Bitlocker-1

Description

Solution

1. Step 1Extract the hash
   bitlocker2john converts the image to `$bitlocker$...` lines. Save them to hashes.txt for cracking.
   Learn more

   BitLocker is Microsoft's full-volume encryption feature built into Windows. It encrypts entire drive volumes using AES (typically 128-bit or 256-bit) and protects the encryption key with one of several authentication methods: a password, a PIN, a USB key, or a TPM chip. The drive image in this challenge is protected by a user-supplied password.

   bitlocker2john is a script from the John the Ripper project that parses a BitLocker-protected disk image and extracts a hash line in the $bitlocker$... format. This hash encodes the password-derived key protection record, which BitLocker stores in the Volume Boot Record metadata. The hash can then be fed to offline password crackers like John or Hashcat without mounting the actual drive.

   The .dd file extension denotes a raw disk image created by tools like dd, a byte-for-byte copy of the original storage media. Forensic investigators create these images to preserve evidence without altering the original disk. Raw images can be analyzed, mounted, and cracked just like the original media, making them central to digital forensics workflows.

2. Step 2Recover the password
   Run `hashcat -m 22100 hashes.txt rockyou.txt` (or use John). One of the entries cracks quickly as `jacqueline`.
   Learn more

   Hashcat is the world's fastest password recovery tool, capable of leveraging GPU parallelism to test billions of hash candidates per second. Mode -m 22100 targets the BitLocker-with-user-supplied-password format. Hashcat supports dozens of attack modes: dictionary attacks (wordlist), brute-force, rule-based mutations, combinator attacks, and mask attacks.

   rockyou.txt is the most famous password wordlist in security research, containing approximately 14 million real passwords leaked from the 2009 RockYou data breach. Weak passwords like common first names appear early in the list, which is why the password "jacqueline" cracks quickly. This demonstrates why dictionary words - even uncommon ones - should never be used as encryption passwords.

   Proper BitLocker protection requires a complex, randomly generated recovery key (a 48-digit numeric code that BitLocker can generate) rather than a user-chosen password. The recovery key is stored in Active Directory or Microsoft account in enterprise environments. Using a strong random recovery key makes offline dictionary attacks computationally infeasible.

3. Step 3Mount with dislocker
   Point dislocker at the image with `-u "jacqueline"`, mount the generated dislocker-file loop device, and read flag.txt inside the mounted NTFS volume.
   Learn more

   Dislocker is an open-source Linux tool that decrypts BitLocker volumes. Given a password, recovery key, or BEK file, it decrypts the volume and presents it as a virtual FUSE filesystem containing a file called dislocker-file - which is the decrypted raw partition image. This file can then be mounted normally using the mount command with a loop device.

   The two-step mount process is necessary because dislocker operates at the encryption layer while mount operates at the filesystem layer. BitLocker wraps an NTFS (or FAT32/exFAT) filesystem, so after dislocker strips the encryption, the underlying filesystem still needs to be interpreted by the kernel's NTFS driver (provided by the ntfs-3g package on Linux).

   This workflow - extract hash, crack password, mount and read - is standard in digital forensics and incident response (DFIR). Investigators frequently encounter BitLocker-encrypted drives on seized hardware. Commercial tools like FTK and EnCase have built-in BitLocker support, while open-source workflows like this one demonstrate the same capability without licensing costs.

Flag

picoCTF{us3_b3tt3r_p4ssw0rd5_pl5!_324...}

Remember to install dislocker and ntfs-3g if your distro lacks them.