Hello!
I think it's been almost 8 years since ES file explorer is in android market. They are one of the pioneer android developers. So most of us have this explorer in our android. I too had this for a long time. If you are familiar with the app, you may know about the encryption feature available in this app. If you don't know here's how:
http://www.estrongs.com/eshelp/en/securityFeatures.htm#_Toc406426549
I had some old files whose password was not known to me. Obviously I started browsing pages to decrypt the .eslock files. I came across this blog:
http://techackit.blogspot.com/2015/08/es-file-explorer-encrypted-file.html
The blog does not clearly tells how to decrypt the files. But gives a major hint though!
eslock files store MD5 checksum of the password in the encrypted file.
{
For nerds:
Md5 (Message Digest 5) is a cryptographic function that allows you to make a 128-bits (32 characters) "hash" from any string taken as input. This function is irreversible, you can't obtain the plain text only from the hash. The only way to decrypt your hash is to compare it with a database using online decrypter. If my password string, by any chance, available in the online database, then I will be able to recover my file.. One should know that md5, although it's very used and common, shouldn't be use to encrypt critical data, since it's not secure anymore (collisions were found by chinese scientists - you may want to see a collission demo here). I don't why eslock use MD5 still, but to me its time to explore!
}
If your password string is not too complex, you can decrypt the file. Here's how I recovered the password:
1. You need to open the *.eslock file in hex reader. I used HxD freeware. Here's the link:
https://filehippo.com/download_hxd-hex-editor/
2. Open the editor
3. Drag and drop the eslock file in to the program.
4. Now start counting the data bytes from end of the file backwards, and stop at 29th byte.
5. MD5 Checksum of your password is 16 byte data forward from the 29th byte as in the figure below:
MD5 checksum is --> acbd18db4cc2f85cedef654fccc4a4d8
6. Last step : Try your luck. There are a lot of MD5 hash databases available online that can help you to decode the hash. One good site that you can try :
https://www.md5online.org/
I was lucky enough that my password was available in their database. If you don't find your password here make sure you check in couple of other sites too.
Thank you!
I think it's been almost 8 years since ES file explorer is in android market. They are one of the pioneer android developers. So most of us have this explorer in our android. I too had this for a long time. If you are familiar with the app, you may know about the encryption feature available in this app. If you don't know here's how:
http://www.estrongs.com/eshelp/en/securityFeatures.htm#_Toc406426549
I had some old files whose password was not known to me. Obviously I started browsing pages to decrypt the .eslock files. I came across this blog:
http://techackit.blogspot.com/2015/08/es-file-explorer-encrypted-file.html
The blog does not clearly tells how to decrypt the files. But gives a major hint though!
eslock files store MD5 checksum of the password in the encrypted file.
{
For nerds:
Md5 (Message Digest 5) is a cryptographic function that allows you to make a 128-bits (32 characters) "hash" from any string taken as input. This function is irreversible, you can't obtain the plain text only from the hash. The only way to decrypt your hash is to compare it with a database using online decrypter. If my password string, by any chance, available in the online database, then I will be able to recover my file.. One should know that md5, although it's very used and common, shouldn't be use to encrypt critical data, since it's not secure anymore (collisions were found by chinese scientists - you may want to see a collission demo here). I don't why eslock use MD5 still, but to me its time to explore!
}
If your password string is not too complex, you can decrypt the file. Here's how I recovered the password:
1. You need to open the *.eslock file in hex reader. I used HxD freeware. Here's the link:
https://filehippo.com/download_hxd-hex-editor/
2. Open the editor
4. Now start counting the data bytes from end of the file backwards, and stop at 29th byte.
5. MD5 Checksum of your password is 16 byte data forward from the 29th byte as in the figure below:
6. Last step : Try your luck. There are a lot of MD5 hash databases available online that can help you to decode the hash. One good site that you can try :
https://www.md5online.org/
I was lucky enough that my password was available in their database. If you don't find your password here make sure you check in couple of other sites too.
Thank you!
