https://github.com/ppwwyyxx/wechat-dump

Cracking encrypted wechat message history from android
https://github.com/ppwwyyxx/wechat-dump

android wechat

Last synced: 7 days ago
JSON representation

Cracking encrypted wechat message history from android

• Host: GitHub
• URL: https://github.com/ppwwyyxx/wechat-dump
• Owner: ppwwyyxx
• License: gpl-3.0
• Created: 2014-11-21T05:11:22.000Z (about 10 years ago)
• Default Branch: master
• Last Pushed: 2024-08-13T23:33:02.000Z (4 months ago)
• Last Synced: 2024-11-20T19:52:10.492Z (22 days ago)
• Topics: android, wechat
• Language: Python
• Homepage:
• Size: 3.84 MB
• Stars: 1,667
• Watchers: 67
• Forks: 308
• Open Issues: 17
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.txt

Awesome Lists containing this project

• stars - ppwwyyxx/wechat-dump

README

        
## Dump WeChat Messages from Android

## 导出安卓微信消息记录

WeChat, as the most popular mobile IM app in China, doesn't provide any methods to export structured message history.

We reverse-engineered the storage protocol of WeChat messages, and

provide this tool to decrypt and parse WeChat messages on a rooted android phone.

It can also render the messages into self-contained html files including voice messages, images, emojis, videos, etc.

If the tool works for you, please take a moment to add your phone/OS to [the wiki](https://github.com/ppwwyyxx/wechat-dump/wiki).

## How to use:

#### Dependencies:

+ adb and rooted android phone connected to a Linux/Mac OSX/Win10+Bash.

  If the phone does not come with adb support, you can try download an app.

+ Python >= 3.6

+ [sqlcipher](https://github.com/sqlcipher/sqlcipher) >= 4.1

+ sox (command line tools)

+ Silk audio decoder (included; build it with `./third-party/compile_silk.sh`)

+ Other python dependencies: `pip install -r requirements.txt`.

#### Get Necessary Data:

1. Pull database file and (for older wechat versions) avatar index:

  + Automatic: `./android-interact.sh db`. It may use an incorrect userid.

  + Manual:

    + Figure out your `${userid}` by inspecting the contents of `/data/data/com.tencent.mm/MicroMsg` on the __root__ filesystem of the device. It should be a 32-character-long name consisting of hexadecimal digits.

    + Get `/data/data/com.tencent.mm/MicroMsg/${userid}/EnMicroMsg.db` from the device.

2. Decrypt database file:

  + Automatic: `./decrypt-db.py decrypt --input EnMicroMsg.db`

  + Manual:

    + Get WeChat uin (an integer), possible ways are:

      + `./decrypt-db.py uin`, which looks for uin in `/data/data/com.tencent.mm/shared_prefs/`

      + Login to [web wechat](https://wx.qq.com), get wxuin=1234567 from `document.cookie`

    + Get your device id (a positive integer), possible ways are:

      + `./decrypt-db.py imei` implements some ways to find device id.

      + Call `*#06#` on your phone

      + Find IMEI in system settings

    + Decrypt database with combination of uin and device id:

      ```

      ./decrypt-db.py decrypt --input EnMicroMsg.db --imei  --uin 

      ```

      NOTE: you may need to try different ways to get device id and find one that can decrypt the

      database. Some phones may have multiple IMEIs, you may need to try them all.

      See [#33](https://github.com/ppwwyyxx/wechat-dump/issues/33).

      The command will dump decrypted database at `EnMicroMsg.db.decrypted`.

  If the above decryption doesn't work, you can also try the [password cracker](https://github.com/chg-hou/EnMicroMsg.db-Password-Cracker)

  to brute-force the key. The encryption key is not very strong.

3. Copy the WeChat user resource directory `/mnt/sdcard/tencent/MicroMsg/${userid}/{avatar,emoji,image2,sfs,video,voice2}` from the phone to the `resource` directory:

	+ `./android-interact.sh res`

	+ Change `RES_DIR` in the script if the location of these directories is different on your phone.

	+ This can take a while. Can be faster to first archive it with `tar` with or without compression, and then copy the archive,

		`busybox tar` is recommended as the Android system's `tar` may choke on long paths.

	+ In the end, we need a `resource` directory with the following subdir: `avatar,emoji,image2,sfs,video,voice2`.

4. (Optional) Download the emoji cache from [here](https://github.com/ppwwyyxx/wechat-dump/releases/download/0.1/emoji.cache.tar.bz2)

	and decompress it under `wechat-dump`. This will avoid downloading too many emojis during rendering.

        wget -c https://github.com/ppwwyyxx/wechat-dump/releases/download/0.1/emoji.cache.tar.bz2

        tar xf emoji.cache.tar.bz2

#### Run:

+ Parse and dump text messages of __every__ chat (requires decrypted database):

    ```

    ./dump-msg.py decrypted.db output_dir

    ```

+ List all chats (required decrypted database):

    ```

    ./list-chats.py decrypted.db

    ```

+ Generate statistics report on text messages (requires `output_dir` from `./dump-msg.py`):

    ```

    ./count-message.sh output_dir

    ```

+ Dump messages of one contact to html, containing voice messages, emojis, and images (requires decrypted database and `resource`):

    ```

    ./dump-html.py ""

    ```

    The output file is `output.html`.

    Check `./dump-html.py -h` to use different paths.

### Examples:

Screenshots of generated html:

![byvoid](https://github.com/ppwwyyxx/wechat-dump/raw/master/screenshots/byvoid.jpg)

See [here](http://ppwwyyxx.com/static/wechat/example.html) for an example html.

### TODO List

+ Fix rare unhandled message types: > 10000 and < 0

+ Better user experiences... see `grep 'TODO' wechat -R`

### Donate!