I am trying to use dislocker on a bitlocker windows partition.
I will show below my system and the various commands I have tried.
I have been all over the internet and can’t seem to find the solution.
I have at the moment disabled TPM on the system in hopes that would help but no good with or without TPM.
I have tried with -u and -p as you will see below.
I want to do this so I can scan the drive for viruses from within linux.
[demo@manjaro-live ~]$ sudo dislocker -V /dev/nvme0n1p4 -p135795-666138-194040-491678-032802-572319-258192-100232 -- /media/mount
Mon Mar 21 13:11:23 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 13:11:23 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[demo@manjaro-live ~]$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 1 29.3G 0 disk
├─sda1 8:1 1 300M 0 part /boot/efi
└─sda2 8:2 1 29G 0 part /
nvme0n1 259:0 0 931.5G 0 disk
├─nvme0n1p1 259:1 0 529M 0 part
├─nvme0n1p2 259:2 0 100M 0 part
├─nvme0n1p3 259:3 0 16M 0 part
├─nvme0n1p4 259:4 0 219.5G 0 part
├─nvme0n1p5 259:5 0 831M 0 part
├─nvme0n1p6 259:6 0 40G 0 part
├─nvme0n1p7 259:7 0 325.6G 0 part
├─nvme0n1p8 259:8 0 40G 0 part /run/media/demo/rootMX19
├─nvme0n1p9 259:9 0 50G 0 part /run/media/demo/5853e799-bebb-4c86-8c11-a5641cb5ea91
├─nvme0n1p10 259:10 0 16G 0 part
└─nvme0n1p11 259:11 0 239G 0 part /run/media/demo/45ca132d-4a37-4dc3-afa0-be2e80d6a4a2
[demo@manjaro-live ~]$ sudo fdisk -l
[sudo] password for demo:
Disk /dev/nvme0n1: 931.51 GiB, 1000204886016 bytes, 1953525168 sectors
Disk model: Samsung SSD 970 EVO Plus 1TB
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 2D5C88F0-AEA2-4E08-97E5-E619AA78457D
Device Start End Sectors Size Type
/dev/nvme0n1p1 2048 1085439 1083392 529M Windows recovery environment
/dev/nvme0n1p2 1085440 1290239 204800 100M EFI System
/dev/nvme0n1p3 1290240 1323007 32768 16M Microsoft reserved
/dev/nvme0n1p4 1323008 461636399 460313392 219.5G Microsoft basic data
/dev/nvme0n1p5 461637632 463339519 1701888 831M Windows recovery environment
/dev/nvme0n1p6 463343616 547229695 83886080 40G Linux root (x86)
/dev/nvme0n1p7 547229696 1230008319 682778624 325.6G Linux filesystem
/dev/nvme0n1p8 1731227648 1815113727 83886080 40G Linux root (x86)
/dev/nvme0n1p9 1815113728 1919971327 104857600 50G Linux filesystem
/dev/nvme0n1p10 1919971328 1953523711 33552384 16G Linux root (x86)
/dev/nvme0n1p11 1230008320 1731227647 501219328 239G Linux filesystem
Partition table entries are not in disk order.
Disk /dev/sda: 29.3 GiB, 31457280000 bytes, 61440000 sectors
Disk model: USB DISK
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 2B83924A-6006-1C46-801F-210655F5E730
Device Start End Sectors Size Type
/dev/sda1 4096 618495 614400 300M EFI System
/dev/sda2 618496 61432559 60814064 29G Linux filesystem
[demo@manjaro-live ~]$ sudo dislocker -V /dev/nvme0n1p4 -p135795-666138-194040-491678-032802-572319-258192-100232 -- /media/mount
[sudo] password for demo:
Mon Mar 21 13:54:21 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 13:54:21 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[demo@manjaro-live ~]$ sudo dislocker -r -V /dev/nvme0n1p4 -u -- /media/mount
Enter the user password:
Mon Mar 21 13:54:37 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 13:54:37 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[demo@manjaro-live ~]$ sudo dislocker -v -V /dev/nvme0n1p4 -u -- /media/mount
[sudo] password for demo:
Sorry, try again.
[sudo] password for demo:
Enter the user password:
Mon Mar 21 14:00:34 2022 [ERROR] Error, can't find a valid and matching VMK datum. Abort.
Mon Mar 21 14:00:34 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 14:00:34 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[demo@manjaro-live ~]$ sudo dislocker -v -V /dev/nvme0n1p4 -u=rP[_&7]= -- /media/mount
[1] 5710
bash: 7]=: command not found
[demo@manjaro-live ~]$ Mon Mar 21 14:01:36 2022 [ERROR] Error, can't find a valid and matching VMK datum. Abort.
Mon Mar 21 14:01:36 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 14:01:36 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[1]+ Exit 1 sudo dislocker -v -V /dev/nvme0n1p4 -u=rP[_
[demo@manjaro-live ~]$ sudo dislocker -v -V /dev/nvme0n1p4 -u="rP[_&7]=" -- /media/mount
Mon Mar 21 14:02:09 2022 [ERROR] Error, can't find a valid and matching VMK datum. Abort.
Mon Mar 21 14:02:09 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 14:02:09 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[demo@manjaro-live ~]$ sudo dislocker -vvvv /dev/nvme0n1p4 -u -- /media/mount
[sudo] password for demo:
Mon Mar 21 14:16:47 2022 [DEBUG] Verbosity level to DEBUG (4) into 'stdout'
Mon Mar 21 14:16:47 2022 [INFO] dislocker by Romain Coltel, v0.7.2 (compiled for Linux/x86_64)
Mon Mar 21 14:16:47 2022 [INFO] Compiled version: master:7e4c637
Mon Mar 21 14:16:47 2022 [DEBUG] --- Config...
Mon Mar 21 14:16:47 2022 [DEBUG] Verbosity: 4
Mon Mar 21 14:16:47 2022 [DEBUG] Trying to decrypt '/dev/nvme0n1p4'
Mon Mar 21 14:16:47 2022 [DEBUG] using the user's password method
Mon Mar 21 14:16:47 2022 [DEBUG] -> '(null)'
Mon Mar 21 14:16:47 2022 [DEBUG] Using the first valid metadata block
Mon Mar 21 14:16:47 2022 [DEBUG] ... End config ---
Mon Mar 21 14:16:47 2022 [DEBUG] Trying to open '/dev/nvme0n1p4'...
Mon Mar 21 14:16:47 2022 [DEBUG] Trying to open '/dev/nvme0n1p4'...
Mon Mar 21 14:16:47 2022 [DEBUG] Opened (fd #3).
Mon Mar 21 14:16:47 2022 [DEBUG] Opened (fd #3).
Mon Mar 21 14:16:47 2022 [DEBUG] New memory allocation at 0x55cc5ef7d690 (0x18 bytes allocated)
Mon Mar 21 14:16:47 2022 [DEBUG] New memory allocation at 0x55cc5ef7d6b0 (0x90 bytes allocated)
Mon Mar 21 14:16:47 2022 [DEBUG] New memory allocation at 0x55cc5ef7d750 (0x200 bytes allocated)
Mon Mar 21 14:16:47 2022 [DEBUG] Positioning #3 at offset 0 from 0
Mon Mar 21 14:16:47 2022 [DEBUG] Reading volume header...
Mon Mar 21 14:16:47 2022 [DEBUG] Reading 0x200 bytes from #3 into 0x55cc5ef7d750
Mon Mar 21 14:16:47 2022 [DEBUG] Volume header read
Mon Mar 21 14:16:47 2022 [DEBUG] =====[ Volume header informations ]=====
Mon Mar 21 14:16:47 2022 [DEBUG] Signature: '-FVE-FS-'
Mon Mar 21 14:16:47 2022 [DEBUG] Sector size: 0x0200 (512) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Sector per cluster: 0x08 (8) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Reserved clusters: 0x0000 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Fat count: 0x00 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Root entries: 0x0000 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Number of sectors (16 bits): 0x0000 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Media descriptor: 0xf8 (248) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Sectors per fat: 0x0000 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Hidden sectors: 0x00143000 (1323008) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Number of sectors (32 bits): 0x00000000 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Number of sectors (64 bits): 0x0000000000000000 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] MFT start cluster: 0x0000000000060001 (393217) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Metadata Lcn: 0x0000000000000000 (0) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Volume GUID: '4967D63B-2E29-4AD8-8399-F6A339E3D001'
Mon Mar 21 14:16:47 2022 [DEBUG] First metadata header offset: 0x0000000005c00000
Mon Mar 21 14:16:47 2022 [DEBUG] Second metadata header offset: 0x000000004c06b000
Mon Mar 21 14:16:47 2022 [DEBUG] Third metadata header offset: 0x0000000085d35000
Mon Mar 21 14:16:47 2022 [DEBUG] Boot Partition Identifier: '0xaa55'
Mon Mar 21 14:16:47 2022 [DEBUG] ========================================
Mon Mar 21 14:16:47 2022 [INFO] Volume GUID (INFORMATION OFFSET) supported
Mon Mar 21 14:16:47 2022 [DEBUG] Entering get_metadata_lazy_checked
Mon Mar 21 14:16:47 2022 [DEBUG] Positioning #3 at offset 96468992 from 0
Mon Mar 21 14:16:47 2022 [DEBUG] Reading bitlocker header at 0x5c00000...
Mon Mar 21 14:16:47 2022 [DEBUG] Reading 0x70 bytes from #3 into 0x7fffc9a05e70
Mon Mar 21 14:16:47 2022 [DEBUG] New memory allocation at 0x55cc5ef7d960 (0x250 bytes allocated)
Mon Mar 21 14:16:47 2022 [DEBUG] Reading data...
Mon Mar 21 14:16:47 2022 [DEBUG] Reading 0x1e0 bytes from #3 into 0x55cc5ef7d9d0
Mon Mar 21 14:16:47 2022 [DEBUG] End get_metadata.
Mon Mar 21 14:16:47 2022 [DEBUG] Reading validations data at offset 0x5c00250.
Mon Mar 21 14:16:47 2022 [DEBUG] Positioning #3 at offset 96469584 from 0
Mon Mar 21 14:16:47 2022 [DEBUG] Reading 0x8 bytes from #3 into 0x7fffc9a05f48
Mon Mar 21 14:16:47 2022 [DEBUG] Looking if 0x1f17c111 == 0x1f17c111 for metadata validation
Mon Mar 21 14:16:47 2022 [DEBUG] We have a winner (n°1)!
Mon Mar 21 14:16:47 2022 [INFO] BitLocker metadata found and parsed.
Mon Mar 21 14:16:47 2022 [DEBUG] =====================[ BitLocker information structure ]=====================
Mon Mar 21 14:16:47 2022 [DEBUG] Signature: '-FVE-FS-'
Mon Mar 21 14:16:47 2022 [DEBUG] Total Size: 0x0250 (592) bytes (including signature and data)
Mon Mar 21 14:16:47 2022 [DEBUG] Version: 2
Mon Mar 21 14:16:47 2022 [DEBUG] Current state: ENCRYPTED (4)
Mon Mar 21 14:16:47 2022 [DEBUG] Next state: ENCRYPTED (4)
Mon Mar 21 14:16:47 2022 [DEBUG] Encrypted volume size: 511432458240 bytes (0x7713c00000), ~487740 MB
Mon Mar 21 14:16:47 2022 [DEBUG] Size of convertion region: 0 (0)
Mon Mar 21 14:16:47 2022 [DEBUG] Number of boot sectors backuped: 16 sectors (0x10)
Mon Mar 21 14:16:47 2022 [DEBUG] First metadata header offset: 0x5c00000
Mon Mar 21 14:16:47 2022 [DEBUG] Second metadata header offset: 0x4c06b000
Mon Mar 21 14:16:47 2022 [DEBUG] Third metadata header offset: 0x85d35000
Mon Mar 21 14:16:47 2022 [DEBUG] Boot sectors backup address: 0x5c10000
Mon Mar 21 14:16:47 2022 [DEBUG] New memory allocation at 0x55cc5ef7dbc0 (0xc bytes allocated)
Mon Mar 21 14:16:47 2022 [DEBUG] ----------------------------{ Dataset header }----------------------------
Mon Mar 21 14:16:47 2022 [DEBUG] Dataset size: 0x00000204 (516) bytes (including data)
Mon Mar 21 14:16:47 2022 [DEBUG] Unknown data: 0x00000001 (always 0x00000001)
Mon Mar 21 14:16:47 2022 [DEBUG] Dataset header size: 0x00000030 (always 0x00000030)
Mon Mar 21 14:16:47 2022 [DEBUG] Dataset copy size: 0x00000204 (516) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Dataset GUID: '559C4637-CB84-432F-99DD-CA97E2087B5F'
Mon Mar 21 14:16:47 2022 [DEBUG] Next counter: 9
Mon Mar 21 14:16:47 2022 [DEBUG] Encryption Type: AES-XTS-128 (0x8004)
Mon Mar 21 14:16:47 2022 [DEBUG] Epoch Timestamp: 1574743578 sec, that to say Tue Nov 26 04:46:18 2019
Mon Mar 21 14:16:47 2022 [DEBUG] --------------------------------------------------------------------------
Mon Mar 21 14:16:47 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7dbc0
Mon Mar 21 14:16:47 2022 [DEBUG] =============================================================================
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x50, 0xb, 0x5, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG]
Mon Mar 21 14:16:47 2022 [DEBUG] =======[ Datum n°1 informations ]=======
Mon Mar 21 14:16:47 2022 [DEBUG] Total datum size: 0x0050 (80) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Datum entry type: 11
Mon Mar 21 14:16:47 2022 [DEBUG] `--> ENTRY TYPE FVEK (TryObtainKey)
Mon Mar 21 14:16:47 2022 [DEBUG] Datum value type: 5
Mon Mar 21 14:16:47 2022 [DEBUG] `--> AES-CCM -- Total size header: 36 -- Nested datum: no
Mon Mar 21 14:16:47 2022 [DEBUG] Status: 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Nonce:
Mon Mar 21 14:16:47 2022 [DEBUG] 60 62 55 71 14 a4 d5 01 02 00 00 00
Mon Mar 21 14:16:47 2022 [DEBUG] MAC:
Mon Mar 21 14:16:47 2022 [DEBUG] 26 53 99 74 fd 0b 0a df 0c 21 9e 1c f9 ef 10 a7
Mon Mar 21 14:16:47 2022 [DEBUG] Payload:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 ea 42 a6 6b b9 75 7e 9d-05 c8 85 9a 06 9b b9 1d
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000010 e6 d8 8d 51 b9 86 40 b2-f2 28 6a 12 bc 81 d1 0c
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000020 7f 87 25 ce 3a 99 1f 33-1b bd 21 36
Mon Mar 21 14:16:47 2022 [DEBUG] =========================================
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0xa0, 0x2, 0x8, 0x3
Mon Mar 21 14:16:47 2022 [DEBUG]
Mon Mar 21 14:16:47 2022 [DEBUG] =======[ Datum n°2 informations ]=======
Mon Mar 21 14:16:47 2022 [DEBUG] Total datum size: 0x00a0 (160) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Datum entry type: 2
Mon Mar 21 14:16:47 2022 [DEBUG] `--> ENTRY TYPE VMK
Mon Mar 21 14:16:47 2022 [DEBUG] Datum value type: 8
Mon Mar 21 14:16:47 2022 [DEBUG] `--> VMK -- Total size header: 36 -- Nested datum: yes
Mon Mar 21 14:16:47 2022 [DEBUG] Status: 0x3
Mon Mar 21 14:16:47 2022 [DEBUG] Recovery Key GUID: '7E8E5A4F-7978-4A94-84D5-7593004870DD'
Mon Mar 21 14:16:47 2022 [DEBUG] Nonce:
Mon Mar 21 14:16:47 2022 [DEBUG] 70 89 55 71 14 a4 d5 01 00 00 00 00
Mon Mar 21 14:16:47 2022 [DEBUG] ------ Nested datum(s) ------
Mon Mar 21 14:16:47 2022 [DEBUG] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Mar 21 14:16:47 2022 [DEBUG] Total datum size: 0x002c (44) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Datum entry type: 0
Mon Mar 21 14:16:47 2022 [DEBUG] `--> ENTRY TYPE UNKNOWN 1
Mon Mar 21 14:16:47 2022 [DEBUG] Datum value type: 1
Mon Mar 21 14:16:47 2022 [DEBUG] `--> KEY -- Total size header: 12 -- Nested datum: no
Mon Mar 21 14:16:47 2022 [DEBUG] Status: 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] New memory allocation at 0x55cc5ef7dbc0 (0xc bytes allocated)
Mon Mar 21 14:16:47 2022 [DEBUG] Unkown:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 00 00
Mon Mar 21 14:16:47 2022 [DEBUG] Algo: AES-CCM-256 (0x2000)
Mon Mar 21 14:16:47 2022 [DEBUG] Key:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 f9 6a 7f a1 64 e0 1a a9-f0 49 33 ef 4b e8 4f 5a
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000010 42 b3 6c 32 df e6 8f b0-d0 8c 57 bc b0 7c 06 5d
Mon Mar 21 14:16:47 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7dbc0
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x2c, 0, 0x1, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Mar 21 14:16:47 2022 [DEBUG] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Mar 21 14:16:47 2022 [DEBUG] Total datum size: 0x0050 (80) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Datum entry type: 0
Mon Mar 21 14:16:47 2022 [DEBUG] `--> ENTRY TYPE UNKNOWN 1
Mon Mar 21 14:16:47 2022 [DEBUG] Datum value type: 5
Mon Mar 21 14:16:47 2022 [DEBUG] `--> AES-CCM -- Total size header: 36 -- Nested datum: no
Mon Mar 21 14:16:47 2022 [DEBUG] Status: 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Nonce:
Mon Mar 21 14:16:47 2022 [DEBUG] 60 62 55 71 14 a4 d5 01 03 00 00 00
Mon Mar 21 14:16:47 2022 [DEBUG] MAC:
Mon Mar 21 14:16:47 2022 [DEBUG] 47 80 c8 59 a0 d8 52 3b db b3 2b a7 55 0a a8 dc
Mon Mar 21 14:16:47 2022 [DEBUG] Payload:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 08 55 4f 6a e0 1d 7b 28-a9 7a 6a cb 7d 69 72 77
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000010 3f 85 40 87 e9 67 80 60-51 7e fc 26 58 a8 88 d2
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000020 57 7d 97 37 9c 28 83 a5-49 60 84 7b
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x50, 0, 0x5, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Mar 21 14:16:47 2022 [DEBUG] ------------------------------
Mon Mar 21 14:16:47 2022 [DEBUG] =========================================
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x50, 0x3, 0x5, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG]
Mon Mar 21 14:16:47 2022 [DEBUG] =======[ Datum n°3 informations ]=======
Mon Mar 21 14:16:47 2022 [DEBUG] Total datum size: 0x0050 (80) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Datum entry type: 3
Mon Mar 21 14:16:47 2022 [DEBUG] `--> ENTRY TYPE FVEK (FveDatasetVmkGetFvek)
Mon Mar 21 14:16:47 2022 [DEBUG] Datum value type: 5
Mon Mar 21 14:16:47 2022 [DEBUG] `--> AES-CCM -- Total size header: 36 -- Nested datum: no
Mon Mar 21 14:16:47 2022 [DEBUG] Status: 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Nonce:
Mon Mar 21 14:16:47 2022 [DEBUG] 60 62 55 71 14 a4 d5 01 04 00 00 00
Mon Mar 21 14:16:47 2022 [DEBUG] MAC:
Mon Mar 21 14:16:47 2022 [DEBUG] e6 a7 84 eb aa 32 05 37 d7 8a dd f8 40 58 ce 9d
Mon Mar 21 14:16:47 2022 [DEBUG] Payload:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 de 8d 29 f3 c3 0f 8a 56-17 e4 45 5a 2c 4e 8d 33
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000010 24 c0 69 d2 56 65 f0 94-07 dd c0 6b 2e cf 96 5f
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000020 6f d3 d1 4c 73 06 79 2d-3f 9b f8 51
Mon Mar 21 14:16:47 2022 [DEBUG] =========================================
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x30, 0x11, 0x7, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG]
Mon Mar 21 14:16:47 2022 [DEBUG] =======[ Datum n°4 informations ]=======
Mon Mar 21 14:16:47 2022 [DEBUG] Total datum size: 0x0030 (48) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Datum entry type: 17
Mon Mar 21 14:16:47 2022 [DEBUG] Datum value type: 7
Mon Mar 21 14:16:47 2022 [DEBUG] `--> VALIDATION -- Total size header: 8 -- Nested datum: no
Mon Mar 21 14:16:47 2022 [DEBUG] Status: 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Generic datum:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 03 00 00 00 00 00 00 00-6b 09 3d a0 b2 0e bc 0d
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000010 33 1a 30 c6 14 80 8c af-2c db 70 4b 7c a9 83 6e
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000020 ac 3b ba 4f 3f 63 d7 76
Mon Mar 21 14:16:47 2022 [DEBUG] =========================================
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x64, 0xf, 0xf, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG]
Mon Mar 21 14:16:47 2022 [DEBUG] =======[ Datum n°5 informations ]=======
Mon Mar 21 14:16:47 2022 [DEBUG] Total datum size: 0x0064 (100) bytes
Mon Mar 21 14:16:47 2022 [DEBUG] Datum entry type: 15
Mon Mar 21 14:16:47 2022 [DEBUG] Datum value type: 15
Mon Mar 21 14:16:47 2022 [DEBUG] `--> VIRTUALIZATION INFO -- Total size header: 24 -- Nested datum: no
Mon Mar 21 14:16:47 2022 [DEBUG] Status: 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] NTFS boot sectors address: 0x5c10000
Mon Mar 21 14:16:47 2022 [DEBUG] Number of backuped bytes: 0x2000 (8192)
Mon Mar 21 14:16:47 2022 [DEBUG] Unknown:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 05 00
Mon Mar 21 14:16:47 2022 [DEBUG] Size: 0x004c (76)
Mon Mar 21 14:16:47 2022 [DEBUG] Unknown:
Mon Mar 21 14:16:47 2022 [DEBUG] 0x00000000 00 00 00 00
Mon Mar 21 14:16:47 2022 [DEBUG] Flags: 0x11417 (70679)
Mon Mar 21 14:16:47 2022 [DEBUG] Convert Log offset: 0x0000000000000000
Mon Mar 21 14:16:47 2022 [DEBUG] Convert Log size: 0x00000000 (0)
Mon Mar 21 14:16:47 2022 [DEBUG] Sector size (1): 0x200 (512)
Mon Mar 21 14:16:47 2022 [DEBUG] Sector size (2): 0x1000 (4096)
Mon Mar 21 14:16:47 2022 [DEBUG] =========================================
Mon Mar 21 14:16:47 2022 [DEBUG] Metadata files size: 0x10000
Mon Mar 21 14:16:47 2022 [DEBUG] Entering get_next_datum...
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x50, 0xb, 0x5, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0xa0, 0x2, 0x8, 0x3
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x50, 0x3, 0x5, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x30, 0x11, 0x7, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Header safe: 0x64, 0xf, 0xf, 0x1
Mon Mar 21 14:16:47 2022 [DEBUG] Going out of get_next_datum
Mon Mar 21 14:16:47 2022 [DEBUG] Virtualized info size: 0x2000
Mon Mar 21 14:16:47 2022 [DEBUG] Got extended info
Enter the user password:
Mon Mar 21 14:16:54 2022 [DEBUG] New memory allocation at 0x55cc5ef7dc10 (0x78 byte allocated)
Mon Mar 21 14:16:54 2022 [DEBUG] Using the user password: 'gjgj'.
Mon Mar 21 14:16:54 2022 [DEBUG] Entering get_next_datum...
Mon Mar 21 14:16:54 2022 [DEBUG] Header safe: 0x50, 0xb, 0x5, 0x1
Mon Mar 21 14:16:54 2022 [DEBUG] Header safe: 0xa0, 0x2, 0x8, 0x3
Mon Mar 21 14:16:54 2022 [DEBUG] Going out of get_next_datum
Mon Mar 21 14:16:54 2022 [DEBUG] Entering get_next_datum...
Mon Mar 21 14:16:54 2022 [DEBUG] Header safe: 0x50, 0x3, 0x5, 0x1
Mon Mar 21 14:16:54 2022 [DEBUG] Header safe: 0x30, 0x11, 0x7, 0x1
Mon Mar 21 14:16:54 2022 [DEBUG] Header safe: 0x64, 0xf, 0xf, 0x1
Mon Mar 21 14:16:54 2022 [DEBUG] Hit limit, search failed.
Mon Mar 21 14:16:54 2022 [DEBUG] Going out of get_next_datum
Mon Mar 21 14:16:54 2022 [ERROR] Error, can't find a valid and matching VMK datum. Abort.
Mon Mar 21 14:16:54 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7dc10
Mon Mar 21 14:16:54 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 14:16:54 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
Mon Mar 21 14:16:54 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7d750
Mon Mar 21 14:16:54 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7d960
Mon Mar 21 14:16:54 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7d690
Mon Mar 21 14:16:54 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7d6b0
Mon Mar 21 14:16:54 2022 [DEBUG] Freeing pointer at address 0x55cc5ef7b5c0
Mon Mar 21 14:16:54 2022 [DEBUG] Trying to close fd #3...
[demo@manjaro-live ~]$ sudo dislocker -V /dev/nvme0n1p4 -p7E8E5A4F-7978-4A94-84D5-7593004870DD -- /media/mount
Mon Mar 21 14:20:17 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 14:20:17 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[demo@manjaro-live ~]$ sudo dislocker -V /dev/nvme0n1p4 -p135795-666138-194040-491678-032802-572319-258192-100232 -- /media/mount
Mon Mar 21 14:24:35 2022 [CRITICAL] None of the provided decryption mean is decrypting the keys. Abort.
Mon Mar 21 14:24:35 2022 [CRITICAL] Unable to grab VMK or FVEK. Abort.
[demo@manjaro-live ~]$ inxi -Fazyr
System:
Kernel: 5.15.29-1-MANJARO x86_64 bits: 64 compiler: gcc v: 11.2.0
parameters: BOOT_IMAGE=/boot/vmlinuz-5.15-x86_64
root=UUID=56db831e-75d3-4b34-8c94-23ffcc0c9a4a rw udev.log_priority=3
Desktop: KDE Plasma 5.24.3 tk: Qt 5.15.3 info: plank wm: kwin_x11 vt: 1
dm: LightDM 1.30.0, SDDM Distro: Manjaro Linux base: Arch Linux
Machine:
Type: Convertible System: HP product: HP Spectre x360 Convertible 15-df1xxx
v: N/A serial: <superuser required> Chassis: type: 31
serial: <superuser required>
Mobo: HP model: 863F v: 54.24 serial: <superuser required> UEFI: AMI
v: F.26 date: 07/09/2021
Battery:
ID-1: BAT0 charge: 52.9 Wh (78.7%) condition: 67.2/67.2 Wh (100.0%)
volts: 12.2 min: 11.6 model: HP Primary type: Li-ion serial: <filter>
status: N/A cycles: 171
Device-1: hid-0018:04F3:2992.0001-battery model: ELAN2514:00 04F3:2992
serial: N/A charge: N/A status: N/A
CPU:
Info: model: Intel Core i7-10510U bits: 64 type: MT MCP
arch: Comet/Whiskey Lake note: check family: 6 model-id: 0x8E (142)
stepping: 0xC (12) microcode: 0xEC
Topology: cpus: 1x cores: 4 tpc: 2 threads: 8 smt: enabled cache:
L1: 256 KiB desc: d-4x32 KiB; i-4x32 KiB L2: 1024 KiB desc: 4x256 KiB
L3: 8 MiB desc: 1x8 MiB
Speed (MHz): avg: 800 min/max: 400/4900 scaling: driver: intel_pstate
governor: powersave cores: 1: 800 2: 800 3: 800 4: 800 5: 800 6: 800 7: 800
8: 800 bogomips: 36812
Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx
Vulnerabilities:
Type: itlb_multihit status: KVM: VMX disabled
Type: l1tf status: Not affected
Type: mds status: Not affected
Type: meltdown status: Not affected
Type: spec_store_bypass
mitigation: Speculative Store Bypass disabled via prctl and seccomp
Type: spectre_v1
mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 status: Vulnerable: eIBRS with unprivileged eBPF
Type: srbds mitigation: TSX disabled
Type: tsx_async_abort status: Not affected
Graphics:
Device-1: Intel CometLake-U GT2 [UHD Graphics] vendor: Hewlett-Packard
driver: i915 v: kernel ports: active: eDP-1 empty: DP-1,DP-2 bus-ID: 00:02.0
chip-ID: 8086:9b41 class-ID: 0300
Device-2: NVIDIA GP108M [GeForce MX250] vendor: Hewlett-Packard
driver: nvidia v: 510.54 alternate: nouveau,nvidia_drm pcie: gen: 1
speed: 2.5 GT/s lanes: 4 link-max: gen: 3 speed: 8 GT/s bus-ID: 3b:00.0
chip-ID: 10de:1d13 class-ID: 0302
Device-3: Chicony HP Wide Vision FHD Camera type: USB driver: uvcvideo
bus-ID: 1-5:2 chip-ID: 04f2:b67b class-ID: 0e02 serial: <filter>
Display: x11 server: X.Org v: 1.21.1.3 compositor: kwin_x11 driver: X:
loaded: modesetting,nvidia unloaded: nouveau,vesa alternate: fbdev,nv
gpu: i915 display-ID: :0 screens: 1
Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 507x285mm (20.0x11.2")
s-diag: 582mm (22.9")
Monitor-1: eDP-1 model: AU Optronics built: 2017 res: 1920x1080 hz: 60
dpi: 142 gamma: 1.2 size: 344x193mm (13.5x7.6") diag: 394mm (15.5")
ratio: 16:9 modes: 3840x2160
OpenGL: renderer: Mesa Intel UHD Graphics (CML GT2) v: 4.6 Mesa 21.3.7
direct render: Yes
Audio:
Device-1: Intel Comet Lake PCH-LP cAVS vendor: Hewlett-Packard
driver: sof-audio-pci-intel-cnl
alternate: snd_hda_intel,snd_soc_skl,snd_sof_pci_intel_cnl bus-ID: 00:1f.3
chip-ID: 8086:02c8 class-ID: 0401
Sound Server-1: ALSA v: k5.15.29-1-MANJARO running: yes
Sound Server-2: JACK v: 1.9.20 running: no
Sound Server-3: PulseAudio v: 15.0 running: no
Sound Server-4: PipeWire v: 0.3.48 running: yes
Network:
Device-1: Intel Comet Lake PCH-LP CNVi WiFi driver: iwlwifi v: kernel
modules: wl bus-ID: 00:14.3 chip-ID: 8086:02f0 class-ID: 0280
IF: wlp0s20f3 state: up mac: <filter>
Drives:
Local Storage: total: 960.81 GiB used: 110.95 GiB (11.5%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Samsung
model: SSD 970 EVO Plus 1TB size: 931.51 GiB block-size: physical: 512 B
logical: 512 B speed: 31.6 Gb/s lanes: 4 type: SSD serial: <filter>
rev: 2B2QEXM7 temp: 39.9 C scheme: GPT
ID-2: /dev/sda maj-min: 8:0 type: USB vendor: SMI (STMicroelectronics)
model: USB size: 29.3 GiB block-size: physical: 512 B logical: 512 B
type: N/A serial: <filter> rev: 1100 scheme: GPT
SMART Message: Unknown USB bridge. Flash drive/Unsupported enclosure?
Partition:
ID-1: / raw-size: 29 GiB size: 28.38 GiB (97.85%) used: 18.45 GiB (65.0%)
fs: ext4 dev: /dev/sda2 maj-min: 8:2
ID-2: /boot/efi raw-size: 300 MiB size: 299.4 MiB (99.80%)
used: 288 KiB (0.1%) fs: vfat dev: /dev/sda1 maj-min: 8:1
Swap:
Alert: No swap data was found.
Sensors:
System Temperatures: cpu: 46.0 C pch: 43.0 C mobo: N/A
Fan Speeds (RPM): N/A
Repos:
Packages: pacman: 1512 lib: 353 flatpak: 0
Active pacman repo servers in: /etc/pacman.conf
1: http://repo.spinsbykilz.com/2/files/repository/stable/x86_64/
Active pacman repo servers in: /etc/pacman.d/mirrorlist
1: https://mirror.math.princeton.edu/pub/manjaro/unstable/$repo/$arch
2: https://repo.ialab.dsu.edu/manjaro/unstable/$repo/$arch
3: https://mirrors.ocf.berkeley.edu/manjaro/unstable/$repo/$arch
Info:
Processes: 298 Uptime: 8h 6m wakeups: 2824 Memory: 15.27 GiB
used: 4.55 GiB (29.8%) Init: systemd v: 250 tool: systemctl Compilers:
gcc: 11.2.0 clang: 13.0.1 Shell: Bash v: 5.1.16 running-in: konsole
inxi: 3.3.13