I'm try to decrypt a 7z file which encrypted with 32 charset.
How can i make it?
i have try the command:
-m 11600 -a 3 -1 ?l?u?d file.txt ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -o output.txt
But it can not be run.
Any solution?
please do the math.
How feasible is this ?
How many combinations exists and how large is the keyspace ?
Is this really a clever attack and is this even possible ?
What type of password is this ?
Are you sure about a 32-character long random password ?
The answer in general would be that this type of attack (even when/if it would be allowed by hashcat) wouldn't be feasible and you wouldn't be able to run over all the password candidates within a lifetime (and in this case it's even much worse because of the slow 7z algorithm, but in general brute-forcing a 32-character random password with that huge of a keyspace wouldn't be possible within thousands of years even with the best hardware).
(05-14-2021, 09:39 AM)philsmd Wrote: [ -> ]please do the math.
How feasible is this ?
How many combinations exists and how large is the keyspace ?
Is this really a clever attack and is this even possible ?
What type of password is this ?
Are you sure about a 32-character long random password ?
The answer in general would be that this type of attack (even when/if it would be allowed by hashcat) wouldn't be feasible and you wouldn't be able to run over all the password candidates within a lifetime (and in this case it's even much worse because of the slow 7z algorithm, but in general brute-forcing a 32-character random password with that huge of a keyspace wouldn't be possible within thousands of years even with the best hardware).
Thank you.
Are you sure about a 32-character long random password ? Yes, Qlocker.
I know that a huge number of the combinations.
Just try to find a way to recovery all file.
so according to some news sources, this is a ransomware that encrypts the users files with 7-Zip using a 32-ASCII-character long random password:
https://www.bleepingcomputer.com/news/se.../#cid18995
that's of course very bad, because this is infeasible to just brute-force it within a lifetime (it's waaaaay too long and random)... unless there is some weakness in the ransomware itself (e.g. predictable / weak passwords or some leak of parts of the password.... but this is very unlikely)... my guess is that it's best to see if somebody is able to help you (some forensic or anti-virus company that has some other solution, but brute-forcing it with the above length and randomness makes it impossible to do within dozens/hundreds/thousands of years without a weakness).
update: what is this
https://www.youtube.com/watch?v=aq_cIdY_ksQ&t=533s is this true or a fake report ? (it says that you must not have restarted your device, otherwise this method doesn't work. so DONT reboot)
some other advice, just wait
for some ransomware, security experts revealed the main key for decrypting after a short period of time after the ransomware goes "into the wild"
10 seconds google, here is a short list from avast (older ransomware)
https://www.avast.com/de-de/ransomware-decryption-tools
so be patient if your data isnt that vital
EDIT:
harr the idea with the logfile is "straight beautiful"