Cryptographic, Encoding and Hash Utilities
Stars: ✭ 15 (-84.04%)
Mutual labels:  decryption
Cryptr
A simple shell utility for encrypting and decrypting files using OpenSSL.
Stars: ✭ 81 (-13.83%)
Mutual labels:  decryption
Lyra
A lightweight encryption tool designed for ease of use.
Stars: ✭ 22 (-76.6%)
Mutual labels:  decryption
Simple Polymorphic Engine Spe32
Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.
Stars: ✭ 59 (-37.23%)
Mutual labels:  decryption
Sharedchamber
Android Secure SharedPreferences Using Facebook Conceal Encryption
Stars: ✭ 96 (+2.13%)
Mutual labels:  decryption
Hybrid Crypto Js
RSA+AES hybrid encryption implementation for JavaScript. Works with Node.js, React Native and modern browsers.
Stars: ✭ 87 (-7.45%)
Mutual labels:  decryption
Lazysodium Android
An Android implementation of the Libsodium cryptography library. For the lazy dev.
Stars: ✭ 69 (-26.6%)
Mutual labels:  decryption
View All Similar Projects ➔

kobackupdec

Huawei backup decryptor

This script is introduced by the blog post at https://blog.digital-forensics.it/2019/07/huawei-backup-decryptor.html.

The kobackupdec is a Python3 script aimed to decrypt Huawei HiSuite or KoBackup (the Android app) backups. When decrypting and uncompressing the archives, it will re-organize the output folders structure trying to mimic the typical Android one. The script will work both on Windows and Linux hosts, provided the PyCryptoDome dependency. Starting from 20100107 the script was rewritten to handle v9 and v10 kobackup backups structures.

EOL

On 1.1.2021 the script will get its end of life status. It was needed two years ago to overcome issues for some Huawei devices' forensics acquisitions. Now commercial forensics solutions include the very same capabilities, and much more: there are no more reasons to maintain it. We've got messages from guys using this script to manage theirs backups: we do not recommend it, and we did not write it for this reason. Anyhow we're happy some of you did find it useful, and we thank you for the feedback. We shared it to the community, trying to give back something: if someone has any interest in maintaining it, please let us know so we can include a link to the project.

Usage

The script assumes that backups are encrypted with a user-provided password. Actually it does not support the HiSuite self generated password, when the user does not provide its own.

usage: kobackupdec.py [-h] [-v] password backup_path dest_path

Huawei KoBackup decryptor version 20200611

positional arguments:
  password       user password for the backup
  backup_path    backup folder
  dest_path      decrypted backup folder

optional arguments:
  -h, --help       show this help message and exit
  -e, --expandtar  expand tar files
  -w, --writable   do not set RO pemission on decrypted data
  -v, --verbose    verbose level, -v to -vvv
  • password, is the user provided password.
  • backup_path, is the folder containing the Huawei backup, relative or absolute paths can be used.
  • dest_path, is the folder to be created in the specified path, absolute or relative. It will complain if the provided folder already exists.
  • [-v] (from -v to -vvv) verbosity level, written on stderr. It's suggested to use -vvv with a redirect to get a log of the process.

Example

Z:\> py -3 kobackupdec.py -vvv 123456 "Z:\HUAWEI P30 Pro_2019-06-28 22.56.31" Z:\HiSuiteBackup
INFO:root:getting files and folder from Z:\HUAWEI P30 Pro_2019-06-28 22.56.31
INFO:root:parsing XML files...
INFO:root:parsing xml audio.xml
DEBUG:root:parsing xml file audio.xml
INFO:root:parsing xml document.xml
DEBUG:root:parsing xml file document.xml
INFO:root:parsing xml info.xml
DEBUG:root:ignoring entry HeaderInfo
DEBUG:root:ignoring entry BackupFilePhoneInfo
DEBUG:root:ignoring entry BackupFileVersionInfo
INFO:root:parsing xml picture.xml
DEBUG:root:parsing xml file picture.xml
INFO:root:parsing xml soundrecorder.xml
DEBUG:root:parsing xml file soundrecorder.xml
INFO:root:parsing xml video.xml
DEBUG:root:parsing xml file video.xml
DEBUG:root:crypto_init: using version 3.
DEBUG:root:SHA256(BKEY)[16] = b'8d969eef6ecad3c29a3a629280e686cf'
...

The output folder structure will be similar to the following one: data/data applications will be exploded in their proper paths, and the APKs will be restored too (not icons, actually). Note that the db folder will contain the special databases as created by the Huawei backups.

HiSuiteBackup
|-- data
|   |-- app
|   |   |-- de.sec.mobile.apk-1
|   |   | [...]
|   |   `-- org.telegram.messenger.apk-1
|   `-- data
|       |-- de.sec.mobile
|       | [...]
|       `-- org.telegram.messenger
|-- db
|   |-- HWlanucher.db
|   |-- Memo.db
|   |-- alarm.db
|   |-- calendar.db
|   |-- calllog.db
|   |-- camera.db
|   |-- clock.db
|   |-- contact.db
|   |-- harassment.db
|   |-- phoneManager.db
|   |-- setting.db
|   |-- sms.db
|   |-- soundrecorder.db
|   |-- systemUI.db
|   |-- weather.db
|   `-- wifiConfig.db
`-- storage
    |-- DCIM
    |-- Download
    |-- Huawei
    |-- MagazineUnlock
    |-- Notifications
    |-- Pictures
    |-- WhatsApp
    |-- mp3
    |-- parallel_intl
    `-- s8-wallpapers-9011.PNG
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].