By ce4


2012-06-22 11:13:31 8 Comments

How can I decrypt an encrypted "Titanium Backup" backup using standard (linux) tools?

Example:

Wi-Fi serves as a practical example, many other uses may apply to the solution I'm looking for.

If I quickly want to access backuped Wi-Fi credentials from my Linux box I know a fast way. With encrypted backups I'm currently out of luck.

That's my quick&dirty way how to do it without encryption so far:

[email protected]:~$ adb shell
[email protected]:/ # cd /sdcard/TitaniumBackup/
[email protected]:/sdcard/TitaniumBackup # ls *W*46.*gz
com.keramidas.virtual.WIFI_AP_LIST-20120622-105046.tar.gz
[email protected]:/sdcard/TitaniumBackup # gunzip -c *W*46.*gz | grep -C1 MyAccessPoint
network={

ssid="MyAccessPoint"
psk="supersecrecretpassphrase"

Some details on the company's site: http://www.titaniumtrack.com/kb/titanium-backup-kb/titanium-backup-cryptography.html

4 comments

@bhafer 2014-07-29 12:34:09

I wrote an implementation in PHP:

https://github.com/bhafer/TitaniumBackupDecrypt

Usage:

php TitaniumBackupDecrypt <.tar.gz file>

@andras.tim 2014-07-15 09:38:14

I have found a working solution on GitHub: https://github.com/phyber/TiBUdecrypter

1. Install/upgrade dependencies (on Ubuntu)

apt-get install python2.7
pip install --upgrade docopt
pip install --upgrade six
pip install --upgrade PyCrypto

2. Get script from GitHub

3. Decrypt a backup

python2.7 tibudecrypt.py com.keramidas.virtual.XML_WIFI_AP_LIST-20140711-012128.xml.gz

@ce4 2012-06-26 22:32:41

There are no standard tools as of now yet. TiB uses their own format which they kindly shared with me when I asked them the same above question.

In fact someone needs to write it still. It could be done in Java or even using bash + openssl only.

@R R 2012-06-27 05:50:09

Is it public, or do I need to ask them myself, if I want it too? I had a look at the encrypted files, but gave up as I couldn't figure out exactly how it's encrypted. I could write something in python (CLI only)

@ce4 2012-06-27 10:23:15

It belongs to SO, that's why I didn't post it here. You can see their answer here plus.google.com/101760059763010172705/posts/MQBmYhKDex5

@R R 2012-06-27 15:14:11

Thanks, it's really helpful. I'm kind of stuck because python doesn't seem to have a usable way to decrypt PKCS8 certificates, so I'll have to use openssl. Anyway, I'll ping you once I have something working.

@ce4 2012-06-27 15:27:18

I'll go for the (harder) bash+openssl thing once I find time. PS, python has an openssl package: packages.python.org/pyOpenSSL

@pzkpfw 2012-06-24 09:29:41

According to this TB backs up with public/private key encryption. If you have the private key, you should be able to access (decrypt) the backup file. The easiest way to do this seems to me to be via TB itself, and then perhaps re-save it as non-encrypted.

@ce4 2012-06-24 10:02:50

This link is also included in my original question, but it doesn't answer it. There's only some vague info about 'assymetric (rsa) and symmetric (aes) encryption'. That's not sufficient information. PS: I have an open ticket at titaniumtrack.com about this whole question. Let's see what they answer.

@Dakatine 2013-09-18 19:44:39

Have you got any answers? I'd really like to know more, as well.

Related Questions

Sponsored Content

0 Answered Questions

How to fix bootloop or decrypt /data in TWRP?

Sponsored Content