Share via


Partly forgotton BitLocker Drive Password - Brute Force PowerShell Script (more a like gentle push)

A simple PowerShell BitLocker snippet, that was vital to get me started. So much simpler than C#.

**Plus, yey! Check out ** Ryen Kia Zhi Tang's comments below, for even more awesomeness!

The Problem

For one whole terrible week recently, I forgot the new password for a BitLocker encrypted drive! After many combinations of what I thought it could be, I started a Notepad list of failed passwords. There were still many of my popular combinations I had not tried, so I decided to automate the process...

The Solution

Well, part of the solution actually, as the true password came to me the next night, so I never needed to finish this.

The code below is all that is needed to get started, for anyone else who is stuck in this situation. At very least, you can just keep adding your ideas to the input file and running it again, to see if any work.

I am so very glad we have PowerShell to make this kind of thing so easy!

The Code

The script below opens a text file (called "..tried.txt", wherever you place that), then iterates through each line and tests it against the locked drive.

It's not fast! But it gets the job done much faster than doing it manually!

$file = "C:\.....\Desktop\tried.txt"
$Lines = [System.IO.File]::ReadAllLines($file)
$password = "None :("
 
foreach ($line in  $Lines)
{
    if ($line -eq "")
    {
        continue;
    }
    Try
    {
        $SecureString = ConvertTo-SecureString $line -AsPlainText -Force
        $result = Unlock-BitLocker -MountPoint "X:" -Password $SecureString -ErrorVariable err -ErrorAction SilentlyContinue
        if ($result -and $password -eq "")
        {
            $password = $line;
        }
    }
    Catch
    {
        #write-host "Nope"
    }
}
 
write-host $password;

So the key command here is Unlock-BitLocker. Make sure you change the script for the drive you want to unlock, shown as X above. 

Note how I'm swallowing the error info, which you can analyse too if need, and notice the silent continue on errors.

Hope this helps some poor soul who doesn't code but can open a PowerShell window and make the file and changes described above.

To run Windows PowerShell, just type it into your start box or Cortana. You will already have it installed. Then you can just adjust the code above and paste it in. Maybe press Enter again to get the last line. If the list is long, it will pause until complete - just wait. 

You can wrap it into a Script Block and monitor its progress if you are serious about this. Below is a simplified example of the code needed for that:

$ScriptBlock = {
    #param($pipelinePassIn) 
    $file = "C:\Users\Piers\Desktop\tried.txt"
    $Lines = [System.IO.File]::ReadAllLines($file)
    $password = "None :("
    foreach ($line in $Lines)
    {
        if ($line -eq "")
        {
            continue;
        }
        Try
        {
            $SecureString = ConvertTo-SecureString $line -AsPlainText -Force
            $result = Unlock-BitLocker -MountPoint "k:" -Password $SecureString -ErrorVariable err -ErrorAction SilentlyContinue
            if ($result -and $password -eq "")
            {
                $password = $line;
            }
        }
        Catch
        {
            #Also ignore
        }
 
    }
    return $password; 
}
 
#Start-Job $ScriptBlock -ArgumentList $Lines
Start-Job $ScriptBlock
 
While (Get-Job -State "Running")
{
  Start-Sleep 1
}
 
# Getting the information back from the jobs
Get-Job | Receive-Job
 
Get-Job | Stop-Job

Read more about Script Blocks and feedback here.

Good luck!