If bitcracker_hash is not able to find the Recovery Password on your encrypted image, please open an issue or contact me hash_recv_pass.txt : the hash you need to start the Recovery Password attack modeīDE encrypted volumes could have different formats for different authentication methods.hash_user_pass.txt : if the device was encrypted with a User Password, this file contains the hash you need to start the User Password attack mode.If the execution completes correctly, bitcracker_hash produces 1 or 2 output files: check if the the original storage device hash been encrypted with an User Password or a Recovery Password.check if the image has a valid format and can be attacked by BitCracker.Then you need to run the bitcracker_hash executable on your imageEncrypted.img in order to: Sudo dd if=/dev/disk2 of=/path/to/imageEncrypted.img conv=noerror,syncĢ063597568 bytes transferred in 292.749849 secs (7049013 bytes/sec) You need to create the image of your storage device encrypted with BitLocker using, as an example, the dd command:
As a reference, you can use the following table: GPU Architecture
In order to build bitcracker_cuda coherently with your NVIDIA GPU and CUDA version, you need to modify the src_CUDA/Makefile chosing the correct SM version. Running the build.sh script generates 4 executables inside the build directory: bitcracker_hash, bitcracker_rpgen, bitcracker_cuda, bitcracker_opencl. We strongly recommend to run your attack on a GPU rather than CPU for performance reasons (see section Performance). To run the BitCracker-OpenCL, minimal requirements are any GPU or CPU supporting OpenCL (you can find some help here.īitCracker requires at least 260 MB of device memory. To run the BitCracker-CUDA, minimal requirements are: Several journals delayed the publication of our BitCracker paper (almost 3 years, with final rejection after several revisions) which explains the details of our attack, the BitLocker Drive Encryption (BDE) volume format and possible weaknesses in the encryption/decryption procedure.įinally, we published the paper here. It has been implemented in CUDA and OpenCL.
BitLocker offers a number of different authentication methods to encrypt a storage device like Trusted Platform Module (TPM), Smart Card, Recovery Password, User supplied password.īy means of a dictionary attack, BitCracker tries to find the correct User Password or Recovery Password to decrypt the encrypted storage device. BitCracker is the first open source password cracking tool for storage devices (Hard Disk, USB Pendrive, SD card, etc.) encrypted with BitLocker, an encryption feature available on Windows Vista, 7, 8.1 and 10 (Ultimate, Pro and Enterprise editions).
0 kommentar(er)
