Authentication Bypass

Abusing Kerberos to NTLM fallback to defeat BitLocker FDE

Intro This vulnerability is related to the initial vulnerbility which I and my collegue Tom found back in February, namely the Microsoft Security Bulletin MS16-014. More information about the MS16-014 attack can be found in my earlier blog post here. TL;DR Windows login screen can be bypassed using NTLM

HIP16

SLIDES: From zero to SYSTEM of full disk encrypted Windows system (Hack In Paris 2016)

Intro On the 30th of June, Tom and I gave a presentation at Hack In Paris about the vulnerabilities we discovered and which could be abused to bypass BitLocker FDE. These slides were used during the presentation a video of the presentation will be released soon and I will update

Authentication Bypass

From zero to SYSTEM on full disk encrypted Windows system (Part 1)

Intro Whether you want to protect the operating system components or your personal files, a Full Disk Encryption (FDE) solution allows you to keep track of the confidentiality and integrity. One of the most commonly used FDE solutions is Microsoft Bitlocker®, which due to its integration with the Trusted Platform