I was recently approached with a device that had the Threema application on and they wanted to extract the messages for it. The usual mobile forensics tools had failed to extract this information. TLDR: Extract the master_key.dat from the apps “files” folderConvert the file to a hex stringDecode it as a protobuf file using https://protobuf-decoder.netlify.app/ExtractContinue reading “Decrypting Threema4.db”
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
AskClees 