+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Bitlocker: TPM + Pre-Boot Pin (/thread-10273.html)
Bitlocker: TPM + Pre-Boot Pin - Sondero - 08-16-2021
Hello,
is there any possible way to attack a device with (Bitlocker) TPM+Preboot-Pin encryption ?
I took a physical image, but bitlocker2john doesnt give me a hash, and Passware also wouldn’t give me the option for a wordlist attack (only with memory dump, but i dont habe a dump or decrypted hiberfile.sys)
Thank
Best regrads
Sondero
RE: Bitlocker: TPM + Pre-Boot Pin - Lars - 08-16-2021
There's no human entered password-hash to attack as the encryption keys are stored in the TPM and are released with the PIN.
RE: Bitlocker: TPM + Pre-Boot Pin - DanielG - 08-16-2021
You probably need a hardware attack like described on https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network
RE: Bitlocker: TPM + Pre-Boot Pin - Sondero - 08-16-2021
If i understand it correct, this attack only works if there is no pre-autentification needed
RE: Bitlocker: TPM + Pre-Boot Pin - DanielG - 08-17-2021
Ah I see, you are right, the PIN requirement prevents this attack.