https://hackingpassion.com/tags/winre/Recent content in Winre on HackingPassion.com : root@HackingPassion.com-[~]HugoenFri, 12 Jun 2026 10:51:38 +0200https://hackingpassion.com/greatxml-bitlocker-bypass/Fri, 12 Jun 2026 10:51:38 +0200https://hackingpassion.com/greatxml-bitlocker-bypass/<p>Nightmare-Eclipse is back again, this time with a BitLocker bypass called <strong>GreatXML</strong> that runs straight through Microsoft&rsquo;s own antivirus. On a Windows machine that has run a Defender offline scan even once, the recovery mode hands over a command shell with full access to the encrypted drive, while BitLocker still reports the disk as locked and protected. Microsoft has no patch for it. He published <code>GreatXML</code> the day after <code>RoguePlanet</code>, right after the June Patch Tuesday where Microsoft had just fixed his first BitLocker bypass, the largest Patch Tuesday yet at close to 200 fixes in a single day.</p>https://hackingpassion.com/yellowkey-bitlocker-bypass-winre/Fri, 15 May 2026 11:09:13 +0200https://hackingpassion.com/yellowkey-bitlocker-bypass-winre/<p>A folder copied to a USB stick is enough to bypass <strong>BitLocker</strong> encryption on Windows 11 and Windows Server 2022 and 2025, giving an attacker with a few minutes of physical access a command prompt with unrestricted access to everything on the encrypted drive.</p> <p>The tool is called <strong>YellowKey</strong>. It was published on May 12, 2026, as a working proof of concept on GitHub. Windows 10 is not affected. There is no patch. Microsoft has not assigned a CVE number. And the researcher who found it believes it looks like something that was put there deliberately.</p>