Bypassing Local Windows Authentication To Defeat Full Disk Encryption

Рет қаралды 46,331

Күн бұрын

Пікірлер: 34

@sent4dc 6 жыл бұрын

OK. Mislabeled video. This is not really a BitLocker encryption bypass. It's a domain authentication attack. Obviously, if you're doing full disk encryption on your own laptop DO NOT use TPM. I know it's convenient but it's also worthless. Instead, get yourself a small USB stick and use it for pre-boot authentication with BitLocker. You can keep it on your keychain along with your house or car key. You will need that USB stick only to boot your computer. Then as soon as it boots you'll get that USB stick out. Works really well and is also much, much more secure than TPM. (And if you lose your laptop the chances are that you will keep your keys on your person, so whoever finds your laptop will not be able to read your hard drive.)

@zezo782 6 жыл бұрын

What if the person who got access to ma laptop removed the drive from the laptop, will they still be unable to access it?

@kirbfx 5 жыл бұрын

What is TPM??

@levilima9925 5 жыл бұрын

@@kirbfx TPM is a hardware chip component that's responsible for communicating with your operating system regarding the authentication of your key-cryption. Sort of. More information here: whatis.techtarget.com/definition/trusted-platform-module-TPM

@levilima9925 5 жыл бұрын

You're correct. I thought this guy was some kind of genius for bypassing the BitLocker feature encryption but he used social engineering at the end to gain access to the computer which is not bypassing the encryption scheme.

@QuickishFM 4 жыл бұрын

Also if the TPM gets erased and you don't have the recovery key then you can't get back in

@ali.kamran7112 4 жыл бұрын

Very nice brother, keep it up...👍👍👍

@Dluzak1 6 жыл бұрын

Why people keep using very light colors on white background... The arrows at 6:51 are pretty much invisible, so the slide is becoming useless.

@Jeff-vm4gp 5 жыл бұрын

you'd figure in this case standard would be Green on Black

@WizardNumberNext 4 жыл бұрын

there is no physically going to datacentre to reboot machine or enter pin this is what IPMI is for if you have 'same as physical access' while being remote, even thousands of miles away, then you do not need to type anything on keyboard, which is NOT connected to server anyway (why would you even consider connecting keyboard or monitor to server?) P.S. if you can afford server and cannot afford IPMI, then I am lost

@MadsHegelund 8 жыл бұрын

Nice one..

@TheAmazeer 6 жыл бұрын

first you need a laptop with a ubuntu or debian installed then install a samba dc with the same name of the windows domain you want to attack then you put your encripted machine on the same network as the samba dc so that they can talk together then you change date and password for the account you to exploit then put the right date loggin back will prompt to you your password has expired then put a new one but before that you must disconnect network nic in order to force the computer to check its cache... Very smart .. but you didn't configure samba dc for expiry date is it set by default to password expires within a certain amount of time ?

@mdd1963 5 жыл бұрын

Not all switches will auto assign an IP address to new unknown hardware easily....; you might need access to the switches terminal to run bindwiper ..assuming you can even get into the switch......

@burtonh1 8 жыл бұрын

How does one set up their computer to defend against such attacks?

@HardTrancid 4 жыл бұрын

When I attack a Bitlocker locked HDD I image it RAW then run a brute force on the hash ...

@FSA2023 3 жыл бұрын

can you do it online for someone?

@HardTrancid 3 жыл бұрын

@@FSA2023 I might do a video down the road. We'll see I suppose.

@sahmed868 2 жыл бұрын

@@HardTrancid can you do this for my laptop?

@Tomyb15 8 жыл бұрын

so, is BitLocker useless now if you didn't enable pre boot authentication?

@rfh1987 8 жыл бұрын

If it's a domain computer without pre boot authentication, it can be hacked this way. Also, I imagine Microsoft is actively working on correcting this attack (assuming they haven't already patched it).

@disk0__ 8 жыл бұрын

at the end he literally says it was patched prior to the presentation

@rfh1987 8 жыл бұрын

disco__ LOL. Thanks for pointing that out. I guess the rest of us stopped the video at the Q&A part. :D

@naziamalik8749 8 жыл бұрын

please help me, how can i really all black hat stuff efficiently ??

@Heycarlson 4 жыл бұрын

What about from BIOS?!!?

@quarteratom 2 жыл бұрын

LOL, don't store the encryption key inside the computer, and don't decrypt everything automatically.

@naziamalik8749 8 жыл бұрын

how can i learn these black hat stuff from these videos ??

@jamesedwards3923 4 жыл бұрын

There is nothing criminal about what he is teaching or doing.

@Spontan_DJ 3 жыл бұрын

veracrypt ram encryption...

@kdeeuk 7 жыл бұрын

thanks for telling all the theives how to get in to my pc, good on ya why ?, this is very irresponsible of u

@davidreynolds9649 7 жыл бұрын

This isn't about telling thieves how to get into your PC; they already know. It's about telling you that it's possible, so that you can react accordingly.

@rjstewart 6 жыл бұрын

If you watch the whole video you will see that prior to him releasing this exploit's details Microsoft released a patch. This is what responsible hackers do. This is what I did years ago when I found a major bug in a piece of widely used software. We contacted the vendor, waited until the fix was ready and out and THEN explained the exploit.