BitLocker

Abusing Kerberos to NTLM fallback to defeat BitLocker FDE

Intro This vulnerability is related to the initial vulnerbility which I and my collegue Tom found back in February, namely the Microsoft Security Bulletin MS16-014. More information about the MS16-014 attack can be found in my earlier blog post here. TL;DR Windows login screen can be bypassed using NTLM

Windows

From zero to SYSTEM on full disk encrypted Windows system (Part 2)

Intro This blog post is a continuation of my previous post which can be found here. The reason I devided is because two seperate vulnerabilities come in to play in order to successfully retrieve the original user password and install your favourite malware :) So without further ado, let's escalate our

Authentication Bypass

From zero to SYSTEM on full disk encrypted Windows system (Part 1)

Intro Whether you want to protect the operating system components or your personal files, a Full Disk Encryption (FDE) solution allows you to keep track of the confidentiality and integrity. One of the most commonly used FDE solutions is Microsoft Bitlocker®, which due to its integration with the Trusted Platform