Mänu
@emanuelduss.ch
IT security. Linux & network protocols. Pentesting web applications, networks & AD infrastructures. Mostly technical stuff here. https://emanuelduss.ch
Cool #38c3 talk about bypassing #BitLocker in TPM only mode. A downgrade attack allows you to exploit "bitpixie" again.
media.ccc.de/v/38c3-windo...
PXE Boot → boot downgraded/vulnerable #Windows boot loader → decrypt disk using TPM → reboot → key stays in memory → boot Linux → read key
#pentest
media.ccc.de/v/38c3-windo...
PXE Boot → boot downgraded/vulnerable #Windows boot loader → decrypt disk using TPM → reboot → key stays in memory → boot Linux → read key
#pentest
January 3, 2025 at 10:46 AM
Cool #38c3 talk about bypassing #BitLocker in TPM only mode. A downgrade attack allows you to exploit "bitpixie" again.
media.ccc.de/v/38c3-windo...
PXE Boot → boot downgraded/vulnerable #Windows boot loader → decrypt disk using TPM → reboot → key stays in memory → boot Linux → read key
#pentest
media.ccc.de/v/38c3-windo...
PXE Boot → boot downgraded/vulnerable #Windows boot loader → decrypt disk using TPM → reboot → key stays in memory → boot Linux → read key
#pentest
Also cool is, that Wireshark directly allows you to start an application with this environment variable set. So you can launch a browser from within Wireshark and directly decrypt and analyze the TLS traffic. 😃👌
December 24, 2024 at 11:06 AM
Also cool is, that Wireshark directly allows you to start an application with this environment variable set. So you can launch a browser from within Wireshark and directly decrypt and analyze the TLS traffic. 😃👌