Return to site

Bitlocker Recovery Key Generator Free Download

broken image


A mono-GPU password cracking tool

The BitLocker recovery key is a special key that you can create when you turn on Bitlocker Drive Encryption for the first time on each drive that you encrypt. The recovery key is what enables Bitlocker to recover things for you when you forgot your BitLocker password. Nov 13, 2019.

It is designed to protect data by providing encryption for entire volumes, using by default AES encryption algorithm in cipher block chaining(CBC) or XTS mode with a 128-bit or 256-bit key.

BitLocker can use three authentication mechanisms in order to implement encryption:

  • Transparent operation mode: This mode uses the capabilities of TPM 1.2 hardware to provide for a transparent user experience: the key used for disk encryption is encrypted by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified.
  • User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in the form of a pre-boot PIN or password.
  • USB Key Mode: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS.

BitCracker is a mono-GPU password cracking tool developed only for volumes encrypted with the password authentication mode.

Our attack has been tested on several memory units encrypted with BitLocker running on Windows 7, Window 8.1 and Windows 10 (both compatible and non-compatible mode).

How to build BitCracker

From Github page:

Use the build.sh script to build 3 executables:

  • hash extractor
  • BitCracker CUDA version
  • BitCracker OpenCL version

The executables are stored in the build directory.
Before starting the attack, you need to run bitcracker_hash to extract the hash from the encrypted memory unit.

The extracted hash is fully compatible with the John The Ripper format.

Then you can use the output hash file to run the BitCracker attack.

In the the run_test.sh script there are several attack examples using the encrypted images provided in this repo:

  • imgWin7: memory unit encrypted with BitLocker using Windows 7 Enteprise edition OS
  • imgWin8: memory unit encrypted with BitLocker using Windows 8 Enteprise edition OS
  • imgWin10Compatible.vhd: memory unit encrypted with BitLocker (compatible mode) using Windows 10 Enteprise edition OS,
  • imgWin10NonCompatible.vhd: memory unit encrypted with BitLocker (NON compatible mode) using Windows 10 Enteprise edition OS,
  • imgWin10CompatibleLong27.vhd: memory unit encrypted with BitLocker (compatible mode) using Windows 10 Enteprise edition OS using the longest possible password (27 characters)

Currently, BitCracker is able to evaluate passwords having length between 8 (minimum password length) and 27 characters (implementation reasons).

BitCracker doesn't provide any mask attack, cache mechanism or smart dictionary creation; therefore you need to provide your own input dictionary.

More information and downloads

References

BitLocker is a full disk encryption feature included with selected editions of Windows Vista and later version. It is designed to protect your data as well as help protect against the unauthorized changes to your system.

What is BitLocker recovery?

BitLocker recovery is a process to restore the data on a corrupted BitLocker drive when unlocking the drive doesn't work. BitLocker recovery process requires the password or 48-digit recovery key to decrypt the data from the drive.

Storage options for 48-digit BitLocker recovery key

A txt file, USB drive, physically printed, Microsoft account or Azure Active Directory account can store BitLocker recovery key. Learn how to find lost 48-digit recovery key.

M3 BitLocker Recovery is a BitLocker recovery tool to recover lost files from BitLocker encrypted drive after providing password or 48-digit recovery key.

Unlike common data recovery, BitLocker data recovery requires intact BitLocker metadata and the password or 48-digit recovery key to decrypt data.

Data drive: The password and 48-digit recovery key are required to decrypt data from the BitLocker encrypted drive.

OS drive: 48-digit recovery key is the only way to decrypt the data due to trusted platform module. After the BitLocker encrypted computer or Surface failed/crashed, M3 Data Recovery WinPE bootable media can rescue your data easily.

Remove Bitlocker Without Recovery Key

Password and 48-digit recovery key are not working. When BitLocker metadata is intact, M3 BitLocker Recovery can recover data after providing password & 48-digit recovery key.

Physical damage. The hardware issue is beyond any data recovery software. In this case, please send the physically damaged BitLocker drive to a local professional for data recovery help.

Bitlocker Recovery Key Generator Free Download Free

BitLocker metadata corruption. The BitLocker metadata was used to store the password and 48-digit recovery key when encrypting the drive. Sometimes, the area on the disk which holds BitLocker metadata was severely damaged or overwritten. In this situation, the lost data cannot be decrypted even if you have the correct password and recovery key.

Password and 48-digit recovery key are lost or unknown. M3 BitLocker Recovery won't break into your BitLocker encrypted drive if you lost the password and 48-digit recovery key. This is as much of a policy issue as it is a technological limitation. Maybe the 3rd-party BitLocker password brute-force cracking tool can recover the forgotten BitLocker password by running a attack.

Data recovery varies and is a complicated case, we highly suggest you try M3 BitLocker Recovery before purchasing.

Tips: M3 BitLocker Recovery Technician has been integrated into M3 Data Recovery Technician.

Have the password or 48-digit recovery key, find the data recovery solution as below:

BitLocker encrypted drive not accessible

When BitLocker encrypted drive is not accessible, you have to find a BitLocker recovery software, such as M3 BitLocker Recovery. This BitLocker recovery tool can recover lost data from a corrupted, failed, inaccessible, damaged BitLocker encrypted drive, etc.

Tutorial:How to recover lost data from an inaccessible BitLocker encrypted drive?

Formatted BitLocker encrypted drive by mistake

If BitLocker drive is formatted by Windows 7/8/10 built-in format tool, formatting has damaged BitLocker metadata so that lost data cannot be recovered. If you formatted BitLocker drive through other operating system or other method, try M3 BitLocker Recovery Trial to recover lost data.

Tutorial:How to recover lost data from a formatted BitLocker encrypted partition?

Deleted or lost BitLocker encrypted partition

As a BitLocker partition recovery software, M3 BitLocker Recovery can find the deleted or lost BitLocker encrypted partition and recover data.

Free

Tutorial:How to recover lost data from a deleted/lost BitLocker encrypted partition?

If M3 BitLocker Recovery doesn't find the deleted/lost BitLocker encrypted partitions, please contact [email protected] for further analysis.

BitLocker encryption/decryption interrupted, failed

After BitLocker encryption interrupted/stuck or BitLocker decryption failed, frozen, you cannot unlock that BitLocker drive. To access the data, you have to use a BitLocker drive data recovery software: M3 BitLocker Recovery to recover data.

Tutorial:How to recover lost data after a BitLocker drive encryption interrupted?

Don't have the password or 48-digit recovery key, find BitLocker recovery solution as below:

If you don't have the correct password or 48-digit recovery key, M3 BitLocker Recovery won't break into your BitLocker drive. In this situation, maybe the 3rd-party professional BitLocker password recovery tool can recover the forgotten BitLocker password. Refer to: How to unlock BitLocker encrypted drive without password and recovery key?





broken image