BitLocker: need a key but I never installed it
HarlockP4 opened this issue · comments
Hi all,
I've a problem with bitlocker, that is this one:
https://www.dell.com/community/Windows-10/BitLocker-need-a-key-but-I-never-installed-it/td-p/6019486
I tried any of the suggested tips but none of them worked for me.
This is a laptop from a friend of mine and the problem raised up after a DELL update that included an update of the BIOS, that generated the problem.
We triend to reflash the BIOS and check what suggested here:
No way to bypass or retrieve the recovery key.
So I gave a go to bitcracker through Bitlocker2John and I was able to find out an hash:
Signature found at 0x76dfd1db1c
Version: 0
Invalid version, looking for a signature with valid version...
Hash type: Recovery Password fast attack
$bitlocker$2$16$4b21696d29d29e7cb1507f378c8a9470$1048576$12$20989b195717d7018b000000$60$ce0f388d0f292ffe297e453672161c772c87f0eddd73e346494a450a357ecd7f304e4876a7fd2b74bd0565df620680d5403aacbb20768c7070712718
Hash type: Recovery Password with MAC verification (slower solution, no false positives)
$bitlocker$3$16$4b21696d29d29e7cb1507f378c8a9470$1048576$12$20989b195717d7018b000000$60$ce0f388d0f292ffe297e453672161c772c87f0eddd73e346494a450a357ecd7f304e4876a7fd2b74bd0565df620680d5403aacbb20768c7070712718
the second step now is to run the attack like:
john.exe --format=bitlocker-opencl --mask=?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d hash_to_crack.txt
the problem is that they key space is 1.0E48 so I don't think that is doable in a resonable time.
I was wondering if you can suggest me some tip or there is another way to access this hard drive.
A recovery data company asked to my friend 1000€ for the work so I'm wondering what kind of attack they gonna run too
Thanks for any reply or support