[情報] WannaCry解密工具出爐
看板AntiVirus (防毒)作者a29174332 (BigAnna)時間9年前 (2017/05/19 17:55)推噓11(11推 0噓 14→)留言25則, 13人參與討論串1/2 (看更多)
餓死抬頭
======5/20更新,感謝臉書社團糾正原理======
是研究員發現 WannaCry 在加密過程中使用 Windows Crypto API 產生金鑰並進行加密,但此 API 的 CryptReleaseContext 及 CryptDestroyKey 函式並未將產生金鑰時使用的植樹從記憶體中抹去,因此給了解密程式取得質數的機會 (But here's the kicker: WannaCry "does not erase the prime numbers from memory before freeing the associated memory," says Guinet.)
https://goo.gl/VxrDhz
裡面有GitHub的連結可以下載解密檔案
分享給被加密但還沒重灌的人使用
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 111.241.36.62
※ 文章網址: https://www.ptt.cc/bbs/AntiVirus/M.1495187742.A.5E0.html
推
05/19 17:59, , 1F
05/19 17:59, 1F
→
05/19 18:00, , 2F
05/19 18:00, 2F
→
05/19 18:25, , 3F
05/19 18:25, 3F
推
05/19 18:37, , 4F
05/19 18:37, 4F
→
05/19 19:43, , 5F
05/19 19:43, 5F
→
05/19 19:44, , 6F
05/19 19:44, 6F
推
05/19 19:55, , 7F
05/19 19:55, 7F
推
05/19 19:59, , 8F
05/19 19:59, 8F
推
05/19 20:21, , 9F
05/19 20:21, 9F
推
05/19 20:58, , 10F
05/19 20:58, 10F
推
05/19 21:01, , 11F
05/19 21:01, 11F
推
05/19 21:01, , 12F
05/19 21:01, 12F
→
05/19 22:25, , 13F
05/19 22:25, 13F
→
05/19 22:26, , 14F
05/19 22:26, 14F
→
05/19 22:26, , 15F
05/19 22:26, 15F
推
05/19 22:48, , 16F
05/19 22:48, 16F
→
05/19 23:40, , 17F
05/19 23:40, 17F
→
05/19 23:42, , 18F
05/19 23:42, 18F
→
05/19 23:42, , 19F
05/19 23:42, 19F
→
05/19 23:45, , 20F
05/19 23:45, 20F
推
05/20 00:00, , 21F
05/20 00:00, 21F
推
05/20 00:50, , 22F
05/20 00:50, 22F
→
05/20 00:50, , 23F
05/20 00:50, 23F
→
05/20 02:11, , 24F
05/20 02:11, 24F
※ 編輯: a29174332 (118.161.1.108), 05/20/2017 08:30:02
→
05/20 11:00, , 25F
05/20 11:00, 25F
討論串 (同標題文章)
完整討論串 (本文為第 1 之 2 篇):
11
25
AntiVirus 近期熱門文章
PTT數位生活區 即時熱門文章
11
38