SecurityXploded Blog

Art of Decrypting Paltalk Password

Paltalk is one of the top instant messenger client along with advanced audio/video chat features.  It also provides the facility to host small meetings or large webinars with its cutting edge conferencing tools.

In the previous post  ‘Art of Decrypting Digsby Password’, I have exposed on decrypting the Digsby password. Today I am going to write about internal encoding mechanism used by Paltalk and how to decrypt its main account password.

.

Update (17th Oct 2010): For detailed technical explanation of Paltalk Password Decryption refer to,  “Exposing the Password Secrets of PaltalkScene”

.

Update (17th Oct 2010): Released PaltalkPasswordDecryptor – The dedicated Password Recovery Tool for PaltalkScene

.

Update (15th Oct 2010): Released IMPasswordDecryptor 1.5 with the support for PaltalkScene Password Recovery.

.

Paltalk stores its main account password at following registry location,
HKEY_CURRENT_USER\Software\Paltalk\<nick_name>

The encoded password is stored in the registry value ‘pwd’ within above registry key.   All other IM passwords such as Gmail, Yahoo, AIM etc are saved under separate sub keys under this registry key.  For example Gmail accounts are stored under following registry key,
HKEY_CURRENT_USER\Software\Paltalk\<nick_name>\GGL\<gmail_address>

All these IM passwords are encoded using plain BASE64 method and stored in ‘pwd’ value within corresponding registry location.

.

Paltalk does not use any standard encryption algorithm for storing the password. It uses its own proprietary algorithm to encode the main account password. It took me around 1 or 2 hour to completely reverse this algorithm.  Paltalk  uses alternative union of nick name and drive serial to form the new base string which is then used to decode the password.

.

Here are step by step details for decoding main Paltalk password,

  • Retrieve the nickname & encoded password value for main Paltalk account from the above mentioned registry location.
  • Get the serial number of C drive or installed drive of Paltalk and convert it to string.
  • Perform alternative union of nickname & serial string to form one common string.
  • Create a final string by concatenating above generated string 3 times.
  • Finally use this string to decode the encoded password from the registry with simple algorithm.

.

The above password decoding algorithm works from version 8+ to latest version 9.9 of Paltalk. I will explain more technical details about the core password decoding algorithm in detailed article on website soon.

This reversing and decrypting Paltalk password is part of our new upcoming tool, IMPasswordDecryptor which will help you to recover all stored passwords from popular instant messengers.

To know more about how your favorite application stores the password and how to decrypt such a password, read the following article on “Password Secrets of Popular Windows Applications”

.

If you are interested in knowing more technical details on how Paltalk encrypts the password, where is the secret location of the password and how one can decrypt that password then refer to the following research article,

“Exposing the Password Secrets of PaltalkScene”

PaltalkScene stores main account password at following registry location
HKEY_CURRENT_USER\Software\Paltalk\<nick_name>
Password is encrypted and stored in the registry value ‘pwd’ under this key. All other IM passwords such as Gmail, Yahoo, AIM etc are saved under separate sub keys under this registry key. For example Gmail accounts are stored under following registry key,
HKEY_CURRENT_USER\Software\Paltalk\<nick_name>\GGL\<gmail_address>
All these IM passwords are encoded with BASE64 and stored in ‘pwd’ registry value.

Leave a Reply