Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

In this, the author chooses a piece of malware to describe the encryption breaking. First, we need to find a mistake. But, what does a mistake look like? Anything from weak encryption algorithms, poor key generators or server-side vulnerabilities.

The first step is identifying where the encryption is being done at. Note: There could be multiple encryption algorithms within a single binary.

A common issue is with random number generators. Some generators are indistinguishable from random noise, while others can be reversed with some effort. If the random number generator was deterministic with time, then it may be possible to figure out the seed used, which could get the key.

Weak encryption algorithms. This goes from a custom cipher that you would likely see in a CTF challenge to something like DES

List of different ransomwares vulnerabilities:

1. Weak encryption algorithm: 7ev3n, XORist, Bart
2. Mistakes in cryptography implementation: Petya
3. Weak key generator:DMA Locker, CryptXXX
4. Leaked keys:Chimera