Breakthrough in the domestic encryption file lock software generic approach-vulnerability warning-the black bar safety net

ID MYHACK58:6220069084
Type myhack58
Reporter 佚名
Modified 2006-05-15T00:00:00


Information source: evil octal information security team Article author: SunLion[EST]

Remember I'm in the EST Forum hair turned a stick: [Reprint]the encryption of the tragedy with caution on the market of folder encryption software

Domestic vast majority of so-called encryption software, basically as the principle! As long as it does not encrypt the data, then we would have to break their based on the. To deal with this encryption software, we have a breakthrough in their General method, that is, by some data recovery software, put them to“delete”the data through recovery, you can break these so-called file encryption lock killed it! (Would say the basic are finished, the following is the fee words, the master can skip the game!

Example: Test software: high strength file encryption master 8000VII Data recovery software: FinalData Enterprise 2.0 Environment: windows XP Pro sp2

Installed the above software, the following start: In the F:\download folder under the establishment of a text. txt file as shown in Figure 1. The 1 ! Below we put F:\download folder lock(Fig 2) 2 ! Encrypted file: as in Figure 3 3 ! If at this time open the download folder you must enter the password before you can access. As Figure 4 4 !

In fact, this software has a process SVOHOST. EXE process, which the download this folder into the download. the mem file, in the file Association, we see that. mem open files with this app open, in fact we can not ignore it. You see, after I posted the[reprint]the encryption of the tragedy with caution on the market of folder encryption software should be understood that domestic of these so-called encryption software for the so-called encrypted, the fact and does not encrypt files, but for a“simple hidden”, right this we have to break it. Below we run DinalData:(Figure 5) 5 !

Then file-on Open-of select encrypted file where the disk I here is in the F disk, and then point to determine: such as Figure 6 6 ! If the time is too long, we're less like a few minutes we can point to cancel it to make it search finished the best):(Figure 7)

7 ! As you can see there is no, in the root directory and deleted the directory below we have all seen the download this folder, inside there are two? In fact I do demos before do the research yourself, this presentation is the second, so will see two, if you are a first time, then, to see should be in the root directory and deleted the directory under each one. Point the download directory, is not seen the TEST. The TXT file? Well, the right point to restore, select the D drive not restore to the F drive Oh):(Figure 8) 8 !

Then point, save, 来到D盘看看是不是有了TEST.TXT? Saw the picture of it, not so that we can break these so-called what high-strength encryption software? As Figure 9 9 !

So far, our test work all over.