[Q] email HostAuth password encryption type?

[Dr_Death]

Hello anyone know what is the encryption type for the stock email app for the galaxy s3 GT-I9300 andriod 4.1.2

that stored in the database:

/data/data/com.android.email/EmailProvider.db

table:

HostAuth

column:

Password

i search google all the articals seem old and saying the password is stored in clear text, but when i open the table the passwords is hashed and it is encoded in a way similar to base64, i think it is some type on SHA1 encryption.

I run john the ripper on the hash but didnt recognize it.

any idea? thanks

 

[Dr_Death]

up

 

[colopedo]

Bump...was this ever solved?

 

[anonymous1774]

How to decode the encrypted password in EmailProvider.db

The encryption used is AES with the following settings:
- block size: 128 bits
- mode of operation: CBC (Cipher Block Chaining)
- initialization vector: 0 (all bits set to 0)
- key: 0ea7923ecc6e979f633d0415a1e20871

In linux, it can be decoded with the following command:

openssl aes-128-cbc -d -a -K 0ea7923ecc6e979f633d0415a1e20871 -iv 0

Links:
Detailed description of the encryption: github.com/lovasoa/samsung-email-password-decrypt
Original decryption app in java: github.com/yajin/android_toolset

 

[anonymous1774]

Web application

I created a small webpage that allows you to decode the passwords in your browser:
lovasoa.github.io/samsung-email-password-decrypt

This is pure js, your passwords are not sent over the network.