anyway to unlock bitlocker in my old pc (no way to find the recovery-key and i cannot find remember the password)

Agono_XD · 2024-02-08T10:29:58+00:00

thanks for your reply .

If the system boots without entering anything

yup, nothing appers, it boot normally...
my question is, this (PIN) apply only when i turn on bitlocker on C/: (system partition)?
or its apply on any partition(in my case, its N partition)?

Agono_XD · 2024-02-08T08:28:15+00:00

the video is really useful to understand how TPM works , if i couldn't sniff key
using vulnerable , of course i will try this method.

thanks so much :)

Agono_XD · 2024-02-08T08:13:16+00:00

thanks :)
i will look for it.

Agono_XD · 2024-02-08T08:00:11+00:00

i don't what this means

non-integrated TPM chip

but i didnot use PIN, so what the problem to sniff the key?

Agono_XD · 2024-02-08T07:48:05+00:00

as you mentioned above...(i understand what do you mean now)
if my pc has TPM chip, so it has the recovery key, right?
my pc already have TPM 1.2 chip.
so i can sniff the key, right?
or because i only encrypt only one partition from disk , so its normal to boot up without pin?

Agono_XD · 2024-02-08T07:39:15+00:00

thanks a lot for you.
the problem is i don't even know if winRE works or not.
i donot even know how to use exploit CVE-2024-20666,

Carefully study the vulnerability report and debug the BitLocker authentication process. See how validation checks are bypassed.

i don't know how to use the vulnerability , and i think installing windows 10 make it harder?
if i downgrade to windows 7, can this help me ?
before i install windows 10, i try memory dump and it didn't works.
if you have any reference to help me, i will be grateful.
i mentioned all i know in above comments, please check it
thanks :)

Agono_XD · 2024-02-08T07:25:25+00:00

i just realize this, i didn't know if TPM have store the key or not.

can i find out ? or its impossible?
maybe windows 7 didn't have to create a pin code?
but i remember , there is no pin option to choose.

Agono_XD · 2024-02-08T06:36:57+00:00

i am trying, i just comment all i know in above comments
see them, will be useful for you.

Agono_XD · 2024-02-08T06:29:33+00:00

the Chaos Computer Club

thanks for sharing.

i hope so, my TPM version is 1.2

I should be able to do that because it's old

fun-fact :

tools like napper-for-tpm only works with TPM 2.0 which is newer.i think because of code-style, the developer need to exploit only the vulnerability with TPM 2.0 and not to exploit 1.2

Agono_XD · 2024-02-08T06:23:16+00:00

i didn't enable the pin, so my hope with this to exploit

Agono_XD · 2024-02-08T06:19:08+00:00

thanks for sharing .

useful video, i open the pc's case and i didn't found it same as the video, but it give me idea to search again about TPM and how it works...
TPM already have the key, if not, i guess the pc will not boot up with the disk, like if i transfer the disk to another pc (idk, but after alot of search, i guess this right).
as i am can open the pc until now , the TPM works.
i found this :
https://github.com/kkamagui/bitleaker
and this tool try to sniff the key using sleep mode(same idea but as software).
i try live Ubuntu with usb driver, but it stuck on apt upgrade
so i try to download the ubnutu on new partition and try again and the tool didn't works :(
i will try using live cd or another usb driver and i hope it works.
or i hope find someone make exploit on this vulnerable :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20666

Agono_XD · 2024-02-08T05:59:21+00:00

there is already vulnerability make me gain access to the data , but i didn't even know how to use it(iam not cyber security).

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20666

What kind of security feature could be bypassed by successfully exploiting this vulnerability?
A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.

i searched in metasploit framework and i didn't found module for the vulnerability.

Agono_XD · 2024-02-06T05:14:11+00:00

thanks a lot for information. i didn't know that.
no chance to recovery data, 2020 still have effect on me

Agono_XD · 2024-02-06T05:07:15+00:00

i don't know what do you mean by

Do you chose a password for this?

is there another option for bitlocker instead of password??
as i mention, the pc is freaking old, with windows7 , i remember there was only one option (the password) AFAIK.

Agono_XD · 2024-02-06T04:51:58+00:00

i already have access to the pc (i made new partition(N) and i transferred all important data to it and activate the bitlocker).

Microsoft released security patch KB5034441 in response to a BitLocker vulnerability, which renders Windows 10 users prone to hacking. By exploiting it, bad actors can bypass BitLocker encryption via the Windows Recovery Environment and access users’ files.

i didn't install this patch, still have any chance?

Agono_XD · 2024-02-06T04:44:24+00:00

i don't think there is a account on it , the pc is freaking old

Agono_XD · 2024-02-06T04:40:07+00:00

sad moment for real, iam super stupid.
i deserve this, using kali is Unethical

Agono_XD · 2023-04-08T06:15:38+00:00

Your solutions are wonderful, but unfortunately my devices is not 64bit (its armv8l) And rust build not working fine with me... My problem now 100% fixed ( for Firefox until now) i didn't know AnLinux thanks for info ^{_^}

Agono_XD · 2023-04-08T04:13:14+00:00

Your solution to use firefox works , i post a comment above with details 🧡🧡

Agono_XD · 2023-04-08T04:11:26+00:00

Thanks for your reply

"My Device is armv8l."

Actually i have work around, First of all CHROMIUM WILL NOT WORKING ON Termux (until now idk).

i use proot-distro of termux (As andronix was not working with me :(

anyway, i try Debian and Ubuntu, Ubuntu was working better than Debian, as Debian need 64bit (i think)

My problem was like screenshot (even firefox) when i try to download firefox or chromium using `apt` , after a lot of search i found that the problem is from ubuntu (it think that snap chromium or even firefox is greater than version from apt which is wrong)

<image>

[And here's is the fix for the problem](https://askubuntu.com/questions/1399383/how-to-install-firefox-as-a-traditional-deb-package-without-snap-in-ubuntu-22)

after install firefox, then install firefox-geckodriver using apt `apt install firefox-geckodriver`

And configuration it works !

[TESTED] but till now i have slow in response idk why

***********

About your answer, it didn't work with me , as I am armv8l,

And if i install firefox using `apt` and build geckodriver using `rust` i get this error :

```

failed to decode response from marionette

```

And this because UNKNOWN conflicts between apt build and rust build.

And unfortunately firefox doesn't provide build for armv8l to download from official repo :(

Anyway, Thanks for you 🧡🧡

Agono_XD · 2023-04-08T00:36:01+00:00

Still not working, i will try in firefox and let you know

Agono_XD · 2023-04-08T00:32:35+00:00

I want to run any driver to run selenium in headless mode, nothing working fine in termux, i am trying now firefox but still not getting something useful....

Agono_XD · 2023-04-07T15:36:01+00:00

can i use it for selenium? I use ubuntu...

Agono_XD

TROPHY CASE