>Good news is that another security researcher, Benjamin Delpy, developed an easy-to-use tool called "WanaKiwi," based on Guinet's finding, which simplifies the whole process of the WannaCry-infected file decryption.
>All victims have to do is downloadWanaKiwi tool from Githuband run it on their affected Windows computer using the command line (cmd).
thehackernews.com
Is this the end of wannacry?
Other urls found in this thread:
github.com
github.com
twitter.com
I dont trust this any further than i trust facebook
>disconnect from internet in case of botnet
>run it
>remove it fully
What's it going to do? Fuck your already encrypted computer even more? Who cares?
Plant a file on a timer
Do exactly as advertised
A month later the guys own ransom ware takes over
only works for xp?
>thehackernews.com
I know for a fact that this website is NOT good.
HOWEVER
I did check out the github page and here it is
github.com
I do not know C language
You need to run it before you restart/turn off and before any other program claims the RAM that wannacry free'd up (but didn't clear).
There is a version that works on 7/8/8.1 but NOT 10
>CryptDestroyKey and CryptReleaseContext does not erase the prime numbers from memory before freeing the associated memory
So the kiddies behind Wannacry are about as skilled as the average Sup Forums "programmer". That's the kind of silly oversight I'd make
Windows 10 was not affected by WannaCry because Windows 10 does not use SMB1 by default. Plus Windows 10 machines were forced to install security patches months ago.
>New decrypter tool is released
>Cycle is repeated
>Windows 10 does not use SMB1 by default
It was enabled in programs and features on my Windows 10 installs. Maybe only on some it's disabled by default.
>Implying you wouldnt save the files you need and wipe the computer and reinstall everything.
smb1 is enabled by default on windows 10. people keep saying other otherwise though.
Thats not how encryption works pal
>ran the decryptor tool
>its now demanding pictures of my penis as payment
>>disconnect from internet in case of botnet
>>run it
>encrypted files get encrypted again
>mfw I now have to pay two people to get my files back
Too bad you had it turned inside out.. how every will you get your files back now?
>All victims have to do is downloadWanaKiwi tool from Githuband run it on their affected Windows computer using the command line (cmd).
>using the command line (cmd).
welp, guess how many normies aren't having their files decrypted?
With any luck someone will release a tool for that
>decryption tools all the way down
>I now have to pay two people to get my files back
>Its a tool that tries to fetch keys from the malware memory
So its only useful if you run the thing along the malware and only if you haven't rebooted once since encryption
Or, instead of trying to undo the damage done by untrusted application x by running untrusted application y you can just restore the infected PCs with their last good image and restore data from backups.
This is piracy
you have to properly support the industry
Or just backup all your data somewhere right now and format your HDD when/if infected?
>download a ransomware decryptor
>open elevated cmd to execute it
>it already has been encrypted
t-thanks, at least I can chC:\ from my windows liveusb