Below is a BitLocker Recovery Key broken into the 8 groups: PowerShell would need to try and loop through each possible combination of # like this:ĪAAAAA-BBBBBB-CCCCCC-DDDDDD- 000000-FFFFFF-GGGGGG-HHHHHHĪAAAAA-BBBBBB-CCCCCC-DDDDDD- 000001-FFFFFF-GGGGGG-HHHHHHĪAAAAA-BBBBBB-CCCCCC-DDDDDD- 000002-FFFFFF-GGGGGG-HHHHHHĪAAAAA-BBBBBB-CCCCCC-DDDDDD- 999997-FFFFFF-GGGGGG-HHHHHHĪAAAAA-BBBBBB-CCCCCC-DDDDDD- 999998-FFFFFF-GGGGGG-HHHHHHĪAAAAA-BBBBBB-CCCCCC-DDDDDD- 999999-FFFFFF-GGGGGG-HHHHHH PROOF OF CONCEPTįirst, we need the key groups with the missing digit(s). There are only 1 million combinations between 000000 – 999999 In other words, he was missing the “E’s” in the example above. “AAAAAA-BBBBBB-CCCCCC-DDDDDD- #-FFFFFF-GGGGGG-HHHHHH” So, if everything he knew of the key was changed into letters, we could present it like this: In the case of our person needing help, he was missing the 5th group of digits. Each group has exactly 6 digits (no more, no less). If you’re not super-familiar with BitLocker Recovery Keys, they follow this format: Since the drive was locked, PowerShell couldn’t display the BitLocker recovery key, and there were very few options left. It’s the classic ‘chicken or the egg’ scenario. And he couldn’t unlock the USB drive without the Recovery Key. He hoped there was some easy way to show the Recovery Key via PowerShell (which there is, but only if the drive was unlocked). When he later tried to unlock the USB drive that was secured with BitLocker, Windows popped up an error because the key was wrong. Unfortunately, and as fate would have it, one of the number groups was mistakenly written only 5-digits long. Instead of printing or saving the numeric BitLocker Recovery Key to a TXT file, the user wrote it down on a piece of paper. He had a forum question and one of my blog posts seemed to be headed in the general direction of his desired answer. So, a blog reader tracked me down on the interwebs in a panic.
0 Comments
Leave a Reply. |