diff --git a/README.md b/README.md index 687cad2..7169d8f 100644 --- a/README.md +++ b/README.md @@ -21,22 +21,22 @@ - Internally, the Chief Information Security Officer does not want to pay the ransom, because there isn’t any guarantee that the decryption key will be provided or that the attackers won’t strike again in the future. -Instead, we would like you to bruteforce the decryption key. Based on the attacker’s sloppiness, we don’t expect this to be a complicated encryption key, because they used copy-pasted payloads and immediately tried to use ransomware instead of moving around laterally on the network. +- Instead, we would like you to bruteforce the decryption key. Based on the attacker’s sloppiness, we don’t expect this to be a complicated encryption key, because they used copy-pasted payloads and immediately tried to use ransomware instead of moving around laterally on the network. #### Here is the background information for this script: -A Python script to bruteforce the decryption key of the encrypted file. +- A Python script to bruteforce the decryption key of the encrypted file. -Bruteforcing is the act of repeatedly trying different combinations to break the password encryption (based on either randomly generated passwords, or from a list of passwords to try). In the resource folder, we've provided a small subset of passwords from Rockyou - a widely know password wordlist that contains thousands of common passwords in one wordlist. +- Bruteforcing is the act of repeatedly trying different combinations to break the password encryption (based on either randomly generated passwords, or from a list of passwords to try). In the resource folder, we've provided a small subset of passwords from Rockyou - a widely know password wordlist that contains thousands of common passwords in one wordlist. -Ransomware will often encrypt all files on a device, and sometimes give the decryption key after the ransom has been paid (but this is not always the case!). So, we would like to break the encryption without paying the ransom. +- Ransomware will often encrypt all files on a device, and sometimes give the decryption key after the ransom has been paid (but this is not always the case!). So, we would like to break the encryption without paying the ransom. #### Resource -A foundational Python 3+ template has also been provided for you in the resource. One potential implementation is described in the code comments. +- A foundational Python 3+ template has also been provided for you in the resource. One potential implementation is described in the code comments. -Encrypted File & Bruteforce.py (Python 3+) Template has also been provided for you in the resource. +- Encrypted File & Bruteforce.py (Python 3+) Template has also been provided for you in the resource. -After, open the decrypted word doc and paste your Python code at the bottom of the doc. Upload this with Pull Request. +- After, open the decrypted word doc and paste your Python code at the bottom of the doc. Upload this with Pull Request. Python is an easy-to-learn scripting language that is often used in security research. If you want to learn more about Python to help you with this task, [visit this Python resource.](https://docs.python.org/3/library/resource.html)