Bypassing Bitlocker: A Hardware Attack on Windows Disk Encryption
This video demonstrates a hardware attack to bypass TPM-based Bitlocker encryption commonly found on Microsoft Windows devices. Note: The PIN can also be exploited.
stacksmashing
1.3M views • Feb 3, 2024
About this video
In this video we will use a hardware attack to bypass TPM-based Bitlocker encryption as used on most Microsoft Windows devices.
Errata:
- PIN can also be enabled using manage-bde, not just using group policies
Questions:
- Does this work on TPM2.0? Yes, at least on some: https://pulsesecurity.co.nz/articles/TPM-sniffing
Links:
- https://hextree.io/
- Pascal Gujer: https://twitter.com/pascal_gujer / https://hands-on-security.com
- Enabling Bitlocker PIN: https://www.howtogeek.com/262720/how-to-enable-a-pre-boot-bitlocker-pin-on-windows/
- Hardware & source-code: https://github.com/stacksmashing/pico-tpmsniffer
- LPC Clockless Analyzer for Saleae: https://github.com/stacksmashing/LPCClocklessAnalyzer
Me:
- Twitter: https://twitter.com/ghidraninja
- Patreon: https://patreon.com/stacksmashing
Posts about sniffing bitlocker:
- https://labs.withsecure.com/publications/sniff-there-leaks-my-bitlocker-key
- https://www.secura.com/blog/tpm-sniffing-attacks-against-non-bitlocker-targets
- https://blog.scrt.ch/2021/11/15/tpm-sniffing/
- https://pulsesecurity.co.nz/articles/TPM-sniffing
Errata:
- PIN can also be enabled using manage-bde, not just using group policies
Questions:
- Does this work on TPM2.0? Yes, at least on some: https://pulsesecurity.co.nz/articles/TPM-sniffing
Links:
- https://hextree.io/
- Pascal Gujer: https://twitter.com/pascal_gujer / https://hands-on-security.com
- Enabling Bitlocker PIN: https://www.howtogeek.com/262720/how-to-enable-a-pre-boot-bitlocker-pin-on-windows/
- Hardware & source-code: https://github.com/stacksmashing/pico-tpmsniffer
- LPC Clockless Analyzer for Saleae: https://github.com/stacksmashing/LPCClocklessAnalyzer
Me:
- Twitter: https://twitter.com/ghidraninja
- Patreon: https://patreon.com/stacksmashing
Posts about sniffing bitlocker:
- https://labs.withsecure.com/publications/sniff-there-leaks-my-bitlocker-key
- https://www.secura.com/blog/tpm-sniffing-attacks-against-non-bitlocker-targets
- https://blog.scrt.ch/2021/11/15/tpm-sniffing/
- https://pulsesecurity.co.nz/articles/TPM-sniffing
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
1.3M
Likes
42.5K
Duration
9:11
Published
Feb 3, 2024
User Reviews
4.8
(262) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.
No specific trending topics match this video yet.
Explore All Trends