This lab will take you through using Dislocker to view data on a USB disk image that has Bitlocker encryption. The password for Bitlocker will be provided.
Real life use: Hard drive with Bitlocker fails to boot. You need to recover data from it.
Bitlocker USB DD image: https://drive.google.com/a/gameofpwnz.com/file/d/0B3KtykBk15nNamdMSVpYaXRPRlU/view?usp=sharing
MD5 Checksum: 90860ff85a78f1421e6f26f44c10b8ae
In Kali, you can use this to get the mount 🙂 :
losetup --partscan --find --show encrypted.001The Bitlocker Password is password
Use this Procedure: https://gameofpwnz.com/dislocker-recovering-data-from-drive-with-bitlocker-requires-bitlocker-recovery-key-or-password/
The procedure can be altered slightly for this lab. I used a Kali Linux Virtual Machine instead of a live USB to complete this lab. In this lab, I use the password rather than the recovery key. Notice the slight difference in the command when using each.
Lab created by @GameOfPWNZ