Android in the case of signed files, retrieve password and alias

Haha, I am also drunk on this demand.

Today there is a friend who makes iOS (former company colleague, now is leader) asked me their company Android to do version upgrade, and then signed the file has but password and alias forgot, always can not re-get a signature file, password tried a lot of useless, I listen to special feel want to laugh, But it's also embarrassing to have such a problem.

Look under:

In order to ensure that the future of this situation, I personally still very happy to operate, the egg-like things often happen, haha actual operation.

Step one: Prepare the jar package

Jar Download: Androidkeystorebrute_v1.05.jar

Step Two: Official introduction hack

The official offer 3 method to break (PO) solution (Jie) Password:

There is 3 Methods to recover your KeyStore password:

• Simply Bruteforce (simple, violent Break (PO) solution (Jie))
• Dictionary Attack (PO) solution (Jie)
• Smart Wordlist Attack (smart word list Broken (PO) solution (Jie)) English is not good, literal translation!

Usage:

Execute with

Java-jar Androidkeystorebrute.jar

Possible args

-M <1..3> Method
-K Path to your KeyStore
-D Dictionary (for Method 2 and 3)
-P use common replacements like ' @ ' for ' a ' (for Method 3) Warning-very slow!!
-start <String> Sets the start String for the password (for brute force)
-W writes a new keystore with same password than the key
-H Prints Helpscreen

Brute Force hack

java -jar AndroidKeystoreBrute_v1.051 -k <...keystore> -start AAAAAA

Dictionary hack

java -jar AndroidKeystoreBrute_v1.052"C:\\mykeystore.keystore""passlib.txt"

Smart Hack (recommend)

java -jar AndroidKeystoreBrute_v1.053"C:\\mykeystore.keystore""passlib.txt"

Can see the violence is a pit than, maybe crack n long machine crashes have no results, Method 2 and Method 3 We all need to prepare a little memory in your mind of the resignation into the passlib.txt.

Step three: Sample hack

Let's prepare a passlib.txt, which reads as follows:

Next we have cmd, of course, an Android must be configured with the Java environment:

Command to execute:

C:\Users\test1>java -jar C:\Users\test1\Desktop\AndroidKeystoreBrute_v1.053"C:\Users\test1\Desktop\my.jks""C:\Users\test1\Desktop\passlib.txt"

implementation results;

So the password and alias are out.

This ends, of course, you can also modify the signature file's password and alias:

Android signature file know password forgot alias

First look at the picture:

Command:

Keytool-list-v-keystore my.keystore-storepass Password

Modify the password of the Android signing certificate KeyStore, aliases alias, and alias password

1. First of all, of course, first copy a formal certificate as the temporary debug certificate to be modified.
2. The command to modify the KeyStore password (keytool is the command-line tool for the JDK):

keytool -storepasswd -keystore my.keystore

Where My.keystore is a copy of the certificate file, you will be prompted to enter the certificate's current password, and the new password and repeat the new password confirmation. This step requires changing the password to Android.
3. Modify the alias of KeyStore:

keytool -changealias -keystore my.keystore -alias my_name -destalias androiddebugkey

In this step, My_name is the certificate in the current Alias,-destalias specified is to be modified to the alias, here according to the rules, instead of androiddebugkey! This command will prompt you to enter the KeyStore password and the current alias password.
4. Modify Alias's password:

keytool -keypasswd -keystore my.keystore -alias androiddebugkey

After this step, you will be prompted to enter the KeyStore password, alias password, and then prompt for a new alias password, similarly, according to the rules, change to android!

Summarize

This article describes the signed file forgot Password and alias, how to retrieve password and alias and signed files remember the password forgot the alias name, and finally how to change the password and alias. The special is also drunk, write here.

Android in the case of signed files, retrieve password and alias