Bypassing Bitlocker

Is it possible to bypass (in any way) bitlocker encryption? With very powerful software perhaps?

If you employ a bootkit you effectively bypass bitlocker

1 Like

There’s an interesting vulnerability to exploit “CVE-2022-41099” The kicker here is that the fix isn’t as straightforward as just installing security updates, the only way to mitigate the threat is to create a separate process/script to locally apply the patch to each system currently running Bitlocker, using the command-line mounting and WinRM steps provided by Microsoft. KB5025175

To exploit the vulnerability you needs physical access or gain access to encrypted data, Plus, you’d better know the “TPM PIN” if it’s configured, which is often the case. This vulnerability particularly messes with systems that have a “TPM” in “transparent mode,” which, coincidentally, is the default setting.

At time of The release, a researcher published the findings about the vulnerability on Mastodon. Based on the post, This how you would exploit this vulnerability, You Start by creating a raw copy of the encrypted drive. access the system’s recovery mode, Once in recovery mode, then initiates the “Reset this PC” process, selecting “Remove everything,” followed by “Local reinstall” and “Just remove my files.” During the subsequent reboot, Next deliberately powers off the machine when the “Resetting this PC” process reaches around 98%, approximately when BitLocker start its decryption.

now once the machine power again, it automatically enters recovery mode and displays an error. After the error message, Windows reboots and shows an installation progress screen. At this point, open a command prompt. The system drive remains unlocked, allowing to pause the decryption with the manage-bde -pause C:

Despite the possibility of the machine rebooting automatically, this is not a problem. As the Windows installation proceeds, you can just press Shift+F10 again on the first page to open a new command prompt. and grants access to the recovery password or the option to extract keys from memory.

With the recovery password or master key obtained, the attacker can decrypt the initially copied disk, ultimately you can now bypass Bitlocker.


To get the bitlocker key, with physical access, one could just do this

1 Like

All bets are off once you have physical access.

1 Like

have you found a good way?

Yeah, although I was asking mainly because I just wondered if it was possible. Cause bitlocker is one of the srrongest encryptions at the moment, as far as I know

havent tried it myself but could be worth looking into. GitHub - Push3AX/GrabAccess: Bookit / Windows Login Password and Bitlocker Bypass Tool

1 Like

This topic was automatically closed after 121 days. New replies are no longer allowed.