Nightmare_Eclipse/GreatXML: GreatXML bitlocker bypass vulnerability - GreatXML - Church of Malware Git

This website requires JavaScript.

Nightmare_Eclipse/GreatXML

Watch

Star

Fork

You've already forked GreatXML

Code

Issues

Pull Requests

Actions

Packages

Projects

Releases

Wiki

Activity

GreatXML bitlocker bypass vulnerability

4 Commits

1 Branch

0 Tags

117 KiB

main

Go to file

HTTPS

Download ZIP<br>Download TAR.GZ<br>Download BUNDLE

Open with VS Code

Open with VSCodium

Open with Intellij IDEA

Cite this repository

APA

BibTeX

Cancel

Nightmare-Eclipse

f916e46b1b

Update README.md

2026-06-11 03:04:40 +02:00

Recovery/WindowsRE

Add files via upload

2026-06-11 03:03:36 +02:00

LICENSE

Initial commit

2026-06-11 03:03:12 +02:00

README.md

Update README.md

2026-06-11 03:04:40 +02:00

screenshot1.png

Add files via upload

2026-06-11 03:03:36 +02:00

screenshot2.png

Add files via upload

2026-06-11 03:03:36 +02:00

unattend.xml

Add files via upload

2026-06-11 03:03:36 +02:00

README.md

GreatXML

GreatXML bitlocker bypass vulnerability

Steps to reproduce,

If defender offline scan was initiated in the victim machine at any point then there is no need to login, the machine is automatically vulnerable. You will have to copy "unattend.xml" and "Recovery" directory to the root of the recovery partition then reboot to WinRE using shift + click on restart button, if everything was done correctly, a shell with unrestricted access to the bitlocker volume will spawn.

If defender offline scan was never initiated then you have to either login and initiate it yourself or figure out a way to boot into WinRE in offline scan state (I believe it should be very possible to do so without logging in) and follow steps above

If everything is done properly, this should be the result