Question 1

How do I extract a BitLocker hash for cracking with BitCracker?

Accepted Answer

Use the bitcracker_hash tool on your encrypted disk image. It validates the format, identifies if it's user or recovery password encrypted, and outputs hash files (e.g., hash_user_pass.txt) needed to start the attack, as detailed in the 'Prepare the attack' section.

Question 2

BitCracker vs Hashcat for BitLocker cracking: which is better?

Accepted Answer

BitCracker is specialized for BitLocker with integrated hash extraction and recovery password support, while Hashcat is a general-purpose tool. Hashcat may have broader format support, but BitCracker offers research-backed optimizations; Hashcat integration is listed as 'work in progress' in the README.

Question 3

Can BitCracker crack BitLocker with TPM enabled?

Accepted Answer

For recovery password attacks, no. The README explicitly states that recovery password attacks are not possible on TPM-encrypted devices. User password attacks might still work if a password is used, but TPM alone blocks this method.

Question 4

What's the best GPU for running BitCracker?

Accepted Answer

Higher-end NVIDIA GPUs like Tesla V100 offer the best performance, with up to 3,252 passwords per second. Refer to the performance table in the README for specific benchmarks and match CUDA versions to your GPU architecture (e.g., SM version for Makefile).

Question 5

How to generate wordlists for BitCracker recovery password attacks?

Accepted Answer

Use the bitcracker_rpgen tool to create wordlists. Specify options like -n for number of lists and -p for passwords per list, but note the search space is vast and uniform, making attacks time-consuming without prior clues.

Question 6

Is BitCracker compatible with Windows operating system?

Accepted Answer

BitCracker is primarily built for Unix-like systems, as indicated by shell scripts and commands like dd. There's no mention of native Windows support; it likely requires a Linux environment or WSL for execution, which can be a barrier for Windows-only forensic setups.

BitCracker

What is BitCracker?

Overview

Use Cases

Best For

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions