icarus255 Posted February 18, 2019 Share Posted February 18, 2019 Wrote this little password brute forcing script in Powershell while trying to decrypt a bitlocked HDD. There are some brute forcers already available that will actually test the extracted crypto values from the HDD but they are slow and cumbersome. I wanted to see if brute forcing straight through windows would be any quicker and as expected... no 😞 The code basically takes input from a text file, converts it to a "SecureString" (needed or PS has a panic attack) and then tries to decrypt the HDD. At 0.5 guesses/second, I wouldn't worry about any large word lists but it works 🙂 This was just for a bit of fun but if you know of a way to speed up the script or make it more efficient please let me know as I wrote this really to get more familiar with PS. Better yet, if you know of a way to backdoor the bitlocker encryption that would be much appreciated 😉 Quote # Need to run the script as powershell admin # Define StreamReader and point it to your passwords list $PWSstreamreader = New-Object System.IO.StreamReader("C:\temp\passwords.txt") $linenumber = 1 #feeds line by line the candidates in passwords.txt while (($readeachline =$PWSstreamreader.ReadLine()) -ne $null) {    Write-Host "$linenumber $readeachline"    # Need to convert our plaintext to SecureString for powershell to try and unlock. I guess this is some sort of security feature so people don't have plaintext passes lying around    $SecureString = ConvertTo-SecureString "$readeachline" -AsPlainText -Force    # Tries to unlock with converted SecureString.    Unlock-BitLocker -MountPoint "D:" -Password $SecureString    $info = Get-BitlockerVolume -MountPoint "D:"    $linenumber++    # Tests for decryption. Encrypted HDDs will always have a capacity of "0" so loops until capacity > 0 i.e. decrypted.    If ($info.CapacityGB -ne "0") {Break} } $PWSstreamreader.Dispose()  Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.