Solved

Crypto wall tools to try and brute force decryption

Posted on 2014-11-17
6
1,798 Views
Last Modified: 2014-12-02
Ok have a friend who's pics have been encrypted by crypto wall. Anyone know of a utility I can run on the files to try brute force decryption? I am attempting a disk recovery hoping the original felted files may still be on the drive somewhere!
0
Comment
Question by:georgopanos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 63

Expert Comment

by:btan
ID: 40447343
Quite a guide information update in BleedingComputer worth checking out for recovery that may help but do verify that the file are indeed encrypted.  Actually brute forcing the decryption key is not pragmatic as strong crypto key is already employed. Do assess if recovery is possible and not succumb to payment ... but if data are indeed lost the only practical means to get back is the ransom which i do discourage as the attacker may play foul too...it is catch-22

http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information

Just for info, in the case for Cryptolocker early genre, there is online service (e.g. FireEye shared the online mechanism) though it is not warrant to decrypt all as they have only limited decryption key archived from their research..
0
 

Author Comment

by:georgopanos
ID: 40447907
I already uploaded the file to Fireeye and it is not a file done by cryptolocker. It is done by Cryptowall. So they cannot do anything! They don';t have a backup and Shadow was not enabled.

I was hoping there would be a tool to at least let it run for a few days a give it a shot to try and decrypt. If there is anything let me know so I can give it a try,
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40448319
Unless you think the encryption is faked, it is useless to try it. The key in use is too strong to be brute-forced in reasonable time.
0
Create Professional Looking Email Signatures

Create "Professional HTML Email Signatures" with ease.
7 Day Money Back Guarantee if not 100% Satisfied.
Affordable - Try it out for 7 Days Totally Risk Free.
Installers provided for over 45 Email clients.
Both Windows & MAC Supported.
Highly Recommended!

 

Author Comment

by:georgopanos
ID: 40448529
Ok, I understand that may be so, but as a learning experience can you humor me and point me in a direction for what tool I could use to attempt it! I would greatly appreciate it! The data is not needed tomorrow so this is a learning experience!
0
 
LVL 54

Accepted Solution

by:
McKnife earned 250 total points
ID: 40448548
You cannot use a generic tool but you would have to Google for a reverse engineered version of their Virus (which is not only an encryptor but a decryptor). I am not sure such a thing even exists.
0
 
LVL 63

Assisted Solution

by:btan
btan earned 250 total points
ID: 40448791
no open tool to break RSA keys, you need great horsepower which for learning is not worth and none (except researcher) has ventured into that. The online service from security folks also is not really doing the brute forcing except they are trying out with a bunch of key list they gotten. there are other brute force tools like hashcat and like but they are based on dictionary or even some using rainbow table. But all these is out of the Cryptowall context.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
HIPAA Security Audit - How much do I charge? 5 65
Bitlocker Error Message 18 33
wifi security 11 37
Additional Protection from Ransomware Attacks 18 80
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question