0x01.安装Sqlcipher
Ubuntu下使用SQLCipher命令行对db加密
windows下的安装步骤忽略
自行搜索
0x02.解密数据库
通过sqlcipher打开加密数据库,解密后就可以直接通过SQL语句操作数据库.
➜ sqlcipher-master ./sqlcipher z-cipher.db
SQLCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> PRAGMA key = 'xxxxxx';
sqlite> SELECT count(*) FROM sqlite_master;
Error: file is not a database
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> SELECT count(*) FROM sqlite_master;
3
sqlite> .tables
_USER_ android_metadata
sqlite> SELECT count(*) FROM _USER_;
80
sqlite> ATTACH DATABASE 'z-uncipher.db' AS plaintext KEY '';
sqlite> .exit
0x03.从加密数据库导出非加密数据库
把加密的数据库导出为非加密数据库.
➜ sqlcipher-master ./sqlcipher z-cipher.db
SQLCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> PRAGMA key = 'xxxxxx';
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> ATTACH DATABASE 'z-plaintext.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('z-plaintext');
Error: near "-": syntax error
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> ATTACH DATABASE 'plaintext.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> .exit
➜ sqlcipher-master
上面导出非加密数据库:plaintext.db
➜ sqlcipher-master ./sqlcipher z-www.db
SQLCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> PRAGMA key = 'xxxxxx';
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> ATTACH DATABASE 'z-www-text.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> .exit
➜ sqlcipher-master
上面导出了非加密数据库:z-www-text.db
➜ sqlcipher-master ./sqlcipher z-yyy.db
SQLCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> PRAGMA key = 'asfjkalsueijfasldkjfalksjfkasjdfaslkdf';
sqlite> PRAGMA cipher_page_size = 4096;
sqlite> ATTACH DATABASE 'z-yyy-txt.db' AS plaintext KEY '';
sqlite> SELECT sqlcipher_export('plaintext');
sqlite> DETACH DATABASE plaintext;
sqlite> .exit
➜ sqlcipher-master
上面导出了非加密数据库:z-yyy-text.db
通过上面的步骤生成的plaintext.db就可以直接通过sqlitebrowser打开了.
0x04. 解密微信的数据库
密码算法还是之前的算法,但是可视化工具是解密不了了.
➜ sqlcipher-master ./sqlcipher
SQLCipher version 3.20.1 2017-08-24 16:21:36
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
Connected to a transient in-memory database.
Use ".open FILENAME" to reopen on a persistent database.
sqlite> .open EnMicroMsg.db
sqlite> pragma key='xxxxxxx';
sqlite> pragma cipher_use_hmac=off;
sqlite> pragma ciper_page_size=1024;
sqlite> pragma kdf_iter=4000;
sqlite> attach database 'MicroMsg.db' as wc key '';
sqlite> select sqlcipher_export('wc');
sqlite> detach database wc;
sqlite> .quit
https://wormtooth.com/20180417-decrypt-wechat-database/
Sqlcipher相关操作命令
SQLCipher API
WCDB issue
数据库如何解密?
