Skip to content

l01cd3v/CryptowallDropboxRecovery

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
CryptowallDropboxRecoveryLib
CryptowallDropboxRecoveryLib
 
 
.gitignore
.gitignore
 
 
CryptowallCleanup.py
CryptowallCleanup.py
 
 
CryptowallRestore.py
CryptowallRestore.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CryptowallDropboxRecovery

This repository contains the python code I created and used to recover a friend's file after they were victim of Cryptowall. It addresses a particular case where all of my friend's important files were stored in Dropbox. Because Dropbox offers free versioning to all users for a 30-day period and because my friend contacted me within a day of the compromise, I was able to restore most of the files. Note that I do not recommend the use of Dropbox as a primary backup system or protection against any cryptolocker malware. Much consideration should be taken when creating one's backup process, which is out of the scope of this project.

Installation and configuration

  1. Clone this repository
$ git clone git@github.com:l01cd3v/CryptowallDropboxRecovery.git
  1. Install the Dropbox SDK
$ pip install -r requirements.txt
  1. In your browser, connect to your Dropbox account
  2. Create a new Dropbox Core application(s)
  3. Browse to the console API at https://www.dropbox.com/developers/apps
  4. Create a new application with the following settings * Type of application: "Dropbox Core API" * Limited folder: "No My app needs access to files already on Dropbox." * Access: "All file types My app needs access to a user's full Dropbox." * Name: your application name, e.g. CryptowallDropboxRecoveryFor_YourNameHere_
  5. Edit the CryptowallDropboxRecovery/utils.py file and replace the following:
  6. YOUR_APP_KEY_HERE with the "App key" copied from the application page
  7. YOUR_APP_SECRET_HERE with the "App secret" copied from the application page

Recovery of deleted files

In order to restore your deleted files, run the CryptowallRestore.py tool. This tool iterates through all your files and folders and restores the latest, non-deleted version of your files if a corresponding ".aaa" file is found. You will be prompted to browse to the application authorization page and copy-paste the authorization code.

$ python CryptowallRestore.py

Deletion of .aaa files

After confirming that the restoration of your files was successful, run the CryptowallCleanup.py tool. This tool iterates through all your files and folders and deletes all ".aaa" files if a corresponding file exists. You will be prompted to browse to the application authorization page and copy-paste the authorization code.

$ python CryptowallCleanup.py

Author

l01cd3v

License

GPLv2: See LICENSE.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages