How to hack a Photo Video Vault?
Mobile Photo Video Vault are commonly used to prevent access to sensitive data on the phone (such as images, videos, documents and so on). These Photo Video Vault usually offer a vault with your desired password. You can push any secret files to this vault and they would be secure, as the data present in vault is encrypted and would decrypt only when the correct password is entered. The Fake Calculator app is one such mobile Photo Video Vault which boasted that it “encrypts” and secures your confidential files. All this has now become a joke and we will see why!
How to open an Photo Video Vault
Fake Calculator app allows you to pick a private passcode and “encrypts” pictures, texts, and any other data from the eyes of anyone who happens to look through your phone or device. For instance, an attacker who has access to the device should not be able to view the original files unless he knows the passcode. The idea is that even if an attacker pulls these files from the device, since they are encrypted, they would mean nothing but junk. But in case of a normal Fake Calculator app, it turned out that if an attacker pulls these encrypted files, he could easily get the original files in a matter of seconds.
However, not like a normal Fake Calculator, The Secret Photo Vault can not be hacked. Secret Calculator app or Secret Photo Vault is one of the best safe vault are available in App Store. If anyone can not enter the right passcode, the photo vault cannot be opened.
Here is the way to hack a NQ Vault for who need it. NQ Vault is one of best Photo Video Vault of Android device.
Breaking it step by step
I tried to verify this practically, and here is how easy it turned out to be:
3. Now send the image to the Secret Photo Vault using the app. This would mean the file apple.png is encrypted and should have been stored somewhere on the device.
4. But these encrypted files are hidden from the user. So initially a simple ‘ls’ on the folder does not reveal anything. But ‘ls’ with –a attribute would reveal all the hidden files, as shown in the following screenshot.
4. The next thing is to pull out this encrypted file to the local machine. I used the adb pull command for this purpose. As seen below, the file is stored with a .bin extension.
5. What this suggests is, based on the passcode selected by the user, it generates a “key” (30 in this case) and just XORs the user’s file with this key Photo Video Vault! Upon investigation, it turned out that this key value is always between 00 and ff, which means 255 possible values. As explained by NinjaDoge24, here are some of the passcodes and their corresponding key values:
Thus, an attacker who has access to the encrypted files just need to brute force XOR with 255 possible values to get the original files back!