Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

password discovery and decrypted filepath dstfile #842

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

federicofantini
Copy link

  • added support to password discovery during decryption
  • added support to decrypted filepath dstfile

added support to decrypted filepath dstfile
@mlodic
Copy link
Contributor

mlodic commented Feb 14, 2024

@decalage2 hey how you doing? :P

We struggled in finding the information of the correct password used to decrypt once oletools correctly decrypts the file. Plus, there was a bad message saying "All passwords failed" when it wasn't true.

May I ask if you have any plans for a new release? We would be happy to add this change in IntelOwl without the need to pin the commit.

Thank you and keep up the great work! :)

@decalage2
Copy link
Owner

Hi @mlodic and @federicofantini, this is definitely a super useful improvement, thanks a lot!
I will surely add it to the next release, that I hope to finish it soon with a number of bugfixes that are waiting in the backlog. I'm not sure exactly when it will be done, though. Probably in the coming weeks.

Copy link
Owner

@decalage2 decalage2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for this PR, it looks good. I will just make a couple changes to clarify that decrypted_filepath should be a directory and not a full file path.

@mlodic
Copy link
Contributor

mlodic commented Jul 2, 2024

any chance to have this in a new release soon? We can help doing changes in case. ty! :)

@decalage2
Copy link
Owner

Hi, I'm planning a release with new features quite soon. :-)
In this PR, since decrypted_filepath is actually a directory and not the full file path, would it be possible to rename it to decrypted_dir? This is just to avoid confusion. If you could make that change before I merge it, it would be great.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants