OpenCL BitLocker

BitLocker is a full-disk encryption feature available in recent Windows versions (Vista, 7, 8.1 and 10) Pro and Enterprise.
We released the OpenCL version of our crack as a plugin for John The Ripper Jumbo version.
BitLocker-OpenCL format attacks memory units encrypted with the password authentication mode of BitLocker (see the following picture).

Our attack has been tested on several USB pendrives encrypted with BitLocker running on Windows 7, Window 8.1 and Windows 10 (both compatible and non-compatible mode).
You can find the standalone CUDA implementation here:

How To

In order to use the BitLocker-OpenCL format, you must produce a well-formatted hash of your encrypted image.

Method 1

Use the included bitlocker2john tool to extract hashes from the password protected BitLocker encrypted volumes.

$ ../run/bitlocker2john minimalistic.raw
Signature found at 0x00010003
Version: 8
Invalid version, looking for a signature with valid version...
Signature found at 0x02110000
Version: 2 (Windows 7 or later)
VMK entry found at 0x021100b6
Key protector with user password found

Method 2

First, build the “bitlocker2john” ( project from source. See for help. Second, use the built bitlocker2john project to extract hash(es) from the encrypted BitLocker volume.

$ fdisk -l bitlocker-1.raw
Disk bitlocker-1.raw: 256 MiB, 268435456 bytes, 524288 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xfd0b8218

Device           Boot Start    End Sectors  Size Id Type
bitlocker-1.raw1        128 518271  518144  253M  7 HPFS/NTFS/exFAT

128 (Start) * 512 (Sector size) => 65536 => volume offset

$ ./bdetools/bdeinfo -o 65536 bitlocker-1.raw -p dummy
bdeinfo 20170204


For more help with bitlocker2john, see the following URLs,

Cracking Process

Start John BitLocker-OpenCL format, specifying the previous hash:

./john --format=bitlocker-opencl --wordlist=wordlist target_hash 

Currently, BitCracker is able to evaluate passwords having length between 8 (minimum password length) and 27 characters (implementation reasons). We will increase the max passwords size in the next release.

Samples BitLocker images for testing are available at


We tested our final OpenCL solution on a GeForce Titan X, Maxwell architecture (Openwall). An output example is:

./john --format=bitlocker-opencl --wordlist=wordlist hash
Device 0: Tesla K80
Using default input encoding: UTF-8
Loaded 1 password hash (bitlocker-opencl [SHA-256 AES OpenCL])
Note: minimum length forced to 8
Press 'q' or Ctrl-C to abort, almost any other key for status
password@123 (?)

References, license and contacts

BitCracker OpenCL version developed by Elenago <elena dot ago at gmail dot com> in 2015
Copyright © 2015-2017 Elenago and Massimo Bernaschi (National Research Council of Italy), <massimo dot bernaschi at gmail dot com>
Licensed under GPLv2

You can find the standalone CUDA implementation here:
This is a research project; for any additional info or to report any bug please contact <elena dot ago at gmail dot com>

john/OpenCL-BitLocker.txt · Last modified: 2017/09/06 10:48 by elenago
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux Bookmark and Share