WilimarLynwood
asked on
EFS Recovery
Hello.
I've encypted some files under Windows XP about a while ago, and I very recently FORMATTED my drive (after backing up the data, and dumbly enough, I didn't backup the encryption key for the files) and installed Windows Vista RC2.
I've tried about 4 solutions found here on experts-exchange, I'm losing hope that software might help decrypt them if I had my old username/password, so it looks to me like I'm gonna have to brute-force it.
I've also read somewhere that having the SID too might do great help in recovering the data.
If there's no easier way, I'd like to brute-force it with rainbow tables, even if it takes too long, I've got time. Only problem is, I'm not at all familiar with that procedure.
NOTE: I've also read that copying the encrypted files on a FAT32 drive will recover them. Except, I've tried that, and it said that I needed permission from "S-1-5-21-1078081533-11760
So here's all I have that might help my case: username, password, and SID.
I've encypted some files under Windows XP about a while ago, and I very recently FORMATTED my drive (after backing up the data, and dumbly enough, I didn't backup the encryption key for the files) and installed Windows Vista RC2.
I've tried about 4 solutions found here on experts-exchange, I'm losing hope that software might help decrypt them if I had my old username/password, so it looks to me like I'm gonna have to brute-force it.
I've also read somewhere that having the SID too might do great help in recovering the data.
If there's no easier way, I'd like to brute-force it with rainbow tables, even if it takes too long, I've got time. Only problem is, I'm not at all familiar with that procedure.
NOTE: I've also read that copying the encrypted files on a FAT32 drive will recover them. Except, I've tried that, and it said that I needed permission from "S-1-5-21-1078081533-11760
So here's all I have that might help my case: username, password, and SID.
ASKER
I've heard that you are able to brute-force the whole process, try every possible password, and as long as its less than 32-characters long, it will eventually get the right encryption key. (using software for that, of course)
ASKER
Plus, I like to think what Microsoft says is usually bs. :)
That is probably what the program does. But here is another page I found on EFS recovery:
http://articles.techrepublic.com.com/5100-6346_11-5035070.html
contains this interesting quotation:
EFS protects data stored on a local NTFS partition. It does not protect data when it is sent across a network. This is a big issue. Because EFS was designed to be transparent to end users, when the user who encrypted the file copies it across the network or sends it via e-mail, the file is automatically decrypted before it is sent across the network so that it can be readable on the target system. For a user who does not understand this, and believes that his or her sensitive data is secure, the mistake can be costly.
http://articles.techrepublic.com.com/5100-6346_11-5035070.html
contains this interesting quotation:
EFS protects data stored on a local NTFS partition. It does not protect data when it is sent across a network. This is a big issue. Because EFS was designed to be transparent to end users, when the user who encrypted the file copies it across the network or sends it via e-mail, the file is automatically decrypted before it is sent across the network so that it can be readable on the target system. For a user who does not understand this, and believes that his or her sensitive data is secure, the mistake can be costly.
ASKER
I forgot to add that I tried that program, and it didn't give me any results. I tried adding my username and password, the admin password, etc.. but nothing (I'm guess due to the fact that I formatted my primary drive that had the OS).
And about that part in the article, that's not possible for me since it gives me an "Access denied" message whenever I try to copy the files, even to the same drive.
I've also tried doing it in MS-DOS before loading Windows, and I couldn't copy any files.
And about that part in the article, that's not possible for me since it gives me an "Access denied" message whenever I try to copy the files, even to the same drive.
I've also tried doing it in MS-DOS before loading Windows, and I couldn't copy any files.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
For your first comment, I changed the ownership to "v\Wilimar Lynwood" which is the account I'm currently on, but still, when I try to copy a file to the other drive, it gives me an error message saying "You require permission from v\Wilimar Lynwood to make changes to this file" (even though I'm not making any changes, and oddly enough, I am "Wilimar Lynwood" on "v" (computer name is v)
ASKER
I guess there's no solution to this. I've decided to just suck it up and delete my encrpted files =).
But, thanks alot for your input anyway, the points are yours.
But, thanks alot for your input anyway, the points are yours.
http://support.microsoft.com/default.aspx?scid=kb;en-us;308993
HOW TO: Remove File Encryption in Windows XP
However, I've seen Previously Answered Questions on this site that say this program (which is, unfortunately, not free) will work:
http://www.elcomsoft.com/aefsdr.html