imgWin10NonCompatible.vhd: memory unit encrypted with BitLocker (NON compatible mode) using Windows 10 Enteprise edition OS,.imgWin10Compatible.vhd: memory unit encrypted with BitLocker (compatible mode) using Windows 10 Enteprise edition OS,.imgWin8: memory unit encrypted with BitLocker using Windows 8 Enteprise edition OS.imgWin7: memory unit encrypted with BitLocker using Windows 7 Enteprise edition OS.In the the run_test.sh script there are several attack examples using the encrypted images provided in this repo: Use -s option only if BitCracker returns several false positives. Altough this check is empirically verified and it works with the images of this repo encrypted with Windows 7, 8.1 and 10, we can't guarantee that it doesn't lead to false negatives. Note: In case of false positives you can use the -s option, that is a more restrictive check on the correctness of the final result. t, -passthread Set the number of password per thread threads d, -dictionary Path to dictionary or alphabet file s, -strict Strict check (use only in case of false positives) f, -hashfile Path to your input hash file (HashExtractor output) Then you can use the output hash file to run the BitCracker attack. The extracted hash is fully compatible with the John The Ripper format (see next Section). i, -image Path of memory unit encrypted with BitLocker The executables are stored in the build directory.īefore starting the attack, you need to run bitcracker_hash to extract the hash from the encrypted memory unit. Use the build.sh script to build 3 executables: Here we present two implementations: CUDA and OpenCL.įor CUDA implementation, you need at least CUDA 7.5 and an NVIDIA GPU with minimum cc3.5 (i.e. Our attack has been tested on several memory units encrypted with BitLocker running on Windows 7, Window 8.1 and Windows 10 (both compatible and non-compatible mode).
0 kommentar(er)
