Decrypt the encrypted file of Alibaba Cloud security guard

Source: Internet
Author: User

Alibaba Cloud security guard is always suffering! After studying for a long time, I also consulted some netizens (the Mars giant panda of cnblogs), but was told that the official encryption algorithm of Alibaba Cloud security guard was upgraded and cannot be decrypted in the old way. C/C ++ programmers have little knowledge about the encryption and decryption principles, that is, they cannot decrypt the encrypted software. But later research found thatThe encryption software will not encrypt the EXE file (highlighted). The official documents are described as follows:

It not only encrypts and protects electronic documents in any format, such as office, CAD, PDF, CorelDraw, Photoshop, and program source code, but also sets the permission for subdivided applications of encrypted files, make sure that the confidential data of an enterprise can only be authorized by authorized persons. In the authorized application environment, apply the specified documents to persons with this permission for operations, the entire process is recorded in detail and complete. (From Baidu encyclopedia)

Blocking ideas:

Blocking can effectively intercept kds (Alibaba Cloud Security Guard. Plaintext.

    1. The simplest method is to add kdstool.exe to the blacklist, which is the main program of Alibaba Cloud security guard. Adding kdstool.exe to the blacklist naturally cannot run.
    2. Uninstall the service. The service name is system file data protect services. The uninstall method is not described in detail. It is very simple.
    3. The new version may not be able to end the process directly. Simply force the process to end in cmd or manually write the batch.
    4. Delete directly. (The first four methods are provided by cnblog: Mars giant pandas)
    5. (New), install the micro-point active defense software, you can take the initiative more effectively (!! Active !!) Intercept.
Decryption ideas:
    1. This is the essence to explain. The code in the svndatabase is the file behind the security guard. We have to install and use kdstools.exe in collaboration with the company. This encryption code can only be validNotepad( ))) and ide ((( kdstools.exe)Whether it is opened using notepad ++ or other methods, it is garbled (ciphertext ). We cannot copy or share code.
    2. Think about it: "Why can we only open it in the notepad and IDE development environments. "In fact, there is a decryption phenomenon during the opening process.
    3. The method of cracking is that, when you use a normal program to open the code, there will be a hidden decryption phenomenon. After decryption, this also causes us to see the plaintext.
    4. Next we can use Plaintext to directly write the EXE file !, Because the Alibaba Cloud security guard cannot encrypt the EXE file.
    5. Conclusion: only use notepad.exe to open the code, and then rename it to the original extension. (Alibaba Cloud security guard looks like it is encrypted when files of the encrypted type are stored)

The above is the complete idea. The same idea can be applied to other decryption software with similar principles.Because we can see the plaintext at the time of development, and the plaintext can be easily decrypted.

The automatic decryption software has been written:

Alibaba Cloud security guard decryption software

Software Web site: http://www.cplusplus.me/1737.html reproduced from C/C ++ programmers home

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.