inside their dmg file: -rw-r--r-- 1 buddha staff 163840 Jul 21 2014 password_pro...

Excavator · on May 23, 2015

Fun stuff. classes.dex in the apk has some interesting strings:

    select * from js_injection where name=?
    select * from pwd where hid>=? and hid<? order by hid

    CREATE TABLE IF NOT EXISTS local_ap_info ( hid integer primary key autoincrement, ssid text, bssid text, security_level text,
     pwd text, x_user text, x_pwd text, stat text, lati text, longi text, type text, html text, create_dt text, last_update_dt text)
	
    CREATE TABLE IF NOT EXISTS private_ap_info(ID integer primary key autoincrement,ssid text,bssid text,security_level text,
     pwd text,hid text,create_dt text,last_update_dt text,last_update_opr text,wkflg char(8))
	
    CREATE TABLE IF NOT EXISTS unlock_ap(id integer primary key autoincrement,ssid text,bssid text,security_level text,
     pwd text,uploaded integer(1))

Cleaned up your sqlite commands:

    sqlite> .tables
    pwd
    sqlite> .schema pwd
    CREATE TABLE "pwd" ("password" TEXT NOT NULL );
    sqlite> SELECT * FROM pwd;
    a30e502c125899a41cb562a7a36b4bd0 c58675db0ba9266fb5307982e4368ab0 5631e619f6e280c0740704a25a8298f6 ...

Looks like it may not be fully seeded on install?

Edit:

Getting a different result for the database in the apk:

    $ sqlite3 ap8.db 
    SQLite version 3.8.10.1 2015-05-09 12:14:55
    Enter ".help" for usage hints.
    sqlite> .tables
    android_metadata  ap_info           js_injection      pwd             
    sqlite> .schema pwd
    CREATE TABLE pwd(hid integer primary key autoincrement,pwd text);
    sqlite> select * from pwd;
    1|df5b74fb19b8b150bcf07bbb4e43456d
    2|a1b574f8cf46c461f1e15fa52e3b2110
    3|c8c28c03de3e02d7814d86b14dfcf1f5
    4|7635726149e6d0f0e8f3e9224b8109dc

Most "pwd" are 32 chars long, some are 64 chars, and a few are 96 chars for some odd reason.

ap_info, and js_injection tables are empty so you'd have to get at it after syncing to their servers.

verroq · on May 24, 2015

Dumped - http://pastebin.com/YnKkA4DA

This from the ap8.db from the Android download. I didn't want to install this piece of shit on a real phone, the source does update and get a newer version.

This was an easy CTF.

Mandatum · on May 23, 2015

They change depending on the auth type (WEP vs WPA vs WPA2-PSK vs WPA2-Enterprise). It'll be a day or two before someone manages to decrypt the DB. I'd have a crack at it if I had more time.

stavros · on May 24, 2015

My money's on AES256 ECB mode.

verroq · on May 24, 2015

    aload 0    // this
    LDC "AES/CBC/NoPadding"
    invokestatic javax/crypto/Cipher.getInstance(java/lang/String) : javax/crypto/Cipher
    putfield com/snda/wifilocating/support/c.c : javax/crypto/Cipher

Nope.

stavros · on May 24, 2015

CBC sizes would go 32, 48, 64

on May 24, 2015

[deleted]

stavros · on May 24, 2015

I'm obviously talking about 128, since I can't see 32 bytes happening with AES256 CBC.

verroq · on May 24, 2015

    LDC AES/CBC/NoPadding

#nopadding

The fact that they had #nopadding in there makes it obvious that they copy pasted this code and has literally no idea what they are doing.

stavros · on May 24, 2015

What does padding have to do with the IV?

verroq · on May 24, 2015

You think they randomly generate a IV for every single password? Did you think they were competent or something? :)

https://i.imgur.com/b6kfN7y.png

Anyways, it is 128 bit CBC. I incorrectly assumed 256 bit because I forgot the hex representation of a char is twice the length. Since they don't have a padding block, the shortest possible output is one block. Thus 16 bytes or a hex string of 32 characters in length.

stavros · on May 24, 2015

Jesus Christ that's incompetent. I see what you mean, it's 32 hex chars, not binary chars. Since we have the IV and key, we can just decrypt all the passwords.