Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Snapchat Image Decrypt - This Ruby script decrypts the blob received from the `bq/blob` endpoint. Many thanks to @kivikakk, @adamcaudill, @tlack, and @NeilHanlon for inspiration, code, guides, and of course, the encryption key.
#!/usr/bin/env ruby
require 'openssl'
data = File.open('blob', 'r:ASCII-8BIT').read
c = OpenSSL::Cipher.new('AES-128-ECB')
c.decrypt
c.key = 'M02cnQ51Ji97vwT4'
o = ''.force_encoding('ASCII-8BIT')
data.bytes.each_slice(16) { |s| o += c.update(s.map(&:chr).join) }
o += c.final
File.open('blob.jpg', 'w') { |f| f.write(o) }
@nneal

This comment has been minimized.

Show comment Hide comment
@nneal

nneal Nov 25, 2013

hey, just wanted to say thanks james, this helped with the ruby wrapper i wrote

nneal commented Nov 25, 2013

hey, just wanted to say thanks james, this helped with the ruby wrapper i wrote

@marshalmorris

This comment has been minimized.

Show comment Hide comment
@marshalmorris

marshalmorris Jan 3, 2014

Thank you for posting this code. I had a number of snapchat files to decrypt so added A loop
Snapchat = Dir["*.jpg.nomedia"]
Snapchat.each {|filename|
..your script....
But I'm finding that if the decryption fails then the loop fails. Do you/anyone know how I can iterate through a folder of files, skipping files that won't decrypt and decrypt the ones that will.

Thanks, Rich

Thank you for posting this code. I had a number of snapchat files to decrypt so added A loop
Snapchat = Dir["*.jpg.nomedia"]
Snapchat.each {|filename|
..your script....
But I'm finding that if the decryption fails then the loop fails. Do you/anyone know how I can iterate through a folder of files, skipping files that won't decrypt and decrypt the ones that will.

Thanks, Rich

@ph3nx

This comment has been minimized.

Show comment Hide comment
@ph3nx

ph3nx Jan 11, 2014

I did it like this, it's simpler and works perfectly:

def decrypt encrypted
    d = OpenSSL::Cipher::AES128.new :ECB
    d.decrypt
    d.key = ENCRYPTION_KEY
    d.update(encrypted) + d.final
end

ph3nx commented Jan 11, 2014

I did it like this, it's simpler and works perfectly:

def decrypt encrypted
    d = OpenSSL::Cipher::AES128.new :ECB
    d.decrypt
    d.key = ENCRYPTION_KEY
    d.update(encrypted) + d.final
end
@jamescmartinez

This comment has been minimized.

Show comment Hide comment
@jamescmartinez

jamescmartinez Jan 31, 2014

Woah! I just saw this. Sorry about that guys. Let me read above and get back to you.

Owner

jamescmartinez commented Jan 31, 2014

Woah! I just saw this. Sorry about that guys. Let me read above and get back to you.

@jamescmartinez

This comment has been minimized.

Show comment Hide comment
@jamescmartinez

jamescmartinez Jan 31, 2014

@nneal Of course! Enjoy!

@marshalmorris That's a great point. Is it failing on the write? f.write?

@ph3nx your solution isn't 100% code complete (it doesn't include the key, etc.), but it is accurate if you were to fill in the blanks.

Owner

jamescmartinez commented Jan 31, 2014

@nneal Of course! Enjoy!

@marshalmorris That's a great point. Is it failing on the write? f.write?

@ph3nx your solution isn't 100% code complete (it doesn't include the key, etc.), but it is accurate if you were to fill in the blanks.

@bjk1

This comment has been minimized.

Show comment Hide comment
@bjk1

bjk1 Mar 26, 2014

Hi i tried running the script i am on windows 8 and it the cmd it says r.rb:5:in 'initialize' : no such file or directory - blob <errno::eno ENT>

From e:/chrome/t/r.rb:5:in 'open'
from e:/chrome/t/t/r.rb:5:in '

'

please help not sure what i am doing wrong ?

bjk1 commented Mar 26, 2014

Hi i tried running the script i am on windows 8 and it the cmd it says r.rb:5:in 'initialize' : no such file or directory - blob <errno::eno ENT>

From e:/chrome/t/r.rb:5:in 'open'
from e:/chrome/t/t/r.rb:5:in '

'

please help not sure what i am doing wrong ?

@bjk1

This comment has been minimized.

Show comment Hide comment
@bjk1

bjk1 Mar 26, 2014

never mind got it

!/usr/bin/env ruby

require 'openssl'

data = File.open('blob', 'rb:ASCII-8BIT').read
c = OpenSSL::Cipher.new('AES-128-ECB')
c.decrypt
c.key = 'M02cnQ51Ji97vwT4'
o = ''.force_encoding('ASCII-8BIT')
data.bytes.each_slice(16) { |s| o += c.update(s.map(&:chr).join) }
o += c.final
File.open('blob.jpg', 'wb') { |f| f.write(o) }

the b were missing :/

bjk1 commented Mar 26, 2014

never mind got it

!/usr/bin/env ruby

require 'openssl'

data = File.open('blob', 'rb:ASCII-8BIT').read
c = OpenSSL::Cipher.new('AES-128-ECB')
c.decrypt
c.key = 'M02cnQ51Ji97vwT4'
o = ''.force_encoding('ASCII-8BIT')
data.bytes.each_slice(16) { |s| o += c.update(s.map(&:chr).join) }
o += c.final
File.open('blob.jpg', 'wb') { |f| f.write(o) }

the b were missing :/

@jamescmartinez

This comment has been minimized.

Show comment Hide comment
@jamescmartinez

jamescmartinez Apr 7, 2014

@bjk1 Glad to hear you got it working!

Owner

jamescmartinez commented Apr 7, 2014

@bjk1 Glad to hear you got it working!

@vbking

This comment has been minimized.

Show comment Hide comment
@vbking

vbking Apr 14, 2014

how exactly do i use the code ?

vbking commented Apr 14, 2014

how exactly do i use the code ?

@do7aboy

This comment has been minimized.

Show comment Hide comment
@do7aboy

do7aboy May 1, 2014

Hello there,

i get this error every time i run the code

~/Downloads/gist6913761-d5be0cab80ad2e6906679cd580693da9c138b609/snapchat_decrypt.rb:11: in `final': bad decrypt (OpenSSL::Cipher::CipherError)

and

~/Downloads/gist6913761-d5be0cab80ad2e6906679cd580693da9c138b609/snapchat_decrypt.rb:11: in `

'

all refering to line 11 which is " o +=c.final "

can you help

do7aboy commented May 1, 2014

Hello there,

i get this error every time i run the code

~/Downloads/gist6913761-d5be0cab80ad2e6906679cd580693da9c138b609/snapchat_decrypt.rb:11: in `final': bad decrypt (OpenSSL::Cipher::CipherError)

and

~/Downloads/gist6913761-d5be0cab80ad2e6906679cd580693da9c138b609/snapchat_decrypt.rb:11: in `

'

all refering to line 11 which is " o +=c.final "

can you help

@absclllpowwww

This comment has been minimized.

Show comment Hide comment
@absclllpowwww

absclllpowwww May 18, 2014

How can i use this code? where? is an apps?

How can i use this code? where? is an apps?

@sinycc

This comment has been minimized.

Show comment Hide comment
@sinycc

sinycc Jun 17, 2014

I am getting the following error when running this code referencing line 11 (o += c.final)

'final': wrong final block length (OpenSSL::Cippher::CipherError)

Any thoughts? The only thing I changed from your original code is on line 5 and 12:
Changed 'blob' to something else.

sinycc commented Jun 17, 2014

I am getting the following error when running this code referencing line 11 (o += c.final)

'final': wrong final block length (OpenSSL::Cippher::CipherError)

Any thoughts? The only thing I changed from your original code is on line 5 and 12:
Changed 'blob' to something else.

@dhorvath127

This comment has been minimized.

Show comment Hide comment
@dhorvath127

dhorvath127 Jun 28, 2014

Hey guys. I currently have a file saved by my Dumpster app that was a picture, yet saved as an .mp4. I tried running the script on both my android and now my unbuntu pc with no avail, only errors. Any advise?

Hey guys. I currently have a file saved by my Dumpster app that was a picture, yet saved as an .mp4. I tried running the script on both my android and now my unbuntu pc with no avail, only errors. Any advise?

@jamescmartinez

This comment has been minimized.

Show comment Hide comment
@jamescmartinez

jamescmartinez Jun 30, 2014

@do7aboy & @synycc - I'm not sure. Which ruby are you using? Which OpenSSL?

@dhorvath - What errors are you getting?

Owner

jamescmartinez commented Jun 30, 2014

@do7aboy & @synycc - I'm not sure. Which ruby are you using? Which OpenSSL?

@dhorvath - What errors are you getting?

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Jul 1, 2014

I've been trying to decrypt a file using your code as well, and I'm also getting errors. Just running the script without modification on a windows 7 client with openssl 1.0.1 h installed (http://slproweb.com/products/Win32OpenSSL.html) produces this:

snapchat_decrypt.rb:11:in final': wrong final block length (OpenSSL::Cipher::CipherError) from <omitted path> snapchat_decrypt.rb:11:in


'

Tried changing name of input and output file to something specific and did a search to see if i did something wrong with the openssl part, but it seems that all that is needed (usually) is to install the binary and you're ready to go.
Also tried running the script on a Ubuntu 14.04 client but with the same error so either I'm not very good at this or something is up with the key :) I installed ruby via apt-get on ubuntu and it installed ruby 1.9.3p484 (2013-11-22 revision 43786) [i686-linux], can't see why it should not work. Any ideas?

donaldsr commented Jul 1, 2014

I've been trying to decrypt a file using your code as well, and I'm also getting errors. Just running the script without modification on a windows 7 client with openssl 1.0.1 h installed (http://slproweb.com/products/Win32OpenSSL.html) produces this:

snapchat_decrypt.rb:11:in final': wrong final block length (OpenSSL::Cipher::CipherError) from <omitted path> snapchat_decrypt.rb:11:in


'

Tried changing name of input and output file to something specific and did a search to see if i did something wrong with the openssl part, but it seems that all that is needed (usually) is to install the binary and you're ready to go.
Also tried running the script on a Ubuntu 14.04 client but with the same error so either I'm not very good at this or something is up with the key :) I installed ruby via apt-get on ubuntu and it installed ruby 1.9.3p484 (2013-11-22 revision 43786) [i686-linux], can't see why it should not work. Any ideas?

@dtwaling

This comment has been minimized.

Show comment Hide comment
@dtwaling

dtwaling Jul 2, 2014

I am getting the same error as donaldsr, with very similar scenario. I have also checked my environment to no avail. Any thoughts on this?

snapchat_decrypt.rb:11:in 'final': wrong final block length (OpenSSL::Cipher::CipherError)
from snapchat_decrypt.rb:11:in '<main>'

edit: Sorry forgot version info... I am running ruby 1.9.1 with OpenSSL v1.0.1c

dtwaling commented Jul 2, 2014

I am getting the same error as donaldsr, with very similar scenario. I have also checked my environment to no avail. Any thoughts on this?

snapchat_decrypt.rb:11:in 'final': wrong final block length (OpenSSL::Cipher::CipherError)
from snapchat_decrypt.rb:11:in '<main>'

edit: Sorry forgot version info... I am running ruby 1.9.1 with OpenSSL v1.0.1c

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Jul 14, 2014

Anyone having success with this? Kinda got stuck with the blob :)

Anyone having success with this? Kinda got stuck with the blob :)

@wangmauler

This comment has been minimized.

Show comment Hide comment
@wangmauler

wangmauler Jul 17, 2014

I'm having the same issues as most people here, getting this error when trying to run this script, or bjk1's script:

C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:5:in initialize': No such file or directory - blob (E rrno::ENOENT) from C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:5:inopen'
from C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:5:in `

'

I'm having the same issues as most people here, getting this error when trying to run this script, or bjk1's script:

C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:5:in initialize': No such file or directory - blob (E rrno::ENOENT) from C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:5:inopen'
from C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:5:in `

'

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Jul 17, 2014

@wangmauler
From the error message, I'd say that you have not renamed your snapchat file to "blob" or changed the script to run your specific file. You have to either rename it to "blob" or change the script. Also, make sure that you have the file in the same directory as the script, then try again.

@wangmauler
From the error message, I'd say that you have not renamed your snapchat file to "blob" or changed the script to run your specific file. You have to either rename it to "blob" or change the script. Also, make sure that you have the file in the same directory as the script, then try again.

@wangmauler

This comment has been minimized.

Show comment Hide comment
@wangmauler

wangmauler Jul 17, 2014

Thanks donaldsr, that worked, however now I get a new error:

C:\ProgramData\BlueStacks\UserData\SharedFolder>test.rb
C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:11:in final': wrong final block length (OpenSSL::Ciph er::CipherError) from C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:11:in

'

Thanks donaldsr, that worked, however now I get a new error:

C:\ProgramData\BlueStacks\UserData\SharedFolder>test.rb
C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:11:in final': wrong final block length (OpenSSL::Ciph er::CipherError) from C:/ProgramData/BlueStacks/UserData/SharedFolder/test.rb:11:in

'

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Jul 18, 2014

@wangmauler
Yeah, same error we all get. It seems that snapchat have changed something in the encryption so the old key does not work anymore. Was hoping for jamescmartinez to check with the people who contributed to this if any of them have noticed this change but so far he seems to be busy with other stuff. Patience is a virtue when you dont know how to fix it yourself :)

@wangmauler
Yeah, same error we all get. It seems that snapchat have changed something in the encryption so the old key does not work anymore. Was hoping for jamescmartinez to check with the people who contributed to this if any of them have noticed this change but so far he seems to be busy with other stuff. Patience is a virtue when you dont know how to fix it yourself :)

@jamescmartinez

This comment has been minimized.

Show comment Hide comment
@jamescmartinez

jamescmartinez Jul 30, 2014

Checking! @donaldsr

Owner

jamescmartinez commented Jul 30, 2014

Checking! @donaldsr

@jamescmartinez

This comment has been minimized.

Show comment Hide comment
@jamescmartinez

jamescmartinez Jul 30, 2014

I wish Github gists had notifications...

Owner

jamescmartinez commented Jul 30, 2014

I wish Github gists had notifications...

@ClayF

This comment has been minimized.

Show comment Hide comment
@ClayF

ClayF Aug 13, 2014

Any updates in the "wrong final block length" error?

ClayF commented Aug 13, 2014

Any updates in the "wrong final block length" error?

@royalelee

This comment has been minimized.

Show comment Hide comment
@royalelee

royalelee Aug 15, 2014

Im at the same thing as everyone else now wrong final block length

Im at the same thing as everyone else now wrong final block length

@royalelee

This comment has been minimized.

Show comment Hide comment
@royalelee

royalelee Aug 15, 2014

Now bad decrypt lol

Now bad decrypt lol

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Aug 18, 2014

Any updates on this?

@royalelee, what did you do to get the bad decrypt error?

Any updates on this?

@royalelee, what did you do to get the bad decrypt error?

@royalelee

This comment has been minimized.

Show comment Hide comment
@royalelee

royalelee Aug 20, 2014

Mine is line 11 bad decrypt cipher error

Mine is line 11 bad decrypt cipher error

@royalelee

This comment has been minimized.

Show comment Hide comment
@royalelee

royalelee Aug 20, 2014

aka the line with final output in it

aka the line with final output in it

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Aug 27, 2014

Still nothing? :)

Still nothing? :)

@mwarzynski

This comment has been minimized.

Show comment Hide comment
@mwarzynski

mwarzynski Sep 14, 2014

snap.rb:11:in `final': bad decrypt (OpenSSL::Cipher::CipherError)
        from snap.rb:11:in `<main>'

I googled for the solution - just need to add one line:

c.decrypt
c.padding = 0 # I added this line
c.key = 'M02cnQ51Ji97vwT4'

Unfortunately it only decrypts old snaps. Stuff from today can't be read by image viewer.
(SnapChat version: 5.0.34.6)

Actually, there is a small difference (char "_-_") between filenames:
Decryption working: h1a81hurcs00h1088514799151508741.jpg.nomedia
Decryption not working: h1a81hurcs00h-1948520179053141815.jpg.nomedia

No error message.


Anyone could help?

snap.rb:11:in `final': bad decrypt (OpenSSL::Cipher::CipherError)
        from snap.rb:11:in `<main>'

I googled for the solution - just need to add one line:

c.decrypt
c.padding = 0 # I added this line
c.key = 'M02cnQ51Ji97vwT4'

Unfortunately it only decrypts old snaps. Stuff from today can't be read by image viewer.
(SnapChat version: 5.0.34.6)

Actually, there is a small difference (char "_-_") between filenames:
Decryption working: h1a81hurcs00h1088514799151508741.jpg.nomedia
Decryption not working: h1a81hurcs00h-1948520179053141815.jpg.nomedia

No error message.


Anyone could help?

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Sep 15, 2014

@inxmen, i assume you tried remove the dash in the filename and run it, with the same result? If you get no error message at all it's kinda hard to find a solution, atleast im lost when you have nothing to go on. Anyone else?

@inxmen, i assume you tried remove the dash in the filename and run it, with the same result? If you get no error message at all it's kinda hard to find a solution, atleast im lost when you have nothing to go on. Anyone else?

@mwarzynski

This comment has been minimized.

Show comment Hide comment
@mwarzynski

mwarzynski Sep 15, 2014

@donaldsr, Of course I tried. No error message.

ruby -v
ruby 2.0.0p353 (2013-11-22 revision 43784) [x86_64-linux]

@donaldsr, Of course I tried. No error message.

ruby -v
ruby 2.0.0p353 (2013-11-22 revision 43784) [x86_64-linux]

@donaldsr

This comment has been minimized.

Show comment Hide comment
@donaldsr

donaldsr Sep 15, 2014

Strange that it does not produce any error message at all.. any idea why? They probably did change the key but that would definitely produce some sort of error message.. Im not that well versed in ruby but is there a way to turn on some sort of deeper debugging to see what is going on? Might be able to set this up on my lab machine some time during the week to see if i can reproduce this.

Strange that it does not produce any error message at all.. any idea why? They probably did change the key but that would definitely produce some sort of error message.. Im not that well versed in ruby but is there a way to turn on some sort of deeper debugging to see what is going on? Might be able to set this up on my lab machine some time during the week to see if i can reproduce this.

@mwarzynski

This comment has been minimized.

Show comment Hide comment
@mwarzynski

mwarzynski Sep 15, 2014

I changed key to wrong one - there is no warning or message. Script has generated invalid file.
I can't debug ruby - I am beginner in this language. Maybe tomorrow I will find some time to figure it out.

Anybody know where is stored AES key?

I changed key to wrong one - there is no warning or message. Script has generated invalid file.
I can't debug ruby - I am beginner in this language. Maybe tomorrow I will find some time to figure it out.

Anybody know where is stored AES key?

@arcaneiceman

This comment has been minimized.

Show comment Hide comment
@arcaneiceman

arcaneiceman Sep 26, 2014

i know where it is... i tested the apk v 5.0.34 easiest way it to decompile it in java code and search for it as a string. its really hard to miss

i know where it is... i tested the apk v 5.0.34 easiest way it to decompile it in java code and search for it as a string. its really hard to miss

@arcaneiceman

This comment has been minimized.

Show comment Hide comment
@arcaneiceman

arcaneiceman Sep 26, 2014

also, the latest apk does use this but the code snippet isnt working :( anyone figure the problem out yet? yes i get same wrong final block length problem.When i added padding as 0, it said data not a multiple of block length

also, the latest apk does use this but the code snippet isnt working :( anyone figure the problem out yet? yes i get same wrong final block length problem.When i added padding as 0, it said data not a multiple of block length

@mgrandi

This comment has been minimized.

Show comment Hide comment
@mgrandi

mgrandi Oct 31, 2014

I have my own snapchat decrypting stuff (https://dl.dropboxusercontent.com/u/962389/mgrandi_snapchat_example.zip), which requires python3 and pycrypto. try editing example.py with your username and password and then running it. (make sure you have an unopened snap from someone, you can send a snap to yourself i think, or else it won't work and it will say the file was already deleted).

I just sent a snap to myself and used the above code to decrypt it, and it did work and did produce a correct JPG, but some guy sent me some .jpg.nomedia files that don't seem to work with this decryption / key .....Both that ruby code and my own script produce the same thing, which isn't a JPEG file (it doesn't start with b'\xff\xd8\xff\xe0\x00\x10JFIF\x00\x01')... so i'm pretty confused on whats going on.

maybe its sending it under a different encryption if it detects the app is a certain version? or perhaps they updated the key? Is the android client modifying the data when its saving it to a .nomedia to prevent people from getting it off the phone? My code just downloads it straight from the snapchat server, which would be why mine works fine but these .nomedia files don't work...

mgrandi commented Oct 31, 2014

I have my own snapchat decrypting stuff (https://dl.dropboxusercontent.com/u/962389/mgrandi_snapchat_example.zip), which requires python3 and pycrypto. try editing example.py with your username and password and then running it. (make sure you have an unopened snap from someone, you can send a snap to yourself i think, or else it won't work and it will say the file was already deleted).

I just sent a snap to myself and used the above code to decrypt it, and it did work and did produce a correct JPG, but some guy sent me some .jpg.nomedia files that don't seem to work with this decryption / key .....Both that ruby code and my own script produce the same thing, which isn't a JPEG file (it doesn't start with b'\xff\xd8\xff\xe0\x00\x10JFIF\x00\x01')... so i'm pretty confused on whats going on.

maybe its sending it under a different encryption if it detects the app is a certain version? or perhaps they updated the key? Is the android client modifying the data when its saving it to a .nomedia to prevent people from getting it off the phone? My code just downloads it straight from the snapchat server, which would be why mine works fine but these .nomedia files don't work...

@DavePlater

This comment has been minimized.

Show comment Hide comment
@DavePlater

DavePlater Nov 17, 2014

Using your ruby example I have made a working C# version.

public static void AesDecryptSnap(string infilename, string outfilename)
{ File.WriteAllBytes(outfilename, AesDecryptSnap(infilename)); }
public static byte[] AesDecryptSnap(string infilename)
{
            byte[] retval = new byte[0];
            byte[] keyAndIvBytes = UTF8Encoding.UTF8.GetBytes("M02cnQ51Ji97vwT4");

            RijndaelManaged algorithm = new RijndaelManaged();
            //set the mode, padding and block size
            algorithm.Padding = PaddingMode.None;
            algorithm.Mode = CipherMode.ECB;
            algorithm.KeySize = 128;
            algorithm.BlockSize = 128;

            using (FileStream inStream = File.OpenRead(infilename))
            {
                using (CryptoStream cryptoStream = new CryptoStream(inStream, algorithm.CreateDecryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Read))
                {
                    using (MemoryStream outStream = new MemoryStream())
                    {
                        CopyStream(cryptoStream, outStream);
                        retval = outStream.ToArray();
                    }
                }
            }
            algorithm.Clear();

            return retval;
}
public static void CopyStream(Stream input, Stream output)
{
            byte[] b = new byte[32768];
            int r;
            while ((r = input.Read(b, 0, b.Length)) > 0)
            { output.Write(b, 0, r); output.Flush(); }
}

I also have a version ported to java/android, but it is still untested.

Using your ruby example I have made a working C# version.

public static void AesDecryptSnap(string infilename, string outfilename)
{ File.WriteAllBytes(outfilename, AesDecryptSnap(infilename)); }
public static byte[] AesDecryptSnap(string infilename)
{
            byte[] retval = new byte[0];
            byte[] keyAndIvBytes = UTF8Encoding.UTF8.GetBytes("M02cnQ51Ji97vwT4");

            RijndaelManaged algorithm = new RijndaelManaged();
            //set the mode, padding and block size
            algorithm.Padding = PaddingMode.None;
            algorithm.Mode = CipherMode.ECB;
            algorithm.KeySize = 128;
            algorithm.BlockSize = 128;

            using (FileStream inStream = File.OpenRead(infilename))
            {
                using (CryptoStream cryptoStream = new CryptoStream(inStream, algorithm.CreateDecryptor(keyAndIvBytes, keyAndIvBytes), CryptoStreamMode.Read))
                {
                    using (MemoryStream outStream = new MemoryStream())
                    {
                        CopyStream(cryptoStream, outStream);
                        retval = outStream.ToArray();
                    }
                }
            }
            algorithm.Clear();

            return retval;
}
public static void CopyStream(Stream input, Stream output)
{
            byte[] b = new byte[32768];
            int r;
            while ((r = input.Read(b, 0, b.Length)) > 0)
            { output.Write(b, 0, r); output.Flush(); }
}

I also have a version ported to java/android, but it is still untested.

@daskog

This comment has been minimized.

Show comment Hide comment
@daskog

daskog Nov 25, 2014

Any update for the latest version of Snapchat? I see there is a update on the python version that takes care of the new encryption implementation introduced in later version of Snapchat, md5, etc.

daskog commented Nov 25, 2014

Any update for the latest version of Snapchat? I see there is a update on the python version that takes care of the new encryption implementation introduced in later version of Snapchat, md5, etc.

@asad-awadia

This comment has been minimized.

Show comment Hide comment
@asad-awadia

asad-awadia Dec 30, 2014

Updates? Did anyone solve the error?
`final': wrong final block length (OpenSSL::Cipher::CipherError)

Updates? Did anyone solve the error?
`final': wrong final block length (OpenSSL::Cipher::CipherError)

@mib4fun

This comment has been minimized.

Show comment Hide comment
@mib4fun

mib4fun Jan 10, 2015

This is no more working

mib4fun commented Jan 10, 2015

This is no more working

@Amaterasu27

This comment has been minimized.

Show comment Hide comment
@Amaterasu27

Amaterasu27 Mar 21, 2015

M02cnQ51Ji97vwT4 is the old key
Need to find the new one

M02cnQ51Ji97vwT4 is the old key
Need to find the new one

@sampellino

This comment has been minimized.

Show comment Hide comment
@sampellino

sampellino Apr 19, 2015

Any update on this?

Any update on this?

@Daniellsantamaria

This comment has been minimized.

Show comment Hide comment
@Daniellsantamaria

Daniellsantamaria May 9, 2015

snapchat_decrypt.rb Raw
1
2
3
4
5
6
7
8
9
10
11
12

!/usr/bin/env ruby

require 'openssl'

data = File.open('blob', 'r:ASCII-8BIT').read
c = OpenSSL::Cipher.new('AES-128-ECB')
c.decrypt
c.key = 'M02cnQ51Ji97vwT4'
o = ''.force_encoding('ASCII-8BIT')
data.bytes.each_slice(16) { |s| o += c.update(s.map(&:chr).join) }
o += c.final
File.open('blob.jpg', 'w') { |f| f.write(o) }

snapchat_decrypt.rb Raw
1
2
3
4
5
6
7
8
9
10
11
12

!/usr/bin/env ruby

require 'openssl'

data = File.open('blob', 'r:ASCII-8BIT').read
c = OpenSSL::Cipher.new('AES-128-ECB')
c.decrypt
c.key = 'M02cnQ51Ji97vwT4'
o = ''.force_encoding('ASCII-8BIT')
data.bytes.each_slice(16) { |s| o += c.update(s.map(&:chr).join) }
o += c.final
File.open('blob.jpg', 'w') { |f| f.write(o) }

@Daniellsantamaria

This comment has been minimized.

Show comment Hide comment
@Daniellsantamaria

Daniellsantamaria May 9, 2015

Thank you for posting this code. I had a number of snapchat files to decrypt so added A loop
Snapchat = Dir["*.jpg.nomedia"]
Snapchat.each {joysantamaria
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

!/usr/bin/env ruby

require 'openssl'

data = File.open('blob', 'r:ASCII-8BIT').read
c = OpenSSL::Cipher.new('AES-128-ECB')
c.decrypt
c.key = 'M02cnQ51Ji97vwT4'
o = ''.force_encoding('ASCII-8BIT')
data.bytes.each_slice(16) { |s| o += c.update(s.map(&:chr).join) }
o += c.final
File.open('blob.jpg', 'w') { |f| f.write(o) }

Thank you for posting this code. I had a number of snapchat files to decrypt so added A loop
Snapchat = Dir["*.jpg.nomedia"]
Snapchat.each {joysantamaria
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

!/usr/bin/env ruby

require 'openssl'

data = File.open('blob', 'r:ASCII-8BIT').read
c = OpenSSL::Cipher.new('AES-128-ECB')
c.decrypt
c.key = 'M02cnQ51Ji97vwT4'
o = ''.force_encoding('ASCII-8BIT')
data.bytes.each_slice(16) { |s| o += c.update(s.map(&:chr).join) }
o += c.final
File.open('blob.jpg', 'w') { |f| f.write(o) }

@socalchs

This comment has been minimized.

Show comment Hide comment
@socalchs

socalchs Jun 4, 2015

Can anyone walk me through this? From plugging in my phone into the computer(im guessing thats what youre supposed to (thats how lost I am)) to viewing the files. I'll give you a couple bucks through paypal if someone can do it and it works. Thanks!

socalchs commented Jun 4, 2015

Can anyone walk me through this? From plugging in my phone into the computer(im guessing thats what youre supposed to (thats how lost I am)) to viewing the files. I'll give you a couple bucks through paypal if someone can do it and it works. Thanks!

@jordan64000

This comment has been minimized.

Show comment Hide comment
@jordan64000

jordan64000 Jul 3, 2015

key : M02cnQ51Ji97vwT4 is dead :'(

key : M02cnQ51Ji97vwT4 is dead :'(

@grx11

This comment has been minimized.

Show comment Hide comment
@grx11

grx11 Aug 5, 2015

well, i would like that someone in this damn world teach this on video or something i just lost at least 28 photos of my story that couldn't be publicated still don't know why D: i'm so frustated right now... ): i tried everything D:

grx11 commented Aug 5, 2015

well, i would like that someone in this damn world teach this on video or something i just lost at least 28 photos of my story that couldn't be publicated still don't know why D: i'm so frustated right now... ): i tried everything D:

@betrisey

This comment has been minimized.

Show comment Hide comment
@betrisey

betrisey Sep 6, 2015

The blob files are no longer encrypted, you just have to add the extension .jpg

betrisey commented Sep 6, 2015

The blob files are no longer encrypted, you just have to add the extension .jpg

@luanagelmi

This comment has been minimized.

Show comment Hide comment
@luanagelmi

luanagelmi Aug 31, 2017

Please help me
I do not understand much about these matters
What should I do with this code?
@jamescmartinez

Please help me
I do not understand much about these matters
What should I do with this code?
@jamescmartinez

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment