Author Bai Xue
A week ago, I was like a ghost with lost hosts wandering around the Internet, hoping to find something exciting. Without knowing it, I opened a website called "faster and faster". On this website, I started my first website. At that time, I thought about the guy who did not know how powerful and arrogant he was. He even offered the platform a promise of 10000 RMB to reward the man who successfully cracked the website file.
I don't know whether I want to be eager for money or show my compilation capabilities, so I am on this site, after downloading the "faster and more confidential" file and the middleware file, I originally hoped to defeat the primary server and win his 10 thousand yuan cash reward. I searched and analyzed the code like snowflake, but after seven or eight days I Didn't Know What encryption method he used, so I was very discouraged. In the end, I had to give up and lie powerless on the sofa. It was more than 11 o'clock at night. Lying down, I fell asleep. I woke up more than two o'clock in the morning and felt that my mind was coming. So I thought why I couldn't find a clue? Is his encryption method powerful, or is my skiing capacity declining? So I first analyzed the code of the "WinRAR" software. after about an hour, I found that the encryption method of "WinRAR" is AES encryption, however, compression is performed before encryption. Then, I used the 360 BCC for analysis and quickly figured out its encryption method. I felt that the 360 encryption system was good. It seems that the software did not look good. After reading this, I thought that my code analysis capability has not declined, probably because the "faster and more secure" encryption adopts an encryption method that has not yet surfaced.
At this time, I suddenly saw a so-called "high-strength file encryption master" software downloaded from the disk, and I was interested in analyzing the code, so I analyzed the software again, in less than five minutes, I found that the software was written by a scammers. In fact, the software did not encrypt files, but moved the folder path, only CMD can be used for decryption. Alas! It's really a treasure that you don't have to worry about, and you have no intention of inserting willow trees into the shadows. You wanted to crack the "hosts file", but the sooner you get, the closer you get, the rock solid, I am glad that on the way back, I broke the "high-strength file encryption master" fraud software. The following describes how to use CMD to crack the "high-strength file encryption master" (hereinafter referred to as "the master ".
Crack the hidden encryption of the "hacker:
Preparation: use the "folder" to encrypt the file by hiding and encrypting F: the folder "TestBreak_Hide" in the disk ".
Run CMD, enter F: disk, run the cd command to enter the F: \ RECYCLED directory, and enter the dir */ahs command. A (or more) name (SID) is displayed) for a long folder, run the cd command to enter and then run the DIR command. If there is a folder named "INFO2" in the Command result, it indicates that this is the place where the folder is hidden by the hacker. Enter "cd INFO2" and run the DIR command. A folder named "Di1" will appear. If you enter "cd Di1", you will find that the folder cannot be entered, this is because invisible characters are added to the name. However, DI1 ~ 1. Not only can you enter, but you can also rename it. After you enter, run the "DIR" command, and a long name starting with "com1. {" will appear. This name cannot be used directly, but "com1 ~ 1. {XX "(XX indicates 7th and 8th characters in the original name. After entering the directory, you can see that the folder with a long name consisting of hexadecimal numbers only needs to change the name of the folder and move it back to the original directory, the decryption is implemented. For more detailed operations, see the screenshot below.
So far, encryption is hidden and the attack is completely cracked.
Crack the local encryption of the "hacker:
Preparation: Use the local encryption method to encrypt the folder "TestBreak_Hide" in the disk ".
The method for cracking the local encryption of the "hacker" is basically the same as that for cracking the hidden method. It is no longer too long. Please refer to the screenshot.
Crack the mobile encryption of the "hacker:
Preparation: use the "clip Teacher" to encrypt F: the folder "TestBreak_Move" in the disk by means of mobile encryption ". This folder contains a folder named "high-strength folder encryption master.
When cracking, use the name "TestBr ~ 1 ", and then the files and folders can be moved out. See: