Bitlocker
#11
I am sorry Snoopy, but b8vr is right.

In order to crack the recovery key, you'll need to use the mask ?d?d?d?d?d?d- and so on.
The - is included.
So that is 6 times 8 digits, seperated by 7 times a -. It gives a total of 55 characters to crack.

As the official Microsoft documentation states, each part of the recovery key needs to be dividable by 11. I believe someone on github made a script one day to optimise the mask for this, but the conclusion was that the keyspace at the end is still waaay too large.

You can easily test and validate it by yourself by creating a small VHD which is Bitlocker-protected.
Here's an example of my test-container, where I use a mask attack on a Bitlocker recovery-key hash.

Code:
$ ./run/john BITLOCKER.hash --format=Bitlocker-opencl --mask='023199-166826-414744-661628-228943-116941-315436-4617?d?d'

Device 1: NVIDIA GeForce GTX 1080
Note: This format may emit false positives, so it will keep trying even after finding a possible candidate.
Using default input encoding: UTF-8
Loaded 1 password hash (BitLocker-opencl, BitLocker [SHA256 AES OpenCL])
Cost 1 (iteration count) is 1048576 for all loaded hashes
Note: Minimum length forced to 8 by format
LWS=32 GWS=2560 (80 blocks)
Press 'q' or Ctrl-C to abort, 'h' for help, almost any other key for status
Warning: Only 100 candidates buffered, minimum 2560 needed for performance.
023199-166826-414744-661628-228943-116941-315436-461758 (?)
Reply
#12
i was not aware of the fact divideable by 11, but never the less its still to many combinations because it is the power of 8, regardles the - as fixed positions

when b8vr is right, asking why can't the number be greater than 720896?, is there a paper on that? it is stil 65536^8 = 3,4028236692093846346337460743177e+38 combinations
Reply
#13
(01-25-2024, 07:24 PM)Snoopy Wrote: i was not aware of the fact divideable by 11, but never the less its still to many combinations because it is the power of 8, regardles the - as fixed positions

when b8vr is right, asking why can't the number be greater than 720896?, is there a paper on that? it is stil 65536^8 = 3,4028236692093846346337460743177e+38 combinations

The reason for the 65536 can be found in the way the recovery key is calculated. Each group of the in all 8 groups consists of 2 bytes. This means the largest number in hex is limited by FF FF = 65535. Including 00 00, that gives 65536. That times 11 gives 720896.
Reply