I was going to release a new version of my app yesterday, and when the APK was packaged, I found the previous keystore password forgotten. The egg broke the ground, and I tried all the passwords I could think of (note: I usually register in the various portals are basically the combination of letters and numbers to do the password), no fruit. Until 1:30 A.M., the Dead heart has been.
Google and Baidu search the bottom of the sky, also did not find a solution, StackOverflow on the Daniel said, there are only two ways: 1. Think of the password; 2. Re-modify the package name, regenerate the KeyStore, and republish a new app.
Later on the know to see someone to give a link, holding the attitude to try to look at a bit, the results really can!
Share your experience below:
"Software": Android Keystore Password Recovery
"url": https://code.google.com/p/android-keystore-password-recover/
"Operating Environment": JDK7
Download jar Package: https://drive.google.com/file/d/0B_Rw7kNjv3BATldrLXMwcVRud2c/edit?usp=sharing, tried several times, proved that the celestial crab has been lost, can only FQ download. Download down: Androidkeystorebrute_v1.05.jar
The official provides 3 methods to crack the password:
1 |
There are 3Methods to recover your keystore password: |
2 |
- Simply Bruteforce (简单的暴力破解) |
3 |
- Dictionary Attack (字典破解) |
4 |
- Smart Wordlist Attack (智能单词列表破解) 英文不好,直译的! |
Usage:
02 |
java -jar AndroidKeystoreBrute.jar <args> |
05 |
-k <path> path to your keystore |
06 |
-d <path> dictionary (formethod 2and 3) |
07 |
-p use common replacements like ‘@‘for ‘a‘(formethod 3) WARNING - very slow!! |
08 |
-start <String> sets the start String forthe password (forbrute force) |
09 |
-w writes a newkeystore with same password than the key |
11 |
example forbrute-force attack |
12 |
java -jar AndroidKeystoreBrute_v1.05.jar -m 1-k <...keystore> -start AAAAAA |
13 |
example fordictionary attack |
14 |
java -jar AndroidKeystoreBrute_v1.05.jar -m 2-k "C:\\mykeystore.keystore"-d "wordlist.txt" |
15 |
example forsmart wordlist attack (recommend) |
17 |
java -jar AndroidKeystoreBrute_v1.05.jar -m 3-k "C:\\mykeystore.keystore"-d "wordlist.txt" |
I started with the method one, ran a night, did not run out. The default combination of letters too many passwords, in this way to decipher the password is too slim.
Then I tried to use method three, in fact I did not notice, the official recommendation on the use of method three: first create a txt, such as passlib.txt: in the text document to enter their usual set of password phrases, or you vaguely remember the original creation may use words, anyway can think of all write down:
Then execute:
1 |
java -jar AndroidKeystoreBrute_v1.05.jar -m 3-k "C:\\mykeystore.keystore"-d "passlib.txt" |
If the phrase you created in the Passlib.txt does appear in your KeyStore password, then retrieving the password is instantaneous:
Results of my execution:
1 |
Got Password in 0seconds |
2 |
Password is: android521 foralias ldxxfirstapp |
Note: When the command line executes the Java-jar command, the root directory must be the directory where the Androidkeystorebrute_v1.05.jar resides, such as Androidkeystorebrute_v1.05.jar on C:\key\ Androidkeystorebrute_v1.05.jar, first get CD C:\key and then execute, otherwise will error.
Android Pack key password lost back
