37

I have lost password of keystore file used to sign my apk. I cannot update my app now and I think I have to release it as new app by signing it with new keystore. Is it possible to decrypt keystore file as I have keystore file and password is present in keystore file. Or can anyone provide me with link of program that is used to brute force password. If anyone of you have been able to recover password of keystore file please share your method. Thanks in advance.

CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491
anujprashar
  • 6,263
  • 7
  • 52
  • 86
  • This can't be done, easily at least. Also keystore does not contain your password. It's only used for decryption during runtime (once you want to access it). – harism Jan 17 '12 at 13:01
  • Thanks for reply. I think keystore file has password in it because thats how it validate entered password as it checks again password present in keystore file. – anujprashar Jan 17 '12 at 13:03
  • 2
    Nope that is wrong, you need to read some texts about cryptography. The password is not saved in there, only a hash. But harism is right, if your password more than 4 or 5 digits long you have no chance to crack it easily. – Thommy Jan 17 '12 at 13:04
  • No it doesn't. Similarly as properly implemented user databases, they store only some sort of a hash value for password, making it nearly impossible to recover actual password. As for keystores, I don't know exact mechanism but they most definitely do not contain user readable passwords. – harism Jan 17 '12 at 13:06
  • OK, thanks for replying. So there is no way to get back password by that way. Only option left is brute force I think. – anujprashar Jan 17 '12 at 13:16
  • If you had a simple password, up to 7-8 characters, then it doesn't matter that it's hashed. You can crack it easily then (in terms of cpu) but probably it is easier for you to create a new keystore. – Daniel Lidström Jan 17 '12 at 13:29
  • i thought this was an excellent question -- the hash doesn't matter because if brute force works you know it is almost certainly the password that you tried – necromancer Jan 17 '12 at 15:05
  • Should try https://www.npmjs.com/package/keystore-password-recovery – vmontanheiro Oct 24 '19 at 11:14

7 Answers7

47

I use this one for bruteforce at the moment: Android keystore password recover

asalamon74
  • 6,120
  • 9
  • 46
  • 60
Alex Kutsko
  • 1,129
  • 11
  • 9
  • 1
    Thanks for suggesting this tool! I found myself in a similar situation in that I needed to post some bug fixes for a project I hadn't worked on in about a year. I "kinda" remembered the password, but it didn't seem to work. Using this tool with its "smart word list" feature, I was able to put down a few guesses in a text file, and it tried different word permutations, numbering, and capitalization options and found my password in a few seconds. This tool saved me a lot of trouble. Thanks again! – olen_garn Mar 04 '13 at 07:43
  • Simply awesome, wrote down a possible list in a txt file and it took 0 seconds to guess the password! Highly recommended, many thanks! – Hammad Tariq Jul 16 '13 at 16:31
  • 1
    Could someone tell me its steps on how do I recover password. – WISHY Feb 04 '14 at 11:14
  • 5
    Well that's embarrassing...my password was actually one of the words I put in my word list. Cheers! – JstnPwll Feb 06 '14 at 14:32
  • @Alex Kutsko can u pls explain how to use that code which is provide in your link. and how to use it – GB_Bhayani ツ Jul 20 '17 at 10:01
  • 1
    @GB_Bhayaniツ step 1: run "java -jar 'thatJarFileDirectory'". step 2: read the instructions on terminal. Example command: "java -jar /Users/aowalhome/Downloads/Android_Keystore_Password_Recover_1.07.jar -m 3 -k /Users/aowalhome/Desktop/KEYSTORE//keystore.jks -d /Users/aowalhome/Desktop/dictioanry.txt -l 3". example of dictionary.txt: https://users.cs.duke.edu/~ola/ap/linuxwords – Ashik Oct 10 '17 at 11:47
  • It works! My password was one of the entries in my wordlist, only with shuffled cases. – carldevelopsforcoffee Jan 21 '19 at 06:29
39

There are 3 ways to this recover your lost keystore password:

  1. If you have your logs intact, then you can find the password in the Android Studio log files : Go to ~/Library/Logs -> AndroidStudio ->idea.log.1 and search for Search for "Pandroid.injected.signing.key.password" and you can see the key password.

  2. You can retrieve the password from the in your .gradle directory. Look in .gradle\2.4\taskArtifacts\taskArtifacts.bin. This doesn't seem to work for newer versions of Gradle (2.10 and above).

  3. Use AndroidKeystoreBrute to guess or bruteforce your password as per Alex Kutsko's answer above.

Solution link

Community
  • 1
  • 1
Varun
  • 1,938
  • 18
  • 19
  • 1
    No effing way! I spent days figuring out for any other ways to retrieve my password while I was waiting for the brute force to finish. My password was actually shown in the logs as you mentioned. Sick! – borislemke Dec 16 '16 at 22:01
  • 1
    By loosing hope from all the methods (as I could not try brute force as it would take months to get that pw) I tried to find the pw with the description shown above. Got a pw but I thought that's wrong and encrypted one. But when I tried that after an hour. Damn!!!! You saved my life man. I will vote it as it saved me..Thank you so much mate!!! – Swr7der Jan 11 '17 at 15:43
  • 1
    able to get the password after checking the logs in minutes. Thanks! – aznelite89 Mar 23 '17 at 07:18
  • I had my password written down and used option 1 to double check it, for some reason my password still doesn't work. I get the warning saying incorrect or password tampered with. Any ideas? – Beloudest Aug 20 '17 at 18:43
  • 1
    You just saved my job. Thanks! I will email myself the password next time. – Neon Warge Oct 17 '17 at 03:12
  • 2
    The "search for Pandroid.injected.signing.key.password" trick works for Android Studio 2.2 and earlier. It's masked out of the logs in 2.3 and later. (Fortunately, I still had my 2.2 logs!) – Beer Me Jan 15 '18 at 14:15
  • 1
    it's there in 2.3. Search a little further in the file. The first instance is masked. – edhnb Apr 10 '18 at 20:51
  • 1
    For android studio 3 i am getting as encrypted password in my .grdel file i am not able to see 2.3 version is it something to do with signature of the jks file when we create it @varun – Mohan Gopi May 30 '18 at 11:49
  • 6
    The first method doesn't work anymore I believe, the pass is replaced with '*******' – Wouter Vandenputte Aug 03 '18 at 18:45
  • 2
    Needs to be updated to let users know that all instances of `password` are masked in Android 3. – T.Woody Aug 28 '18 at 21:22
32

I too had this similar problem!

There are a few ways to find the password :

  1. Using the logs file of android studio
  2. Using the taskArtifacts
  3. Using bruteforce

Detailed answer is mentioned in http://techzog.com/development/android/retrieve-saved-keystore-password-android-studio/

If none of the above works, there's a way to reset the keystore password! The code is available here

  1. Download the zip file here.

  2. Install JAVA into your computer

  3. Keep all the files(the keystore, extracted java files) in one folder

  4. Open Command Prompt there. (Shift + RightClick -> Open command window here)

  5. Run javac ChangePassword.java

  6. Run java ChangePassword <keystore file> <new keystore file>

    e.g. java ChangePassword oldkey.jks newkey.jks

  7. Enter a password when asked. Remember the new password for the new jks file.

Open jks file using the new password

Community
  • 1
  • 1
reverie_ss
  • 2,396
  • 23
  • 30
5

Been off Android dev and its IDE for some months.

Took couple of hours to figure out that I had actually entered the right password during second attempt. The next dialog shows exactly the same error icon as if I were entering a wrong password -- though it actually says that I need to enter password for the selected key!

Not really related to the original question, but you probably already entered the correct password! So much for UI design..

buddy
  • 51
  • 1
  • 1
5

I am sharing a simple way.I hope my way will solve your problem.

first way-> click

.gradle->latest gradle version->task histroy->taskHistory.bin

Second way->

.gradle->latest gradle version->taskArtifacts->taskArtifacts.bin

Adam
  • 444
  • 5
  • 18
  • This is obsolete in Android 3.0 – T.Woody Aug 29 '18 at 04:56
  • In my case that was *not obsolete*. The password was inside `.gradle/4.4/taskHistory/taskHistory.bin` and `.gradle/4.6/taskHistory/taskHistory.bin`. – Alex Dec 04 '18 at 23:19
3

The most efficient way to crack your password is using the tool I released together with hashcat (a password cracker software):

https://github.com/floyd-fuh/JKS-private-key-cracker-hashcat

If you have a powerful graphic card (GPU), the cracking will be much faster. Otherwise hashcat will use your CPU.

It boils down to the following two commands:

java -jar JksPrivkPrepare.jar your_JKS_file.jks > hash.txt
./hashcat -m 15500 -a 3 hash.txt

The reason why this is much more efficient is that it will crack the private key password directly rather than the key store password. It uses an algorithm that no other password cracker has used before. Most password crackers are not very efficient (as they calculate the entire key store file into the SHA1 calculation) and in the worst case might even crack the key store password (which might not be the private key password that can be used for decryption of the key). If you need more details you can read the POC||GTFO journal article I wrote, which can be found here or on various other free mirrors: POC||GTFO journal - 15:12 Nail in the Java Key Store Coffin

For example if you have a NVidia 1080 graphic card you can try all alphanumeric passwords of length 8 in roughly 8 hours.

floyd
  • 31
  • 3
0

See KeystoreBreaker for recovery lost password.

Anton Sk.
  • 11