2

I have imaged a hard disk and used passware, but to no avail - it says Encryption key External key, and not the actual key.

How do you think I would go about brute forcing it? Lets assume I had infinite time, what software(s) could I use for this?

Im quite interested in the concept and would like to test it on a drive I locked with TPM and a PIN, so any pointers from here would be useful and much appreciated.

Thanks in advance...

QuickishFM
  • 156
  • 1
  • 1
  • 7

3 Answers3

1

Well you have to brute-force the 48 character recovery key (https://blogs.msdn.microsoft.com/si_team/2006/08/10/bitlocker-recovery-password-details/)

As I remember it visually shown when 6 character sub-key is successfully entered so I guess it is possible but if there are tools available I'm unaware of.

Good luck

Niklas Adolfsson
  • 19
  • 3
  • Thanks for that info - do you know specifically what software I could use to automate this for me? I.e. Passware Kit forensic supports Hardware Acceleration, but for unknown reasons its not working for me.. – QuickishFM Jun 25 '16 at 21:07
  • The visual notification is based on a simple checksum (I believe it had something to do with sums of alternating digits matching or something) to help prevent typos, it does not store any partial key data that can be used to crack the key. Actually, the details for it are in that page you linked. It checks for divisibility by 11. – user Mar 26 '21 at 14:06
1

You can use bitcracker. This tool was developed for that, for brute forcing BitLocker recovery key or user password.

Bitcracker performs a dictionary attack, so you still need to create a list of possible recovery keys. And you should be careful with creating such kind of list because there are special conditions for recovery key (look through this paper, chapter 5.4, for details or Microsoft documentation).

Katya Tyshko
  • 11
  • 1
0

https://docs.microsoft.com/en-us/archive/blogs/si_team/bitlocker-recovery-password-details

says

When a user is entering the key, we accept it 6 digits at a time, and then check to see if the number they just entered is exactly divisible by 11. If it is then we know it might form part of the key - if it doesn't then we know for sure it isn't a valid block. This guards against swapped digits, mis-entered numbers, etc, and we can safely report the entry error to the user.

But does this check reduce the amount of work an attacker would have to do to brute force the underlying key? Consider that when we check a group of digits we aren't saying that they are the 'correct' group for that location in the key - merely that they could be a correct group, as they are divisible by 11.

Its just to help the user that its probably the correct sequence, it could still be wrong.

Hunter
  • 1