signal-back
In version 4.17.5, the Signal Android app introduced encrypted backups. While these are undoubtedly a security benefit over unencrypted backups, they do present an issue in being read into other systems or simply by their owner.
signal-back
is intended to use the same decryption process as the Signal app uses when importing its backups, to make them readable without being used by the app.
Usage
Either build from source or download a pre-built binary and put the executable somewhere you can find it.
Usage: signal-back COMMAND [OPTION...] BACKUPFILE
--help, -h show help
--log FILE, -l FILE write logging output to FILE
--password PASS, -p PASS use PASS as password for backup file
--pwdfile FILE, -P FILE read password from FILE
--version, -v print the version
Commands:
format Read and format the backup file
analyse Information about the backup file
extract Retrieve attachments from the backup
check Verify that a backup is readable
help Shows a list of commands or help for one command
Current export formats are:
- XML: Targeted to be compatible with SMS Backup & Restore
- CSV
- Go structure representation ("raw")
Password
The password you need to decrypt the content of the Signal backup file was shown to you by Signal when you enabled local backups similar to this screenshot. It consists of six groups of five digits.
You can enter the password in the interactive dialog such as 12345 12345 12345 12345 12345 12345
or you can write it in a text file and pass it to signal-back using -P password.txt
.
Example usage
Download whichever binary suits your system from the releases page; Windows, Mac OS (darwin
), or Linux, and 32-bit (386
) or 64-bit (amd64
). Checksums are provided to verify file integrity.
Find where you downloaded the file and open an interactive shell (Command Prompt, Terminal.app, gnome-terminal, etc.). Make sure your signal-XXX.backup
file is in the same folder.
Decrypting
If you're on Windows:
signal-back_windows_amd64.exe format -f XML -o backup.xml signal-XXX.backup
If you're on MacOS or Linux (where e.g., OS
is darwin
and ARCH
is amd64
):
chmod +x signal-back_OS_ARCH
./signal-back_OS_ARCH format -f XML -o backup.xml signal-XXX.backup
Enter your 30-digit password at the prompt (with or without spaces, doesn't matter). Note that your password will not be echoed back to you for security purposes.
You can then copy backup.xml
to your phone and restore it using SMS Backup & Restore.
Extracting media
You can pull out all your attachment files from the backup such as images, videos, and PDFs.
If you're on Windows:
signal-back_windows_amd64.exe extract -o output signal-XXX.backup
If you're on MacOS or Linux (where e.g., OS
is darwin
and ARCH
is amd64
):
chmod +x signal-back_OS_ARCH
./signal-back_OS_ARCH extract -o output signal-XXX.backup
Everything will be in the output
folder where you ran the command. Note that some files may have a .unknown
extension; this is because signal-back
might not be able to determine what these files are. However, they should still be completely valid files of some sort.
Building from source
Building requires Go and dep. If you don't have one (or both) of these tools, instructions should be easy to find. After you've initialised everything:
$ git clone https://github.com/xeals/signal-back $GOPATH/src/github.com/xeals/signal-back
$ cd $GOPATH/src/github.com/xeals/signal-back
$ dep ensure
$ go build .
You can also just use go get github.com/xeals/signal-back
, but I provide no guarantees on dependency compatibility.
Todo list
- Code cleanup
- make code legible for other people
- Actual command line-ness
- Formatting ideas and options
- User-friendliness in errors and stuff
License
Licensed under the Apache License, Version 2.0 (LICENSE or http://www.apache.org/licenses/LICENSE-2.0).
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be licensed as above, without any additional terms or conditions.