Android – recover encrypted images

aesandroiddecryption

I have nearly 0 understanding of encryption, I just want to recover my old photos.

In my old Android phone I used a certain photo-video locking app to encrypt my images. Images were stored on SD card.

I have forgotten the password of app (because 8 months of no use) but I see certain .config file, it contains:

5Fn7TQ==
 uxyjH3WpAKwKTCDyRdkd9cIPZQkCASZg

The app's website says photos are "encrypted using advanced 128bit AES encryption".

So I downloaded AESCrypt but when decrypting I get the error Error: Bad file header (not aescrypt file or is corrupted? [29, ffffffb6, 35]). Which is true because it an't encrypted by aescrypt.

So, how do I recover (AES decrypt) my photos.

Also is .config file a key file for decrypting images?

Edit

I was under the impression that the PIN (the password I had to enter when I launched the app) was protecting access to application's UI and had no role in encrypting images because a 5-digit password doesn't seem very secure.

Also I suspect the key is stored on device because the app was able to unlock photos even when device was not connected to the internet.

Best Answer

Any proper use of encryption will not store the key in a config file. While a hash might be stored, it's one way, so knowing the hash will not allow for recovery of the password, only that the entered password's hash matches the stored hash, and therefore the proper password was entered.

You will need to use the original app as it most likely uses a proprietary structure to encrypt the image file. The only option you have at this point is to try to remember the password used as well designed AES encryption renders the original contents unrecoverable by design unless the exact password is used.

Use encryption to protect yourself but expect total data loss unless you have a proper password management system in place to prevent losing/forgetting the password/encryption key.

Since this is Photo Locker Pro, produced by Handy Apps, perusing their Google Store and online website FAQ delivers the following information.

  1. With the optional PIN recovery feature, you won't lose your precious files even if you forgot your PIN code.
  2. The recovery email address is not an username to restore data. It is only used to retrieve your PIN in the event that you have forgotten it.

It's time to contact their support desk (support at handy-apps.com) and see if they can help you finish the recovery process.

Related Question