WanaKiwi - Automated wanadecrypt with key recovery if lucky

This utility allows machines infected by the WannaCry ransomware to recover their files.

wanakiwi is based on wanadecrypt which makes possible for lucky users to :

Recover the private user key in memory to save it as 00000000.dky
Decrypt all of their files

The Primes extraction method is based on Adrien Guinet's wannakey which consist of scanning the WannaCry process memory to recover the prime numbers that were not cleaned during CryptReleaseContext().

Adrien's method was originally described as only valid for Windows XP but @msuiche and I proved this can be extended to Windows 7.

Github Project

Disclaimer

This website uses cookies, and also collects some information using Google Analytics. Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and www.hack4.net will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

HACK4NET 🤖 Pentest Tools and News

WanaKiwi - Automated wanadecrypt with key recovery if lucky

Post a Comment

No comments

Search This Blog

Recommend You

Build Your Own PwnPhone

Follow Us

Random Posts

Popular Posts

Disclaimer

Popular Posts

HACK4NET 🤖 Pentest Tools and News

WanaKiwi - Automated wanadecrypt with key recovery if lucky

Related Posts

Post a Comment

No comments

Search This Blog

Recommend You

Build Your Own PwnPhone

Follow Us

Random Posts

Popular Posts

Disclaimer

Popular Posts