Differences

This shows you the differences between two versions of the page.

--- john:OpenCL-BitLocker [2017/12/19 10:41]
elenago [User Password authentication method]
+++ john:OpenCL-BitLocker [2024/11/09 04:35] (current)
solar [Step 3: Attack!] Sync with today's README.BitLocker update
@@ Line 22: / Line 22: @@
 </code>
-To find the correct Recovery Password, see [[#Step 2: Extract the hash|Step 2: Extract the hash]]).
+To find the correct Recovery Password, see [[#Step 2: Extract the hash|Step 2: Extract the hash]].
 For further details, see also [[https://docs.microsoft.com/en-us/windows/device-security/bitlocker/bitlocker-recovery-guide-plan|Microsoft docs]].
@@ Line 69: / Line 69: @@
 As shown in the example, it returns 4 output hashes with different prefix:
-  * If the device was encrypted using the User Password authentication methods, bitlocker2john prints those 2 hashes:
+  * If the device was encrypted using the User Password authentication method, bitlocker2john prints those 2 hashes:
     * $bitlocker$0$... : it starts the User Password fast attack mode (see [[#User Password authentication method|User Password Section]])
     * $bitlocker$1$... : it starts the User Password attack mode with MAC verification (slower execution, no false positives)
@@ Line 80: / Line 80: @@
   * https://github.com/kholia/libbde/tree/bitlocker2john/samples
-==== Cracking Process ====
+===== Step 3: Attack! =====
-Use the BitLocker-OpenCL format specifying the previous hash:
+Use the BitLocker-OpenCL format specifying the hash file:
 <code>
 ./john --format=bitlocker-opencl --wordlist=wordlist target_hash
 </code>
 Currently, this format is able to evaluate passwords having length between 8 (minimum password length) and 55 characters (implementation reasons).
-We will increase the max passwords size in the next release.
-Samples of User Password/Recovery Passwords dictionaries you can user are available here: https://github.com/e-ago/bitcracker/tree/master/Dictionary
+To avoid wasting compute resources, choose just one hash for this attack - either $bitlocker$0$... or $bitlocker$1$...
+===== Recovery Passwords (but you're out of luck cracking these, so just don't) =====
+The mask you can use to generate Recovery Passwords is:
+<code>
+--mask=?d?d?d?d?d?d-?d?d?d?d?d?d-?d?d?d?d?d?d-?d?d?d?d?d?d-?d?d?d?d?d?d-?d?d?d?d?d?d-?d?d?d?d?d?d-?d?d?d?d?d?d
+</code>
+Please note that the number of possible Recovery Passwords is **way** too large, so there's effectively **no chance** that this will find yours unless you recall almost all of it (except for just a handful of digits) and replace most of the "?d" above with the known digits.
+Recovery Passwords are currently only supported by the BitLocker-OpenCL format (for use on GPUs), not by the corresponding BitLocker CPU format, but like the above paragraph says it's a controversial feature anyhow, which is unlikely to ever help.
+To avoid wasting compute resources, choose just one hash for this attack - either $bitlocker$2$... or $bitlocker$3$...
+Samples of User Password/Recovery Passwords dictionaries you can user are available here: https://github.com/e-ago/bitcracker/tree/master/Dictionary
 ===== Output =====
@@ Line 107: / Line 121: @@
 </code>
-This OpenCL implementation has been tested on a GPU GeForce Titan X (Openwall), GPU AMD Radeon HD 7990 Malta and an Intel Core i7 Kaby Lake CPU.
+This OpenCL implementation has been tested on a GPU NVIDIA GeForce Titan X (Openwall), GPU AMD Radeon HD 7990 Malta and an Intel Core i7 CPU.
-For additional performance discussions, see https://github.com/e-ago/bitcracker#performance
+For additional information about performance, see https://github.com/e-ago/bitcracker#performance
 ===== Updates and changelog =====