My soon to be late sister (by my hand) has used a trial version of a software, Wondershare Tunesgo, which facilitates backups and file management on Android and iOS devices. She backed up her Samsung S6 with that tool not knowing that all it does is archive all her files and encrypt them in a .bak file. Immediately after that she reset her phone and lost all her data - so all the data resides only on the PC it's been backed up on, inside the .bak archive.
To be able to restore the .bak file to the phone, you need a full version of Wondershare Tunesgo, which is ridiculously priced at 30$, for nothing else than just copy-pasting files (which I could've done myself if she was patient). The .bak file is basically an archive that still has all the filenames and types correct but cannot extract them because it's passworded. This is basically ransomware and I hate it. The only solution in my opinion, besides waiting for someone to release a cracked version of the software she used (version 9.2whatever), is to crack the archive password.
Any ideas on how to crack this password, preferably GPU-assisted (I've tried 7zcracker and cRARk, the first is very slow and cRARk is only for RAR archives)?
Thanks in advance, stay away from shitty shareware/ransomware
I'm using Windows atm, but I'm impartial to OSes. I've noticed running 7z.exe from cmd prompt asks for password as well, maybe a script might work. I have no idea what sort of password these assholes would use.
If i was in your position, I would be attacking the software itself. If they did it well, they would be using a strong password on the archive which would make brute forcing unrealistic. What sort of archive does it create? zip, or some other type?
She gave up and eventually bought that subscription. It would be interesting to see if it's crackable though.
It's not a normal archive, it's a .BAK file, you can open it with archiving software (7zip) and you can see the names and types of files. You cannot extract the contents (only empty files) because of bad password error.
I've heard that after 6 characters it becomes next to impossible to brute force a password on a normal PC.
If you open the BAK file in a hex editor, you see the standard zip file header (PK), so it's just a password protected zip file. The program itself is a dotfuscated .net file, so if you were so inclined, you could run dedot on it and run it in a .net debugger such as dnspy. Then be prepared to go down the rabbit hole..
I really doubt that you're going to be able to crack something like that, ordinary brute forcing without a hash is hard enough but you don't seem to even know what kind of encryption that the app used so I really think that you're going to have a tough time with this one mate.
I guess it makes sense if the program is not touting its security, so the password is just there so the data is not readily available to anyone happening to take a look.
Well, it never asks you for a password when you create a backup. So it either uses a common one, or one it can reliably come up with again when you restore a backup.
Perhaps, they decided to at least attempt to protect all the data on the phone as it gets backed up. Or perhaps they just want to force people to buy a license, like you mentioned! This seems dishonest to me, since they don't tell you this fact when you run a backup.
Note: This program installs at least two programs on your phone (one system app), and installs a bunch of services in windows. If you remove it, best make sure you clean this all out!
Not sure of any easy way to put all the info back into your phone. This program installs programs and drivers on your phone in order to pull the data.
Most phones have some kind of software to back them up. Itunes, windows phone, kies for samsung phones etc. Perhaps you can use them to re import the data. Probably by taking a backup, adding the extra info and restoring it?
I have the same issue could you please tell me how you converted the XML file to CSV format where google can import the data as I converted it with online programe but it didn't work
unfortunately no but by searching about the file type it is plist version="1.0" which is used in IPhone if you know how to convert it directly without parsing your support is appreciated