Question about false positives about bitcracker HOT 9 CLOSED

Additionally, one sidenote: When I start the cracking process, bitcracker first finds an invalid signature and finds a signature with a valid version afterwards. I am not sure if this could have anything to do with the false posivies. The output is:

Opening file XXX
Signature found at 0x00100003
Version: 8
Invalid version, looking for a signature with valid version...
Signature found at 0x10a00000
Version: 2 (Windows 7 or later)
VMK entry found at ...
VMK entry found at ...
VMK entry found at ...
VMK entry found at ...
Key protector with user password found

from bitcracker.

Hi,

I've tested this tool with images encrypted with Windows 7, 8.1 and 10 and I never had a false positive in case of passwords between 8 and 27 characters, using both my images and JtR test cases; this is an interesting case.
Looking at your output, probably there is some issue related to the detection of the VMK within the encrypted image.

Could you send to me the following:

• the hash generated by bitlocker2john (john the ripper tool) with one of your HDDs
• windows version used to encrypt your HDD. Did you use the password method to encrypt the HDD? ( as described in the project introduction ). If you used a different method, BitCracker will not work.
• the entire log produced by BitCracker (did you use the CUDA or OpenCL version?)
• a dictionary with some false positive and the real password

Thank you

from bitcracker.

Hi,

since this is a forensic examination, I can not provide you with all the information.

I do not have the real password nor do I know the Windows version used to encrypt the HDD. Since bdeinfo finds a Password Key Protector, I thought it is save to assume that the password method was used to encrypt the HDD but I might be completely wrong.

Here is what I have:

--> bitlocker2John does not find a signature:

sudo ./JohnTheRipper-bleeding-jumbo/run/bitlocker2john /dev/mapper/loop0p1
Error while extracting data: No signature found!

--> Then I tried with bdeinfo (i.e. method 2 in the OpenCL BitLocker wiki) and this gives me the following output:

sudo ./bitlocker2john-master/bdetools/bdeinfo /dev/mapper/loop0p1 -p dummy
bdeinfo 20170204

masked_hashes

BitLocker Drive Encryption information:
Encryption method : AES-CBC 128-bit
Volume identifier : masked_id
Creation time : Jun 18, 2015 13:17:05.349555700 UTC
Description : NB011 media2048 6/18/2015
Number of key protectors : 4

Key protector 0:
Identifier : masked_id
Type : Recovery password

Key protector 1:
Identifier : masked_id
Type : Startup key

Key protector 2:
Identifier : masked_id
Type : Startup key

Key protector 3:
Identifier : masked_id
Type : Password

Unable to unlock volume.

--> I was using the $bitlocker§... hash for John.

--> Here is the output of bitcracker:

---------> BitCracker: BitLocker password cracking tool <---------

# Platform: 0, # Devices: 8

====================================
Selected device: GeForce GTX 1080 (ID: 0) properties
====================================

Hardware version: OpenCL 1.2 CUDA
Software version: 375.26
OpenCL C version: OpenCL C 1.2
Max Global Memory Size: 8507555840
Max Global Memory Alloc Size: 2126888960
Max Const Memory Buffer Size: 65536
Device Address Bits: 64
Parallel compute units: 20
Max Workgroup Size: 1024
Vendor: NVIDIA Corporation
CC: 6.1
Registers per block: 65536
Warp Size: 32
Overlap Memory and Kernel: 1

For this session, BitCracker requires at least 268435456 bytes of memory

Setting context on Platform 0, Device 'GeForce GTX 1080' (ID: 0)

====================================
Extracting data from disk image
====================================

Opening file image.bin
Signature found at 0x00100003
Version: 8
Invalid version, looking for a signature with valid version...
Signature found at 0x10a00000
Version: 2 (Windows 7 or later)
VMK entry found at 0x10a000ac
VMK entry found at 0x10a0020c
VMK entry found at 0x10a002dc
VMK entry found at 0x10a003ac
Key protector with user password found

====================================
Dictionary attack
====================================

Starting OpenCL attack:
Local Work Size: 1024
Work Group Number: 4
Global Work Size: 4096
Password per thread: 8
Password per kernel: 65536
Dictionary: ../testwordlist.txt

OpenCL Kernel execution #0
Effective number psw: 4
Time: 19.968502 sec
Passwords x second: 0.20 pw/sec

================================================
OpenCL attack completed
Passwords evaluated: 4
Password found: [countosic]
================================================

Tot passwords evaluated: 4

--> False positive passwords for the hash provided above are: "countosic", "alt-csurg" (without the quotes)

Thanks very much for your help!

from bitcracker.

Thank you for providing me the info. I'll try to reproduce the test with the JtR bitlocker hash. In the meanwhile please pull again and run the CUDA version. I need to know if the VMK value extracted by this standalone version is the same as the one of the JtR tool.

from bitcracker.

Thanks for looking into this! Here is the output with the latest version:

./bitcracker_cuda -i ../image.bin -d ../testwordlist.txt

---------> BitCracker: BitLocker password cracking tool <---------

====================================
Selected device: GPU GeForce GTX 1080 (ID: 0) properties
====================================

Compute capability: 6.1
Clock rate: 1733500
Clock rate: 1734 MHz (1.73 GHz)
Memory Clock Rate (KHz): 5005000
Memory Bus Width (bits): 256
Peak Memory Bandwidth (GB/s): 320.320000
Device copy overlap: Enabled
Async memory engine count: 2
Concurrent kernels: 1
Kernel execition timeout: Disabled
Total global mem: 8507555840 bytes
Free memory: 8055619584 bytes
Texture Alignment: 512
Multiprocessor count: 20
Shared mem per mp: 49152
Registers per mp: 65536
Threads in warp: 32
Max threads per block: 1024
Max thread dimensions: (1024, 1024, 64)
Max grid dimensions: (2147483647, 65535, 65535)

For this session, BitCracker requires at least 268697600 bytes of memory

====================================
Extracting data from disk image
====================================

Opening file image.bin
Signature found at 0x00100003
Version: 8
Invalid version, looking for a signature with valid version...
Signature found at 0x10a00000
Version: 2 (Windows 7 or later)
VMK entry found at 0x10a000ac
VMK entry found at 0x10a0020c
VMK entry found at 0x10a002dc
VMK entry found at 0x10a003ac
Key protector with user password found
Nonce:
masked_id
MAC:
masked_id
VMK:
masked_id

====================================
Dictionary attack
====================================

Starting CUDA attack:
CUDA Threads: 1024
CUDA Blocks: 1
Psw per thread: 8
Max Psw per kernel: 8192
Dictionary: ../testwordlist.txt

CUDA Kernel execution:
Stream 0
Effective number psw: 4
Time: 20.224299 sec
Passwords x second: 0.20 pw/sec

================================================
CUDA attack completed
Passwords evaluated: 4
Password found: [countosic]
================================================

from bitcracker.

Probably, I've found the reason for the false positives.
I'm trying to check if the issue can be fixed; I'll let you know in 2 or 3 days.

from bitcracker.

Great, thanks.

If there is anything I can help you with, please let me know.

from bitcracker.

Please pull the most updated version and run again your tests with the -s option: this new check seems to fix the issue of yours false positives but it still finds the right password of this repo's images encrypted with Windows 7, 8.1 and 10.
Unfortunately this check is empirically verified only (i.e. I need to prove it according to the format); in the next release I will improve BitCracker with an additional (but slower) final MAC check.
Please let me know the result of your tests.

NB. in this new version you can use the JtR BitLocker hash you posted in this issue, see the updated README

from bitcracker.

Please pull again, I've included a new default check totally compliant with the standard. It avoids your false positives even without the -s option.

from bitcracker.