After reading several comments about the release of Winlockpwn I could not believe the amount of people who did not get the importance of the tool. In the past months several high profile cases involving unencrypted data that was either stolen or lost brought attention to the way data is managed. The answer to the the problem was whole disk encryption, encryption has been used in servers but rarely in mobile devices for example laptops. Usually the entire hard drive is encrypted by means of software, for the data to be decrypted a password needs to be entered before the the Operating System loads. Solutions like TrueCrypt offer such protection, if a computer is lost or stolen the data in it would be protected. In order to crack the password in a Windows machine a reboot would be required at some point, which in turns triggers the encryption software to ask for a password, getting the password for the encryption software would be nearly impossible when compared to the Windows password. Winlockpwn brings the ability of accessing a password protected computer with out the need for a reboot, undermining the previous layer of protection.
In my scenario a laptop is about to be stolen by a competitor, they know the target uses whole disk encryption on all of their laptops, a laptop that ask for a password to decrypt the contents is useless to them. The goal is to acquire a laptop that is powered “on” with the encryption password previously entered, if Windows ask for a password Winlockpwn should solve the problem. This method is easier than pulling the RAM out of a system and freezing it.
This post is a reaction to the following comments. or you could just download hirens boot cd and boot off of it and remove all passwords within seconds….. jeezus this seems like a lot of work just to get rid of a password.. hiren’s boot cd ftw! terrible…. rather use ophcrack or cain this is a piece of trash. firewire????? .000001% of computers have firewire and .000000000000000000000000000000000000000000001% have a wire for it anyway. worthless hack. why would you want to waste your time with connecting to another pc or running disks to get around passwords on xp , jus got into safe mode and reset the password n reboot , sure thats damn site easier !!! Risky Business podcast had an exclusive interview with the creator of Winlockpwn Adam Boileau.
winlockpwn — Mar 14, 2008