Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2096
  • Last Modified:

Crypto wall tools to try and brute force decryption

Ok have a friend who's pics have been encrypted by crypto wall. Anyone know of a utility I can run on the files to try brute force decryption? I am attempting a disk recovery hoping the original felted files may still be on the drive somewhere!
0
georgopanos
Asked:
georgopanos
  • 2
  • 2
  • 2
2 Solutions
 
btanExec ConsultantCommented:
Quite a guide information update in BleedingComputer worth checking out for recovery that may help but do verify that the file are indeed encrypted.  Actually brute forcing the decryption key is not pragmatic as strong crypto key is already employed. Do assess if recovery is possible and not succumb to payment ... but if data are indeed lost the only practical means to get back is the ransom which i do discourage as the attacker may play foul too...it is catch-22

http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information

Just for info, in the case for Cryptolocker early genre, there is online service (e.g. FireEye shared the online mechanism) though it is not warrant to decrypt all as they have only limited decryption key archived from their research..
0
 
georgopanosAuthor Commented:
I already uploaded the file to Fireeye and it is not a file done by cryptolocker. It is done by Cryptowall. So they cannot do anything! They don';t have a backup and Shadow was not enabled.

I was hoping there would be a tool to at least let it run for a few days a give it a shot to try and decrypt. If there is anything let me know so I can give it a try,
0
 
McKnifeCommented:
Unless you think the encryption is faked, it is useless to try it. The key in use is too strong to be brute-forced in reasonable time.
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
georgopanosAuthor Commented:
Ok, I understand that may be so, but as a learning experience can you humor me and point me in a direction for what tool I could use to attempt it! I would greatly appreciate it! The data is not needed tomorrow so this is a learning experience!
0
 
McKnifeCommented:
You cannot use a generic tool but you would have to Google for a reverse engineered version of their Virus (which is not only an encryptor but a decryptor). I am not sure such a thing even exists.
0
 
btanExec ConsultantCommented:
no open tool to break RSA keys, you need great horsepower which for learning is not worth and none (except researcher) has ventured into that. The online service from security folks also is not really doing the brute forcing except they are trying out with a bunch of key list they gotten. there are other brute force tools like hashcat and like but they are based on dictionary or even some using rainbow table. But all these is out of the Cryptowall context.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now