Paltalk is one of the top instant messenger client along with advanced audio/video chat features. It also provides the facility to host small meetings or large webinars with its cutting edge conferencing tools.
In the previous post ‘Art of Decrypting Digsby Password’, I have exposed on decrypting the Digsby password. Today I am going to write about internal encoding mechanism used by Paltalk and how to decrypt its main account password.
.
Update (17th Oct 2010): For detailed technical explanation of Paltalk Password Decryption refer to, “Exposing the Password Secrets of PaltalkScene”
.
Update (17th Oct 2010): Released PaltalkPasswordDecryptor - The dedicated Password Recovery Tool for PaltalkScene
.
Update (15th Oct 2010): Released IMPasswordDecryptor 1.5 with the support for PaltalkScene Password Recovery.
.
Paltalk stores its main account password at following registry location,
HKEY_CURRENT_USER\Software\Paltalk\<nick_name>
The encoded password is stored in the registry value ‘pwd’ within above registry key. All other IM passwords such as Gmail, Yahoo, AIM etc are saved under separate sub keys under this registry key. For example Gmail accounts are stored under following registry key,
HKEY_CURRENT_USER\Software\Paltalk\<nick_name>\GGL\<gmail_address>
All these IM passwords are encoded using plain BASE64 method and stored in ‘pwd’ value within corresponding registry location.
.
Paltalk does not use any standard encryption algorithm for storing the password. It uses its own proprietary algorithm to encode the main account password. It took me around 1 or 2 hour to completely reverse this algorithm. Paltalk uses alternative union of nick name and drive serial to form the new base string which is then used to decode the password.
.
Here are step by step details for decoding main Paltalk password,
- Retrieve the nickname & encoded password value for main Paltalk account from the above mentioned registry location.
- Get the serial number of C drive or installed drive of Paltalk and convert it to string.
- Perform alternative union of nickname & serial string to form one common string.
- Create a final string by concatenating above generated string 3 times.
- Finally use this string to decode the encoded password from the registry with simple algorithm.
.
The above password decoding algorithm works from version 8+ to latest version 9.9 of Paltalk. I will explain more technical details about the core password decoding algorithm in detailed article on website soon.
This reversing and decrypting Paltalk password is part of our new upcoming tool, IMPasswordDecryptor which will help you to recover all stored passwords from popular instant messengers.
To know more about how your favorite application stores the password and how to decrypt such a password, read the following article on “Password Secrets of Popular Windows Applications”
.
If you are interested in knowing more technical details on how Paltalk encrypts the password, where is the secret location of the password and how one can decrypt that password then refer to the following research article,
“Exposing the Password Secrets of PaltalkScene”
| PaltalkScene stores main account password at following registry location |
| HKEY_CURRENT_USER\Software\Paltalk\<nick_name> |
| Password is encrypted and stored in the registry value ‘pwd’ under this key. All other IM passwords such as Gmail, Yahoo, AIM etc are saved under separate sub keys under this registry key. For example Gmail accounts are stored under following registry key, |
| HKEY_CURRENT_USER\Software\Paltalk\<nick_name>\GGL\<gmail_address> |
| All these IM passwords are encoded with BASE64 and stored in ‘pwd’ registry value. |
Tweet
You are incorrect, these passwords don’t use base64, base64 is used when paltalk sends data to the server along with md5 and some other custom encryption using cipher key. As a matter of fact you have yet to even explain the algo that paltalk uses, the only thing you have correct but is not needed is HD serial mixed with username 3 times, You dont need to concatenate 3 times and you did’nt even mention about the last char of your username being processed first. Now the max password length of paltalk is 12 chars, and min is 5 chars so why would you need to concatenate the mixed serial 3 times? after all you will have at least 8 chars with your HD serial and paltalk also have a minimum username length of 5 chars… 5 + 8 = 13 so you dont even need concatenate them, but you do need take the last char of your username and process that first with the algo… And once again base64 is not even used…
You appears to be another kid from north block
I am not sure what version of Paltalk that you are referring to. Btw it uses base64 only for other IM account passwords (like google, aim, yahoo etc). The main paltalk password is encrypted as mentioned above.
I do not post non-sense or incorrect information just based on theory. All information posted here is based on practical program which works perfectly with mentioned version of Paltalk.
Watch out for next version of IMPasswordDecryptor !
The only information you supplied is that the HD serial is mixed with Nickname… and yes that was my point the actual Paltalk password does NOT use base64(sorry if I miss understood this in your article) but the fact still remains you haven’t really explained anything. And its not theory either as I have written Functions to decrypt paltalk Passwords(in delphi) to prove it. Also I have a large amount of knowledge dealing with paltalk because the last 5 years of my programming life has been dedicated to reverse engineering paltalk, I did how ever write an article on the decryption with FULL information and not just “its a mixed serial” which will help no one who really wants the know the decryption process.
Im not sure if i am allowed to post links in these reply’s, but here is the link to my article
http://www.cheesydoodle.com/?p=27
Also I will write some “Detailed” information about how the Beyluxe Messenger Encrypts passwords. It might be useful to you in your pasword retriever thingy.
Good luck with IMPasswordDecryptor, I look forward to seeing paltalk included once you understand the correct method of decryption
Well, this is not meant to be complete one, as I am planning to write detailed article on my website when I finally release the tool. But this was meant to just light update on the topic. But its based on the test program wrote to decrypt Paltalk version specified above.
I checked your post, nice one !
Thanks I am also writing an article on Beyluxe Messenger(with source), You might be interested in it as its very similar to the paltalk encryption passwords except BeyluXe uses Xor to create the sum. Anyway it might be another nice addition to your IMPasswordDecryptor.
Thanks man, I will be more than happy to include it in next version whenever you are done.
Looking forward !
[...] PaltalkScene few months back itself. Then I had written about Digsby Password Decryption and Paltalk Password Decryption in a short & sweet form. Soon I am going to write much detailed article with technical [...]