Posts: 1
Threads: 1
Joined: Mar 2023
I have fortunately saved the Bitlocker Recovery Key and can access my files. But those files are protected by the same password I had set from the Bitlocker drive. Is there a way to get the plain text password by using the recovery key?
Posts: 385
Threads: 1
Joined: Aug 2020
03-02-2023, 12:47 PM
(This post was last modified: 03-02-2023, 12:48 PM by marc1n.)
You can use bitcracker. This tool was developed for that, for brute forcing BitLocker recovery key or user password.
Bitcracker performs a dictionary attack, so you still need to create a list of possible recovery keys. And you should be careful with creating such kind of list because there are special conditions for recovery key (look through this paper, chapter 5.4, for details or Microsoft documentation).
https://github.com/e-ago/bitcracker
Posts: 120
Threads: 1
Joined: Apr 2022
(03-02-2023, 12:47 PM)marc1n Wrote: You can use bitcracker. This tool was developed for that, for brute forcing BitLocker recovery key or user password.
Bitcracker performs a dictionary attack, so you still need to create a list of possible recovery keys. And you should be careful with creating such kind of list because there are special conditions for recovery key (look through this paper, chapter 5.4, for details or Microsoft documentation).
https://github.com/e-ago/bitcracker
When cracking on the user password, does bitcracker have any performance gains compared to hashcat?
Posts: 120
Threads: 1
Joined: Apr 2022
03-02-2023, 10:02 PM
(This post was last modified: 03-02-2023, 10:07 PM by b8vr.)
(03-02-2023, 09:19 AM)lithensa Wrote: I have fortunately saved the Bitlocker Recovery Key and can access my files. But those files are protected by the same password I had set from the Bitlocker drive. Is there a way to get the plain text password by using the recovery key?
No. You can't use the recovery password to fetch the user password in any way. The opposite is possible, though. If you're locked in with the user password, you can use manage-bde.exe to get the recovery password. Not so interesting in your case though.
But..... your Windows user password can be cracked a lot easier once you're logged in. You can retrieve the NTLM hash for your user and crack on that. That will allow you to try millions of candidates per second, where a bitlocker hash only allow a few per second (depending on available GPU's of course).