Please note, this is a STATIC archive of website hashcat.net from October 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Ransomware
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Hello,

Thank you for the link. I have just checked but unfortunately nothing there will currently help.

Ian
Hey Ian,

I spent some time a while ago looking at DiskCryptor (same version that you're dealing with). It's complicated by virtue of also having the capability of using keyfiles (which I was dealing with). I'm assuming you don't have any indication these were used. I ended up moving on to something else before I could spend more time on it, but I did write up a terrible python script that will try a wordlist against an encrypted image.

It's quick and dirty, but IIRC, I think it should try about 20-30 passwords a second. It's really slow. It is not a good solution, but since you're dealing with numerical candidates (hopefully!), it might help. You can always run it on multiple computers to speed things up.

I dug it up for you. It breaks easily, and could benefit hugely from a complete rewrite. Feel free to improve it! For now, it's something to start with. If you are dealing with keyfiles and you have found one, I also have a keyfile & password version of this script. Make sure you follow the instructions closely.

https://pastebin.com/D0rmkrbS

Hope it helps.

Like someone else mentioned, if you haven't already done so, contact your local law enforcement and/or a digital forensics company. They may be able to offer more assistance with a proper examination of your devices.
Hello,

Thank you for your reply.

Unfortunately with an 11 digit number and 30 tries a second we are looking at 105 years!

I can not say to much on a public forum but rest assured the Police were informed on day 1. Their investigation is currently on going.

Thank you

Kind regards

Ian



 

(12-17-2018, 05:58 PM)Nubbin Wrote: [ -> ]Hey Ian,

I spent some time a while ago looking at DiskCryptor (same version that you're dealing with). It's complicated by virtue of also having the capability of using keyfiles (which I was dealing with). I'm assuming you don't have any indication these were used. I ended up moving on to something else before I could spend more time on it, but I did write up a terrible python script that will try a wordlist against an encrypted image.

It's quick and dirty, but IIRC, I think it should try about 20-30 passwords a second. It's really slow. It is not a good solution, but since you're dealing with numerical candidates (hopefully!), it might help. You can always run it on multiple computers to speed things up.

I dug it up for you. It breaks easily, and could benefit hugely from a complete rewrite. Feel free to improve it! For now, it's something to start with. If you are dealing with keyfiles and you have found one, I also have a keyfile & password version of this script. Make sure you follow the instructions closely.

https://pastebin.com/D0rmkrbS

Hope it helps.

Like someone else mentioned, if you haven't already done so, contact your local law enforcement and/or a digital forensics company. They may be able to offer more assistance with a proper examination of your devices.
It seems that JtR has it under construction.
https://github.com/magnumripper/JohnTheRipper/pull/3531
Pages: 1 2