How to: Crack Bitlocker encrypted drives

Here is the command if you want to crack the recovery key: John --format=bitlocker-opencl -mask=?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d target_hash

Thank you for this video. This seems to be the only method I could get to work (I originally had trouble just making the image of the drive).

Hey! I deleted my comment before seeing your response, but I just had to press Enter and it showed the results! Currently running Hashcat, hopefully should be cracked soon. Great video, you got yourself a subscriber. Keep up the good work! ;)

Best soft soft tutorial for beginners on CZcams! I'm an absolute beginner and all the other tutorials I've found on CZcams have been so

This is a great video! Though as a preventative, what is the best thing (besides long complex password) that one can do to make cracking the bitlocker driver extremely difficult to almost impossible?

I had two partitions on my bitlockered 1TB drive. jumbo-john stops always at "VMK entry found at 0xede90f8a90" after around 24 hours of work. How, in that case, find the hashes of only one partition instead of a whole disk? Any suggestions? How to make a bit-to-bit image of chosen partition only?

how many people here are like me where I lost the key and password...

For the bitlocker2john how long does it take? I have a 500gb HDD if that helps.

Hi, I have FTK imager downloaded, where do I find the other 2 that I need
Thanks

do we really need the full image to be stored somewhere? because my bitlockered drive is 4tb and my other drive is only 1tb will it still be possible to use this method?

quick question, since this is specific to bitlocker can i still use these tools for other types of brute forcing? I got a computer in an estate auction, and strangely there was also a disk labeled "merlin encrypted HD". i can't seem to find much specific to merlin and encryption other than 'merlincryption' but not sure if that's relevant? it mentions an m70 which is a dell laptop, does dell have proprietary encryption?

Hey I needed this today... and you uploaded it today. Hello =D

Can you give some stats on end-to-end cracking time? Ie. against recovery keys, since they are fixed in size and complexity. Which means cracking time of a fixed volume size should be relatively constant.

Hey, I have a big problem - the thing is that I saved the key on an encrypted disk - I only saved it there and I do not have access to it, unfortunately I do not remember the password, is there any possibility to crack the password, recover the key or, for example, recover files from of an encrypted disk, and then clean it and upload a new system to have access to this disk?

I created disk image using external hard disk.when using code commend it shows invalid version.is it necessary to create image with TPM chip and possible to extract the image using another system with TPM Chip

Hi.. when I ran the Jumbo John, i got the following error. Does that mean it didn't generate any hash for the Bitlocker drive?
Error while extracting data: No signature found!

Thanx for the video, good stuff! When I run the command to crack the recovery key I get the error "No OpenCL devices found". My target_hash file has the $bitlocker$2 and $bitlocker$3 hashes listed. What could be the cause of the error?

How on earth have I not seen this until now?!?!?! Thanks!

What can I do with numerical password ID and external key id ?

I got to 7:56 and it gets stuck at "Initializing backend runtime for device #1..." I left it alone for half an hour and still nothing. Any suggestions as to why that's happening?

I always got error notification receive like this (error recovering disk G: A Recovery key was not found on this drive) any one can give me any soloution ???

Sorry, I don't totally get how to crack the recovery key per se...I understand the mask part, but where to place the command during the hashcat part? or will it be a file with different recovery keys that will do the same trick as if it was a dictionary?

Is it possibile to crack the 48 digits that you enter before booting the system?

Hi i m badly facing the problem of forget pwd and recovery key of my ext hd, plz guide me in simple words how can i get my data recovered plz

Please help me....
The bitlocker encryption on this Drive isn't compatible with your version of Windows, try opening the drive using a never version of Windows.

If the all drives are encrypted and don't know any decrypt key what I can do ? (Only hope is cmd with X: drive in the blu screen.)

Please does soft soft need a driver for midi controller? Coz it's not reading my midi controller, m-content oxygen49, thanks if it need please

While trying to install FTK imager, I'm getting a Processor not supported error - is it because I'm on a 32 bit system??
If so from where can I get the 32 bit one??

how u get 6gb from 8gb of ur video memory? i have 3070

If I encrypted my personal USB on a work computer and don't have that original device anymore that encrypted - does this work?

Hi there, I actually have the recovery key, but when i enter the Bitlocker-Key it opens the lock but I still cannot access the drive! I get the Message: I need to format the drive before using it; file location is not available ! any Idea?
thank you in advance

Hi. I ran jumbo john, but didn't get any hash at the end. All results were "Invalid Version" or "Error: VMK not encrypted with AES-CCM". Do you know why?

and if my result on john is: VMK encrypted with TPM...not supported! (0x71bbf928)
There's an alternative method or game over for my HD?

HI, my hdd was locked by bitlocker when after re-install windows. However, i don't have the recovery key and no record in my hotmail account. is it can unlock my hdd & save the data?

Good job, thx !

If i was doing a recovery key attack with hashcat, can I create a wordlist of a couple of six digit numbers (some of which I know to work), to use on the bitlocker decryption? This is assuming I am using a $bitlocker$2 hash

Could it be that this doesn't work if the image was encrypted by the TPM?

IT WORKED!!! THANK YOU SO MUCH!!!!

Hello
Thank for this video.
At the end, I don't understand that you said (i'm french) : More the disc image is bigger, fast the crack is ?

I know this is 2 years old. But What do I do if john keeps saying No opencl devices found? I'm trying to crack a recovery key since thats all I am getting

Awesome Buddy

I tried all the steps did get work out. I have 64GB sd pulled from lumia 950 when testing arm on windows, the phone suddently when dead. i found this video and tried all steps, the bitlokerjohn end up empty, no password, also tried different pirated data recovery, tried to open the image file, still get nothing. what do to?

Thanks for you video but i'm not sure to understand all steps. I have some keys on John but i don't think that's the good one... I have a RP MAC / RP VMK / RP NONCE only.
Does it mean i have to wait more ? It's a M2 from a Surface Pro 4, my customer doesn't know the password and he think he never set a password... His tablet is out and i just have to unlock the M2 for put it on a external box.
I'm scared because i think it doesn't have any password but only a recovery key :/
Can you help me please? I try to put the RP VMK hash on the txt but i have a "No hashes loaded" on Hashcat.
Thank you :)

so no matter how strong the password is, it can be broken by the recovery key
right?

is it ok that you unlocked the drive before the operation ? is it the same with locked drives ?

Is it possible to use a similar method to decrypt files encrypted with ransomware?

Hi there, I am trying to download the FTK on my old computer, windows 7 and it is stating the program wont work on this processor. Is there any other way to get around this or use another program? Thank you.

hey , i m in a trouble , due to hadware change of my system my hardisk has been encrypted . and its 48 digit recovery key is not saved in my microsoft account . will i get accsses to those data , through this method ?

Hey sorry for bother but I can't use dictionary since my password had special characters, is there any way to configure and download a dictionary with a maximum of 14 characters alphanumeric and with special characters? Sorry I literally have no idea how to code but I'm guessing this would be a lot faster than using the recovery password method

is this step possible if i format boot drive and the one im trying to unlock is the other drive (different hard drive).

So is it better to get a USB like the Kingston datatraveler 2000 that has hardware encryption with a keypad on is it possible to crack those

my HDD is lock by bitlocker for some reason the drive got locked after an update and the Bitlocker key ID has changed,

To increase performance (lower times), what hardware would be best? A video card? If so, what brands/models do best?

Hey, I'm just starting to get into making soft and tNice tutorials 17 minute video helped a LOT MORE than those one hour long tutorials out

It's working thanks my friend

can a sd card that was encrypted with “bit locker to go” be bypassed as well? Can i use this same method on the sd card?

Hi, im having a little trouble down here. when i ran a hashcat.exe it gives me an error it says "salt value exception", how im supposed to do?

So i got the hash, but when i use hashcat it says that -n is out of date and i have to use --force. Then when i do that, it says that no hash loaded? plus where did you get the password list?

How much time it will take for 300gb disk with 80 gb of data?

I can't see how to install or download Jumbo John...you mention that was covered earlier, but I can't see anything here. Thanks.

I encrypted my 250g drive from my Dell laptop and for some reason the drive got locked after an update and the Bitlocker key ID has changed, making my backed-up key obsolete.
I know the password which is composed of 12 characters (1 capital letter + 8 lower case letters + 1 special character + 2 numbers)
Whats the best method to retrieve the key and not the password?
Thanks for the video.

You showed how to crack it with a dictionary "wordlist" passwords. What about a recovery key? there is no wordlist for it so how is it done?

Thank you for the video. Please, I need your help. I have my external hard drive encrypted using bitlocker. The laptop I used to encrypt the external is no longer available. I have tried to decrypt the external drive with passwords I can remember using another laptop but it doesn't work and the recovery key is even in the external drive which is about 1TB.
I saw you that you you have an image of your drive. In my case I don't have an image of my external drive. Do I need to make an image of the external or I don't need to.
Please, can you drop your email to enage more.

hi after using "ftk imager" who software use for browsing image?

Hi - instead of a specific drive, my laptop has been locked with BitLocker, I need assistance to retrieve my data. Is there a way I can use another system to run your hashing technique to get my BitLocker key? Thanks in advance!

Thank you for this demonstration. Have you ever encountered a scenario where bl2j did NOT return any hashes, but detected an unencrypted VMK stored clear? Does the lack of a hash return indicate no 48 digit recovery key or user-created password is present, only a VMK?

Greeting, I have WD my passport portable drive bitlocker and I do not have the password or they backup key. so my question is it possible to access the drive and backup all files saved on it ?
please let me know I appreciated your quick replay

Hi hi - my external drive freezes after I enter my bitlocker password - how can I attack this problem?

Amazing tutorial

ftk is not install. why? my problem is that i know my bitlocker password but unfortunately i have window 10 to 8.1. now my encrypted drive is not open by saying wrong password. what i do help me??

i have formatted my pc and trying to enter the password but showing it wrong why ???
i used to open it everyday with the password

Your guide won't work for a 20 character password with 256bit Bitlocker encryption in 2021 :) What modifications would you do to the guide for a 256bit 20+ char Bitlocker encryption ? Thanks

why I took a long time when 'creating image' it's been 3 hours, and the progress is just like 1% 😭

I've had a rapid influx of people coming into my tech repair store because the Windows 22H2 update has been bricking systems left and right and unfortunately many of these people don't even know what bitlocker is, why it was enabled, and don't have their key. I'm hoping this method might be a solution for these people.

I have a doubt will this work on partitioned drive. Like I have a 500Gig drive with a 100gig locked away. So will creating the whole 500gig disk image work?

HI, Have a ASUS tablet with soldered HD so cant connect to other computer to erase drive. All boot USB attempts keep triggering Bitlocker. So i want to erase drive and install Win 8 but how can i do this? Can i use command prompt in recovery blue screen F8 area or will i still need key. As you explained, will erasing drive totally still leave Key with TPM and still lock me out?

Hello, I encrypted a USB drive (8GB) years ago (2018) and I forgot the password. I know the first 5 characters and the rest of the password are numbers but I forgot the combination. I know what numbers I usually used but this time I added all of them. My question is how can I create a password text file that will use the first 5 characters then will add all possible combinations of numbers I used? BTW the format of the password is something like this: Ph@so then 5 to 10 numbers.

Is this if the whole drive is BitLocker encrypted? If I have an encrypted partition would I need to separate the encrypted partition to it's own image file and then run it? When running it on the physical disk image it failed saying no HASHES were found. THANKS! and Subscribed!

Help ME this error in USB BitLocker Drive Encryption failed to recover from an abruptly terminated Conversion. This
Could be due to either all conversion logs being corrupted or the media being write-protected.

I have my hashes so how do I do the recovery key process?

Hi, i have a very big problem and i was not my fault.
HP ProBook 450 G5 with 2 drives i just reinstalled windows 11 fresh to M2 drive after formating everything but never touched SATA drive with all the data inside almost 950gb of data.
I also did load factory default settings in bios and now i have the SATA drive with bitlocker encryption and of course don't know the password.
Can you help me please, i need to recover my data please

"rockyou.txt" file what do I put in it, where can I get a password list... I know most of the password just not the combination of numbers and possibly 1 special character

If I understand him right. The recovery key is easier to hack in brute force scenarios. Am I right?

i have a vhd which was created and encrypted in windows 7 but after i upgrade to windows10/11 bitlocker doesnt recognize the drive and mount directly but files are still encrypted cant be opened. Any way i can recover my files?

Hi, I have BitLocker on my D: drive after OS crash the BL asking for the recovery key instead which I don't have instead of the password which i have. Please help.

What is 22100 you typed ? Appreciate if help is it random number or any specific

Doesnt work for me. at Bitlocker2John it shows "Error: VMK not encrypted with AES-CCM (0x93,0xa0)" Anyone can help?

hello ! when use the hashcat show this error No hashes loaded any idea?

Pls clarify my doubt sir does it have tabla soft????? Pls tell sir

Hey plis can help me to unlock my external drive what have mys archives whit bitlocker my pc die so I don’t have the key

When you ran hashcat and typed -m 22100 on the cmd. Is 22100 a universal key number for all bitlocker hard drives. If not, how do I find the key number of the bitlocker so that I can complete command prompt. Please and thank you

My all drives are encrypted by bit locked and my laptop was update Windows 10 to 11 and I never used bitlocker. Three days back when ai turned on my computer and it shown a blue screen with bitlocker recovery key bar to open... I have reinstalled the Windows on C and now other 3 drives are locked and they important data on them... How I have open the drives?

Great video bro, I'm in the midst of doing a pen test for a client now. About to try this out, I'll report back if you helped me gain access to them :)

you never explained how did you get the jumbo john......im stuck there

what happens if i create an image with overflow?

Hi Ad,If I delete old windows and reinstall new windows, can I still open bitlocker on drive D?

will I lose the data inside de HD bitlocked?

I was considering upgrading to windows 10 pro go encrypt my laptop, but now I'm not sure :/

I encrypted a divce with bitlocker but the encyption failed and now I cannot get access to my device, the password doesn't work and the key recovery doesn't work either, so what can I do to recover my data? I tried M3 bitlocker recovery but it did not work... please help

Can you explain about file "rock you"? I don´t understand how I create this file. What content will this file contain?