Skip to content

A Python script to bruteforce the decryption key of the encrypted file.

License

Notifications You must be signed in to change notification settings

GTekSD/Ransom-Cracker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Ransom Cacker logo

RANSOM-CRACKER

Decrypt Encrypted ZIPs


Ransom-Cracker

Setting the scene for this script:

  • Unfortunately, an attacker was able to exploit the vulnerability on the affected server and began installing a ransomware virus. Luckily, the Incident Detection & Response team was able to prevent the ransomware virus from completely installing, so it only managed to encrypt one zip file.

  • Internally, the Chief Information Security Officer does not want to pay the ransom, because there isn’t any guarantee that the decryption key will be provided or that the attackers won’t strike again in the future.

  • Instead, we would like you to bruteforce the decryption key. Based on the attacker’s sloppiness, we don’t expect this to be a complicated encryption key, because they used copy-pasted payloads and immediately tried to use ransomware instead of moving around laterally on the network.

Here is the background information for this script:

  • A Python script to bruteforce the decryption key of the encrypted file.

  • Bruteforcing is the act of repeatedly trying different combinations to break the password encryption (based on either randomly generated passwords, or from a list of passwords to try). In the resource folder, we've provided a small subset of passwords from Rockyou - a widely know password wordlist that contains thousands of common passwords in one wordlist.

  • Ransomware will often encrypt all files on a device, and sometimes give the decryption key after the ransom has been paid (but this is not always the case!). So, we would like to break the encryption without paying the ransom.

Resource

  • A foundational Python 3+ template has also been provided for you in the resource. One potential implementation is described in the code comments.

  • Encrypted File & Bruteforce.py (Python 3+) Template has also been provided for you in the resource.

  • After, open the decrypted word doc and paste your Python code at the bottom of the doc. Upload this with Pull Request.

Python is an easy-to-learn scripting language that is often used in security research. If you want to learn more about Python to help you with this task, visit this Python resource.

NOTE: This script need python installed in Windows.


Download wordlists


Screenshots

Screenshot-1

Screenshot-2

Screenshot-3

About

A Python script to bruteforce the decryption key of the encrypted file.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages