16 August, 2022

Elcomsoft Breaks Windows Hello PIN Codes, Attacks LUKS2 Encryption

Elcomsoft updates its range of password recovery tools, adding support for Windows Hello PIN codes on TPM-less computers, and supporting the new LUKS2 specification for encrypted disks and containers in Linux.

Breaking Windows Hello PIN codes

Microsoft implements PIN codes as part of Windows Hello authentication, encouraging the use of PIN codes instead of a password. By default, PIN codes only contain digits, yet alphanumeric PINs are also possible. While 4 to 6-digit PINs can be broken in minutes, attacking an alphanumerical PIN is significantly slower comparing to the recovery of Windows NTLM passwords.

Elcomsoft Distributed Password Recovery 4.45 brings the ability to attack Windows Hello PIN codes on systems without a Trusted Platform Module (TPM). For digit-only PIN codes, the recovery is near-instant, and can be performed on-the-fly when booting from a USB drive running the recently updated Elcomsoft System Recovery 8.30.

Elcomsoft System Recovery 8.30 Extracts LUKS2 Metadata with a Bootable USB Drive

The updated Elcomsoft System Recovery helps users and forensic expert extract LUKS2 encryption metadata from all attached storage devices by booting the computer being investigated into a portable Windows PE environment from a USB flash drive. Operating from the familiar Windows environment, the tool helps experts to quickly obtain the data required to launch the attack on LUKS-encrypted disks.

Elcomsoft Forensic Disk Decryptor 2.20 Extracts LUKS2 Metadata from Disks and Disk Images

Elcomsoft Forensic Disk Decryptor is a Windows tool to instantly extract encryption metadata from a wide range of encrypted hard drives and forensic disk images. Unlike Elcomsoft System Recovery, Elcomsoft Forensic Disk Decryptor runs on the expert’s computer, and does not require booting into the Windows PE environment.

The tool helps gaining access to encrypted disk containers. This can be accomplished by extracting password hashes for brute-force and memory analysis to find encryption keys. Containers can be decrypted or mounted for evidence collection.

Elcomsoft Distributed Password Recovery 4.45 Recovers LUKS2 Passwords

Elcomsoft Distributed Password Recovery was updated with the ability to attack LUKS2 encryption passwords. Scaling to over 10,000 workstations with zero scalability overhead, Elcomsoft Distributed Password Recovery is a high-end password recovery solution offering the speediest recovery with the most sophisticated commercially available technologies.

The product enables accelerated password recovery for more than 500 formats including Microsoft Office and Adobe PDF documents, encrypted volumes and archives, personal security certificates and exchange keys, MD5 hashes and Oracle passwords, Windows and UNIX login and domain passwords, BitLocker, LUKS, TrueCrypt, and VeraCrypt disk encryption.

About ElcomSoft Co. Ltd.

Founded in 1990, ElcomSoft Co.Ltd. is a global industry-acknowledged expert in computer and mobile forensics providing tools, training, and consulting services to law enforcement, forensics, financial and intelligence agencies. ElcomSoft pioneered and patented numerous cryptography techniques, setting and exceeding expectations by consistently breaking the industry’s performance records. ElcomSoft is Microsoft Certrified Partner, and Intel Software Premier Elite Partner.

Contact Us

Elcomsoft s.r.o.

Československé armády 371/11,
Praha 6-Bubeneč,
Czech Republic, PSČ 160 00

Please click here for contacts with Elcomsoft Co. Ltd. representative.

As one of the industry leaders, our job involves complex research and constant monitoring of industry news. We love sharing our findings with our followers. Follow us on a social network of your choice, and we’ll deliver quality content straight to your news feed.