WANNACRY Ransomware possible free Decryption solution Idea.

Everyone is talking about the WANNACRY Ransomware outbreak that has impacted the Microsoft windows Machines using Exploit MS17-010 

All security Professional are discussing how does it impact the infected PC’s and all the details analysis of how he does it spread and what files it encrypts

but one report got me really interested and drove me to think of an Idea of how to get ride of this Encryption

Most of the security Experts are talking about how to stop it but it is too late

now how to decrypt the infected PC’s

in the analysis of bleepingcomputer.com

When you click on the Check Payment button, the ransomware connects back to the TOR C2 servers to see if a payment has been made. Even If one was made, the ransomware will automatically decrypt your files. If payment has not been made, you will see a response like the one below.

Payment not made Response
Payment not made Response

Main Idea :-

if we manged to sniff the network communication to that tor Server address and get back Payment confirmation message received by the Ransomware client.

We can then create a fake server that sends the same confirmation message

direct the clients to talk to this server instead of the Hackers server

Volla.. use his own code against him..

this is somehow similar to what hackers used to do earlier to over come the windows activation

they used to  build fake activation server that would trick the Windows into thinking it is activated

The Idea is to trick the Ranmsomware into thinking a payment has been made

This is a thought but needs some further study to make it true

anyone interested to join the study or have any additional thoughts are welcome to share


About Me

About Me

Program Manager at Cisco Systems

Diaa Has been in business for 18 years building a diversified experience in private and multinational companies.

He is competent in leading the way of implementation until achieving desired results. During his career, He held different functions including Technical Engineering, team leading, Project Management, and business consultancy.

Diaa has worked in the following companies.

  • Cisco Systems: Among his 6.5 year, working as Program Manager in the Enterprise Services team as part of Cisco Global PMO in KSA responsible for some of the key Customers, managing projects contributing to 45% of the Enterprise team revenue in KSA while maintaining the customer satisfaction and increasing project profitability with average of 147%
  • Microsoft Egypt: Among his 1 years serving as Technical Account Manager whereby he was responsible for 13 Premier account with 30 % of the premier revenue in Egypt, he managed to grow the revenue of those accounts to 210% while increasing the customer satisfaction index from 80% to 95% also he managed to help his customers to increase the stability and maturity of their IT organizations correctly utilizing Microsoft premier service and maximize their benefit from it.
  • IBM Egypt: Among his 1 years serving as Software Delivery Manager whereby he was responsible for the E-Gov Program he managed to successfully reach closure in 2 of the most complex projects that has been opened for 3 years while managing 5 others project and contributing in the proposal cycle for software proposals
  • RAYA Integration: Among his 3 years serving as Project Manager whereby he was a PM for the banking sector Projects responsible for 22% of the revenue of RAYA Project while he helped in shaping RAYA PM Organization as a Member of multiple Internal Committees
  • Siemens Egypt: Diaa Spent 6 years in Siemens working up from technical Engineer to Technical Service Manager gaining Technical and Management Experiences

View Diaa Hussein's profile on LinkedIn


No-IP Dynamic DNS Provider Update script for linux – no client

I am sharing this script I did to update my hosts on www.no-ip.com

if you are on WDMycloud V4.X

Install DNSUtil from my repos

copy and past the following into noip.sh

* change USERNAME : PASSWORD with your noip username and password

* change HOSTNAME with the name of the host you want to update or the group you want to update

Ctrl +x then Y – enter

now set the script to run every 30 Min to check if update is needed by crontab

add the following entry to crontab

* the script automatically chick if update is needed it send the update to no-ip if the ip-address has not change then it skip the update

full log can be found in /shares/logs/noip.log


WD Mycloud

This is the link to my mirror for 

I have also included the latest sid Repository from Fox_exe and some packages that I have compiled for WDMycloud V 4.x firmware with PageSize=64k

The Repository has 3 containers

main is compiled by Fox_exe based on wheezy

sid is compiled by Fox_exe based on sid

Jessie is compiled by myself based on jessie

to add the the Repository

SSH to your WDmycloud and run:

Then – you can run apt-get update and install software.

you can view and search for the available packages from this index here ( you can also download individual packages if you wish – click on the package to download it or wget it ) the main thing is the search feature

WARNING: This software only for official v4 .X firmware (Kernel/Software with PageSize=64k)!

all packages are compiled directly from the official Debian repository

Warning : Use it on your own Risk


Automatic Full Backup for WDMycloud – tested on firmware V4.X

I like playing and changing images and software on my WDmycloud

So I found it usefull to  keep a full backup of my latest working image

Here is what you need to do

ssh to your wdmycloud IP then

create a new file called backup.sh

copy the following to the nano editor

click Ctrl+x then y to save your file

make the patch executable

make a test backup to make sure that your script is functioning correctly

schedule the batch to run automaticaly

I have scheduled it to run every 2 days at 7 AM ( feel free to change the schedule based on your need )

copy the below line to the crontab file

click Ctrl+x then y to save your file

you can check the status of your backups and the backup execution by viewing the backup.log at /shares/wdcurrent/backup.log


View@Business: Management Do / Management Don’t

Tip #4

Managers Don’t act on ad-hoc bases
Always respect your Subordinates time and plans and schedules
Managers Do Plan their requests from their subordinates
this is to help them satisfy your needs without being always stressed and unorganized it will also give you the quality you need and minimize the mistakes

Tip #5

Managers Don’t Play Solo
Solo Players never build a career in the Business
Managers Do  believe in team work and encourage open communications
Always ask for feedback from your subordinates you will be surprised how much fresh idea’s and out of the box enhancement idea’s you can get out of those discussion it is never a waist of time

Tip #6

Managers Don’t Take the spot light
you are good because those subordinates were good enough to help you achieve what you want, you are the mastermind but they are the hands that made this possible
Managers Do  acknowledge the achievements of their subordinates to in the team and with the top management
when your team is really good this is your true success because it will mean not only you can plan but you can also execute what you have planned in the reality ground . you have transfered yourself into the leader position where you can inspire people to get the best out of them

To Be Continued ……. 

* Remember : You are a Manager because you have more experience and larger vision than your Subordinates with this management role comes responsibility to transfer this knowledge and experience to your subordinates

* Remember : A manager is as good as his Subordinates are if they are a failure then you are

* Remember : There is nothing called a bad employee there is always a bad manager that can not couch and utilize his employees in the best way


Project Server 2007 : Commands and options Menu in the portfolio analyzer

How to re-enable the commands and
options in the portfolio analyzer after getting it switched off

The problem is that when you switch the commands and options off you
can not edit your view anymore and you will have to create a new view
as so many people have done before

Microsoft are using XML to describe pivot this XML is stored in the
Through this XML you can change anything in the pivot characteristics
You can change the “field caption”, field format, enable or disable
the “commands and options”
Even change the data source of your pivot without the need to re-build
the pivot back again “very helpful if you want to create multiple
similar views that reads from referent cubes (DATA SOURCE) ”

To get this XML you will need access to both your DATABASE server and
Application server

1. Open the SQL profiler and make it ready for the capture -“but do
not start capturing yet or you will get a huge log”
2. Open the EPM web interface and login with an account which has an
administrative privilege
3. Select Admin
4. Select manage views
5. Choose to modify the view which the “commands and options” is
disabled on and you want to re-enable it back
6. After you open this view for modification
7. Go back to the SQL profiler and start capturing
8. Go back to the WEB view and choose to save the view
9. Switch back to the SQL profiler and stop the capturing
10. Scroll up until you find an entry starts with this

This entry will be very long
11. Copy this entry out to a notepad and delete this line

12. Open the query analyzer and paste the edited text into it and then
run the query it shall give you an output that 1 raw is effected

You are done; The “Commands and options” is enabled again

* Caution: each view has its own XML file identified by the VIEW_ID
which is the last number in the SQL entry (XML file) in this example
it is 130
Do not change this number or you will end up editing another view and
you might miss the view up

If you want to change any field property, Search for the field name
and start editing
And paste it in the query analyzer and you are done

Ms Project 2007 How to switch on commands and options menu in- portfolio analyzer