hi to all

Replies to This Discussion

Permalink Reply by Nick Aotmzgin on September 30, 2009 at 4:40pm

In an ongoing debate on if Bitlocker is truly secure, and if not what are the best ways to hack into the system, you need to understand how bitlocker works and what platforms it is used on.

Bitlocker is only available on Ultimate and Enterprise editions of Vista or those with SP 1 for Vista; it is also available on Windows Server 2008. While the Vista security folks deny that there is any back door access into bitlocker which is good, forensics folks are aware and use some of the vulnerabilities or data sets that can crack open a Bitlocker protected system. The Bitlocker key can be stored in a number of ways, one of the most obvious is that the key is stored on a USB thumb drive, and the user is required to insert the USB drive, and off they go (if the computer is new enough to read the key off the drive while still in boot mode).

The key can also be stored in the companies Active Directory, meaning direct access or nefarious access to the AD will allow someone to download the key and dump it to a USB drive as well (unless the AD is on a Bitlocker, which can be problematic in light of password recovery tools for AD (click here) that if you have the right credentials (domain) you can surf the AD for bitlocker recovery passwords.


The BitLocker Active Directory Recovery Password Viewer lets you locate and view BitLocker recovery passwords that are stored in AD DS. You can use this tool to help recover data that is stored on a volume that has been encrypted by using BitLocker. The BitLocker Active Directory Recovery Password Viewer is an extension for the Active Directory Users and Computers MMC snap-in. After you install this tool, you can examine a computer object's Properties dialog box to view the corresponding BitLocker recovery passwords. Additionally, you can right-click a domain container and then search for a BitLocker recovery password across all the domains in the Active Directory forest. Source: Microsoft

Another intriguing attack is to use the ghost hibernation file that still exists within memory by manipulating the RAM on the computer by cooling it down with a can of compressed air, then pulling the contents out of memory. All three systems, Apple, Linux, and Microsoft systems were vulnerable to this same kind of attack, and while this is an unlikely attack, it is still interesting to note that they found they could:


With the memory contents in hand, the next step was to crack the encryption and compensate for the sporadic memory errors. Here, the researchers relied on the fact that most decryption systems store information derived from the encryption keys in memory to speed calculations. These key schedules have a some known features that make finding them largely a matter of scanning for patterns in the memory. Once near matches are identified, they can be set aside for more detailed analysis (including corrections for memory errors), eliminating most brute force aspects of the cracking. Source: Ars Techica

The research paper is fascinating, but if people really to get into the computer; it is easier to steal the computer and look through the bag for a USB key (highly likely that it will be located physically near the computer, or in the computer depending on the user). Geeks with Blogs points out that Bitlocker is also vulnerable to these other methods, not are beyond the script kiddy, but fun to learn all the same:


Even with all of the new security that is provided by BitLocker, it can't stop everything. Some of the areas that BitLocker is helpless to defend against are:
• Hardware debuggers
• Online attacks—BitLocker is concerned only with the system’s startup process
• Post logon attacks
• Sabotage by administrators
• Poor security maintenance
• BIOS reflashing
Source: Geeks with Blogs

Physical access to the computing system is a must to make most of these attacks work out. The other cool part is how the keys can be stored in AD for recovery processes, meaning if you can get into the AD system then you have unfettered access to the entire system of recovery keys across the bitlocker installation base. Those can then be burned to USB drives and used to hack or gain access to the system.

While in general it is a good system for people with Enterprise or Ultimate editions, or those who use SP 1 for Vista, there are physical and computer access issues with bitlocker depending on how the key recovery process was initiated, where the keys are stored, and the use of Ultimate or Enterprise editions of Vista. It is a good system, but there is nothing that does not say that the system is a direct panacea, and if important enough, there are ways around the physical and electronic security of a system.

Tags: hack, bitlocker, bit locker, vista, windows, hacking, hacker, physical access, active directory, domain admin, password recovery, fun, thanks

Follow me on Twitter and/or on FriendFeed , you can also friend me in Facebook or on linkedin. I am always looking to have more conversations with people, feel free to join up and say hello.

The opinions of this article are the opinions of this writer. They are not the opinions of my employers, nor in any way does this blog, these entries, or any information on this site reflect the opinion of my employers or people associated with me.

▶ Reply to This

Permalink Reply by james lilwayne on October 19, 2009 at 11:10am

BANK LOGINS, FULLZ (UK / USA ONLY) , DUMPS / TRACK 1+2 , CVV, MAILER LIST, WU TRANSFER , BANK TO BANK TRANSFERS AND THIRD PARTY TRANSFERS, HACKING TOOL PACKAGES.

big order cc sell new price !
1 US CVV( visa) = 3$/cvv
1 US CVV( master) = 3$/cvv
1 US CVV(Amex,dis) = 4$/cvv
1 us check bins = 10 $/cvv
1 UK CVV(visa, Mc) = 4$/cvv
1 UK CVV(Amex) = 15$/cvv
1 Uk check bins = 15$/1cvv
1 Uk check post code = 15$/1cvv
1 UK DOB random = 15$/1cvv
1 Uk dob with bins = 35$/1cvv
1 Ca CVV = 10$/CVV
1 EU CVV = 15$/CVV
1 EU CVV(Amex,dis) = 20$/cvv
1 AU CVV = 8$/CVv
1 Asian cvv = 10$/cvv
full info = = 20 $/cvv1
1 pp veri = 50$ / pp1
SHOP ADMIN US AND UK
50$ wu bug + code activation 20$ = 70$TF WU AND BANK IT DEPENDS AMOUN
Format info:Normal
Address 1:
Address 2:
City:
State:
Zip:
Country:
Home Phone:
Name On Card:
Credit Card Number:
Credit Card Type:
EXP Date:
email:Fullz info:Address 1:
Address 2:
City:
State:
Zip:
Country:
Home Phone:
Date Of Birth:
Social Security Number:
Mothers Maiden Name:
Drivers License Number:
Drivers License State:
Secret Question 1:
Secret Question Answer 1:
Secret Question 2:
Secret Question Answer2:
Name On Card:
Credit Card Number:
Credit Card Brand:
Credit Card Type:
Start Date:
EXP Date:
issue Number:
Credit Card PIN Number:
Card ID Number:
Card Bank Name:
Card 1800 Number:
email:
email pass:
ip:
bank name:
Bank Account Number :
Bank Routing Number :
bank phone:Bank Logins UK USA SPAIN KUWAIT AND ISRAEL
UK
HSBC, NATWEST, BARCLAYS, CITIBANK, HALIFAX, NATIONWIDE, LLOYDS, ABBEY
USA
WACHOVIA, BOA, FCU, CHASE
SPAIN
BDE, SPAINEXPAT, BANESTO, ANDALUCIA, LACAIXA , CAIXA PENEDES
BANKKUWAIT
NBK , BURGAN , CBK , ABK ,
ISRAEL
BANKISRAEL , MSNBC , DISCOUNTBANK

%B5510620000188117^BARNO/JOHNC ^09061011708000000000004710000 00?;5510620000188117=090610117 08047100000?= MONEY ACCESS SERVICE, INC

%B5476090001847883^MONAHAN/DAN IEL^11011011000000000083000000 00000?;5476090001847883=110110 11000000008300?= GE CAPITAL FINANCIAL INC

Record #00929...
Tue Oct 16 08:56:05 2007
Track 1: B5120255004093674^gorge linuz^0909201225000000000000000000000
Track 2: 5120255004093674=09092012250000000000
Track 3: ;?
PIN:0843

Record #000930...
Tue Oct 16 08:56:14 2007
Track 1: B5458001140057948^FAZAKERLEY/ANDREW.MR ^09022013570000000000
Track 2: 5458001140057948=09022013570000000001
Track 3: ;?
PIN: 5761

%B4436030023093126^THOMPSON/KI M^100310110000000100988000000? ;4436030023093126=100310110000 0001988?= NATIONAL CITY BANK OF PENNSYLVANIA

%B5413510005460629^FAZIO/VINCE NTD^09081010000000000000008780 00000?;5413510005460629=090810 10000187800000?= CHARTER ONE BANK, F.S.B

%B5424323420007117^SANDERS/EUG ENET^0903101000004870000000487 000000?;5424323420007117=09031 010000048700000?= FIFTH THIRD BANK, THE

%B4432201668420056^CUNDIFF/JOH NALAN^08101011871900600000000? ;4432201668420056=081010118719 600?= THE HUNTINGTON NATIONAL BANK

%B5449270947084312^CASTELLI/AM YB^090810110000100567000000?;5 449270947084312=09081011000015 67?= KEYBANK N.A.


Track2: 4124877000619142=11052011451475400000
Pin: 3574

E-mail : james_lilwayne2000 or Icq:577799218
Pass : leeia8jddddz
---------------------Card info--------------------------
BankName: lloyds tsb
CCNr: 4508847187459981
Name on Card: mr H main
ExpM: 6
ExpY: 2011
CVV2: 661
DOB: 10/04/1941 ( Day - Month - Year )
MMN: archer
------------------
Account number : 09144551
Sort code : 41 - 21 - 42
Issue Nr :
Start Date : 7 - 2004 ( month - year )
------------------
FName: horny
LName: man
Address1: 30,main st
Address2: bowel control
City: newcastle
State:erection
ZIP: 1337 d1
Country: GB
Tel: 01670-803-144
ip: 78.181.19.14


I am transfering Wire transfer and cheque transfer to
uk and us banks .. HSBC // Nationwide // Halifax // Natwest //Citibank // Lloyds // Abbey // Barclays // FCU / Regions / Wells Fargo // Capital // BOA // watchovia //

Depends on bank for the limit.

Taking 200 $ upfront + 10% after the money transfered being cashed out

BALANCE IN CHASE ..............................70K TO 155K ========225$
BALANCE IN WASHOVIA.........................24K TO 80K===========125$
BALANCE IN BOA.......................................75K TO 450K==========400$
BALANCE IN CREDIT UNION.....................ANY AMOUNT==========300$
BALANCE IN HALIFAX...............................ANY AMOUNT=========300$
BALANCE IN COMPASS.............................ANY AMOUNT=========400$

I have uk bins: 4547,5506,5569,5404,5031,4921,5505,5506,4921,4550
,4552,4988,5186,4462,4543,4567,4539,5301,4929,5521 ,
4291,5051,4975,5413 5255 4563,4547 4505,4563 5413 5255,5521,5506,4921,4929,546097,5609,54609,4543,
4975,5432,5187 ,4973,4627,4049,4779,426565,5505, 5549, 5404, 5434, 5419, 4670,456730,541361, 451105,4670,5505, 5549, 5404, 5434, 5419, 4670,374288,545140,454634,3791 with d.o.b,4049,4462,4921.4929.4627

We Give You Good And Fresh And Work And Live Cc Today
Sell You Cc Very Very Cheap ...
Contact Me :
Yahoo Id :james_lilwayne2000
ICQ: 577799218
I'm Waiting For See You...
Payment Accept :
Only wu , libertyreserve
I Can't Give You Free Test And Demo Cc Only Sell
Don't Pm Me for test and demo and free cc i can not give you free

▶ Reply to This