ExtractBitlockerKeys: automatically extract the bitlocker recovery keys from a domain
ExtractBitlockerKeys
A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.
Features
- Automatically gets the list of all computers from the domain controller’s LDAP.
- Multithreaded connections to extract Bitlocker keys from LDAP.
- Iterate on LDAP result pages to get every computer of the domain, no matter the size.
⚠️ Please do not store this backup in an online SMB share of the domain. You should prefer to print it and store it physically in a locked safe.
- Export results in JSON with Computer FQDN, Domain, Recovery Key, Volume GUID, Created At, and Organizational Units.
- Export results in XLSX with Computer FQDN, Domain, Recovery Key, Volume GUID, Created At, and Organizational Units.
- Export results in SQLITE3 with Computer FQDN, Domain, Recovery Key, Volume GUID, Created At, and Organizational Units.
Download
git clone https://github.com/p0dalirius/ExtractBitlockerKeys.git
Use
Demonstration from Linux in Python
To extract Bitlocker recovery keys from all the computers of the domain domain.local you can use this command:
./ExtractBitlockerKeys.py -d ‘domain.local’ -u ‘Administrator’ -p ‘Podalirius123!’ –dc-ip 192.168.1.101
You will get the following output:
Demonstration from Windows in Powershell
To extract Bitlocker recovery keys from all the computers of the domain domain.local you can use this command:
.\ExtractBitlockerKeys.ps1 -dcip 192.168.1.101 -Username ‘Administrator’ -Password ‘Podalirius123!’ -ExportToCSV ./keys.csv -ExportToJSON ./keys.json
You will get the following output:
Source: https://github.com/p0dalirius/
