ElcomSoft cracks Windows Hello PIN codes with its forensics tool and attacks the LUKS2 encryption. This extends the range of forensic password recovery tools to include support for Windows Hello PIN codes on TPM-less computers. There is also support for the new LUKS2 specification for encrypted disks and containers in Linux.
Microsoft implements PIN codes as part of Windows Hello authentication and recommends using PIN codes instead of a password. By default, PIN codes contain only digits, but alphanumeric PINs are also possible. While 4 to 6 digit PINs can be cracked in minutes, attacking an alphanumeric PIN is significantly slower compared to recovering Windows NTLM passwords.
Windows Hello PIN code cracking
Elcomsoft Distributed Password Recovery (EDPR) version 4.45 offers the possibility to attack Windows Hello PIN codes on systems without a Trusted Platform Module (TPM). For digit-only PIN codes, recovery is almost instantaneous and can be performed while booting from a USB drive running the recently updated Elcomsoft System Recovery 8.30.
Elcomsoft System Recovery 8.30
The updated Elcomsoft System Recovery helps users and forensic experts to extract LUKS2 encryption metadata from all connected storage devices by booting the computer under investigation from a USB flash drive in a portable Windows PE environment. The tool works in the familiar Windows environment and helps experts quickly get the data needed to attack LUKS encrypted hard drives.
Elcomsoft Forensic Disk Decryptor 2.20
Elcomsoft Forensic Disk Decryptor (EFDD) is a Windows tool for instantly extracting encryption metadata from a variety of encrypted hard drives and forensic disk images. Unlike Elcomsoft System Recovery, Elcomsoft Forensic Disk Decryptor runs on the expert's computer and does not require booting into the Windows PE environment.
The tool helps in accessing encrypted disk containers. This can be achieved by extracting password hashes for further brute force attacks, and by analyzing memory when looking for encryption keys. Containers can be decrypted or mounted to gather evidence.
Elcomsoft Distributed Password Recovery 4.45
Elcomsoft Distributed Password Recovery can attack LUKS2 encryption passwords in the new version. The program is a high-end password recovery solution that is scalable to 10.000+ workstations and offers the fastest recovery using the most advanced commercially available technologies.
The product enables accelerated password recovery for more than 500 formats, including Microsoft Office and Adobe PDF documents, encrypted volumes and archives, personal security certificates and exchange keys, MD5 hashes and Oracle passwords, Windows and UNIX logins - and domain passwords, BitLocker, LUKS, TrueCrypt and VeraCrypt disk encryption.
More at Elcomsoft.de
About ElcomSoft
The software development company ElcomSoft Co. Ltd. was founded in 1990 by Alexander Katalov and has been in his possession ever since. The Moscow-based company specializes in proactive password security software for businesses and private users and sells its products worldwide. ElcomSoft aims to provide users with easy-to-use password recovery solutions to access their data. The software company also provides administrators with security solutions with which they can locate and eliminate unsafe identifiers in company networks under Windows or rescue EFS-encrypted files.