So I’ve just had a quick play with this and yes, it works.
-
@barubary @GossiTheDog It might be a "We've to deliver this and test this quicker" and someone forgot to remove.
A backdoor implies planning and we're talking about Microsoft.
I'd bet for bad QA and controls and lazy development with a pinch of "hurry, deliver now"
Which is ... Worse?
@prsfalken @barubary @GossiTheDog they’re excellent at planning Copilot and spyware integrations, though.
-
@GossiTheDog thanks God i can recover an Old ssd whose bitlocker key is somewhere in the short-circuited mainboard Something Something Secure Module and I happen to not have a backup of that specific bitlocker key
@splinux @GossiTheDog my mom sent me an old ssd in the same situation. Haven't been able to recover her data from it so far.
-
@mkoek @GossiTheDog you can also usually get the same general result in this config by poking the motherboard with a logic analyser and dumping the TPM data off the bus.
@gsuberland @mkoek @GossiTheDog not always - this wouldn't work with a "firmware TPM" implementation in IntelME/AMD PSP or in Pluton for example -
@gsuberland @mkoek @GossiTheDog not always - this wouldn't work with a "firmware TPM" implementation in IntelME/AMD PSP or in Pluton for example
@Rairii @GossiTheDog @mkoek yeah, I was just thinking "hm I should edit that post from yesterday to mention fTPMs"
-
For anybody looking at this, testing showed two things:
- TPM unlocked the storage
- it provides a login bypass, as you’re dumped as SYSTEM prior to Windows Hello or password loginBitLocker operates without a PIN by default so it’s basically a big gap, it’s unclear how this code made it into the production version of Windows.
- it provides a login bypass, as you’re dumped as SYSTEM prior to Windows Hello or password login
Technically you're running in WinPE with unlocked
drive. -
@gsuberland @mkoek @GossiTheDog Unless Microsoft made another mistake this shouldn't be possible. Accessing disk encryption keys should always use what is called a "salted session", where the communication between TPM and application is encrypted, precisely to prevent passive attacks on the bus.
@berglerma @gsuberland @mkoek @GossiTheDog This is BitLocker we are talking about. There's about one yearly post somewhere online, from someone new who bypassed bitlocker with an arduino and two paperclips. It's always passive attacks on the bus.
-
For anybody looking at this, testing showed two things:
- TPM unlocked the storage
- it provides a login bypass, as you’re dumped as SYSTEM prior to Windows Hello or password loginBitLocker operates without a PIN by default so it’s basically a big gap, it’s unclear how this code made it into the production version of Windows.
-
@GossiTheDog I mean they already do key escrow if you link to a MSFT account right? So seems sloppy for an intentional backdoor.
-
I should point out I’ve only tested with one version of Windows 11 - maybe the scope is smaller.
@GossiTheDog Very interesting indeed. I only have a work laptop with windows 11 so I have no testbed. Everything else is Linux, and famliy has Macbooks. I use to be able to boot Linux from a portable ssd drive + portable hard drive on my work laptop to make a compressed backup of the entire laptop SSD, so I could just roll back to last working image. Could this exploit be used to perform some "essentials" backup that could be used to restore from a bitlocker lockout or other failures?
-
So I’ve just had a quick play with this and yes, it works. Essentially BitLocker has a backdoor. https://github.com/Nightmare-Eclipse/YellowKey
Mitigation = BitLocker PIN and BIOS password lock.
@GossiTheDog You've probably seen this, but there were a bunch more in WinRE: https://media.ccc.de/v/39c3-bitunlocker-leveraging-windows-recovery-to-extract-bitlocker-secrets -
I should point out I’ve only tested with one version of Windows 11 - maybe the scope is smaller.
Me and @wdormann have both recreated the BitLocker backdoor^H^H^Hvulnerability https://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/
-
@GossiTheDog it's not clear to me what config this bypasses. is it only the no password config?
(Edit: thought about it and yeah ofc it's just that config)
@gsuberland @GossiTheDog Slightly easier than grabbing the key off LPC I guess.
-
So I’ve just had a quick play with this and yes, it works. Essentially BitLocker has a backdoor. https://github.com/Nightmare-Eclipse/YellowKey
Mitigation = BitLocker PIN and BIOS password lock.
@GossiTheDog This doesn't work for me. I'm using an exFat Ventoy USB (it's all I have right now) on a T16 Gen 1 and a desktop. Both with TPM, no PIN.
ThinkPad - won't boot with CTRL held down, I briefly release it on the Lenovo screen. CMD pops up but C:\ is mapped to a Ventoy partition and the BitLocker partition wasn't mounted or unlocked.
Desktop - I got to CMD and C:\ was mounted but locked.
Without the USB CMD doesn't open on either PC. I might try again later with clean NTFS USB stick.
-
I think my prior toot on NightmareEclipse auto deleted so to make a perm one - it isn’t me. I suspect it’s somebody who used to work at MSFT, who departed after my era.
@GossiTheDog Do you think U.S. authorities could be investigating NightmareEclipse due to their disclosures?
I imagine Microsoft is investigating internally to determine if it's someone with previous/current access to internal info that is still legally protected (by contract or law).
Based on their posts, MS might already know their identity if they have interacted with this person via MSRC and have their payment info for the bug bounty programs.
-
@GossiTheDog This doesn't work for me. I'm using an exFat Ventoy USB (it's all I have right now) on a T16 Gen 1 and a desktop. Both with TPM, no PIN.
ThinkPad - won't boot with CTRL held down, I briefly release it on the Lenovo screen. CMD pops up but C:\ is mapped to a Ventoy partition and the BitLocker partition wasn't mounted or unlocked.
Desktop - I got to CMD and C:\ was mounted but locked.
Without the USB CMD doesn't open on either PC. I might try again later with clean NTFS USB stick.
@GossiTheDog Okay I got it working on the desktop, even though `reagentc /info` showed that it was enabled, running `reagentc /disable` then `reagentc /enable` made the machine vulnerable
-
@GossiTheDog it's not clear to me what config this bypasses. is it only the no password config?
(Edit: thought about it and yeah ofc it's just that config)
@gsuberland @GossiTheDog I think I used something like this last year. After a bios update a new Windows update fucked up my OS and the machine kept rebooting and going into recovery...
From that recovery mode I had access to the unlocked OS disk (without using the recovery key) and I was able to copy the couple of folders which were not in my backup... before I wiped the disk and did a clean install.
-
Me and @wdormann have both recreated the BitLocker backdoor^H^H^Hvulnerability https://www.bleepingcomputer.com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/
@GossiTheDog
The aurhor claims that TPM + PIN is not protection.Personally I have a hard time understanding how that could be bypassed. Thoughts?
