[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-75898":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":9,"languages":9,"totalLinesOfCode":9,"stars":10,"forks":11,"watchers":12,"openIssues":13,"contributorsCount":14,"subscribersCount":14,"size":14,"stars1d":14,"stars7d":14,"stars30d":15,"stars90d":14,"forks30d":14,"starsTrendScore":14,"compositeScore":16,"rankGlobal":9,"rankLanguage":9,"license":17,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":20,"hasPages":18,"topics":21,"createdAt":9,"pushedAt":9,"updatedAt":22,"readmeContent":23,"aiSummary":24,"trendingCount":14,"starSnapshotCount":14,"syncStatus":25,"lastSyncTime":26,"discoverSource":27},75898,"YellowKey","Nightmare-Eclipse\u002FYellowKey","Nightmare-Eclipse","YellowKey Bitlocker Bypass Vulnerability",null,3919,864,57,26,0,601,30.81,"MIT License",false,"main",true,[],"2026-06-12 02:03:37","# YellowKey\nYellowKey Bitlocker Bypass Vulnerability\n\nBeen a while since I saw a bitlocker bypass around, my turn.\n\nThis is one of the most insane discoveries I ever found, almost feels like **backdoor** but what do you know, maybe I'm just insane.\n\nHow to reproduce : \n1. Copy the FsTx folder to \"**YourUSBStick:**\\System Volume Information\\FsTx\" as is and make sure to use a filesystem that's compatible with Windows (NTFS is preferable but I think FAT32\u002FexFAT should work as well). Funny thing is, the vulnerability is extremely convenient, you don't even need to plug an external storage device, you can just pull out the disk, copy the files in the EFI partition, put it back and it will still work. That's how bad it is.\n2. Plug the USB stick in your target windows computer with bitlocker protection turned on.\n3. Reboot to Windows Recovery Environment Agent (you can do that by holding SHIFT and clicking on the restart button using your mouse)\n4. Once you click on the restart button, lift your finger off the SHIFT key and hold CRTL and do NOT lift your finger off it.\n5. If you did everything properly, a shell will spawn with unrestricted access to the bitlocker protected volume.\n\n\u003Cimg width=\"1370\" height=\"777\" alt=\"shell\" src=\"https:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Feda6c823-4a6b-4aec-bad2-b9afad640dd6\" \u002F>\n\n\nNow why would I say this is a **backdoor** ? The component that is responsible for this bug is not present anywhere (even in the internet) except inside WinRE image and what makes it raise suspicions is the fact that the exact same component is also present with the exact same name in a normal windows installation but without the functionalities that trigger the bitlocker bypass issue. Why ? I just can't come up with an explanation beside the fact that this was intentional. Also for whatever reason, only windows 11 (+Server 2022\u002F2025) are affect, windows 10 is not.\n\nA huge thanks to MORSE, MSTIC and Microsoft GHOST for making this public disclosure possible ;)\n","YellowKey 是一个针对Bitlocker加密绕过的漏洞利用工具。其核心功能在于通过特定步骤将FsTx文件夹复制到目标系统的指定位置，从而在无需知晓Bitlocker密钥的情况下获取对受保护卷的无限制访问权限。技术特点包括使用兼容Windows的文件系统（如NTFS、FAT32或exFAT）进行操作，并且该方法不仅限于外部存储设备，直接修改硬盘上的EFI分区同样有效。此项目适用于安全研究、渗透测试以及评估Windows 11及其服务器版本的安全性场景中。需要注意的是，尽管发现者认为这可能是有意为之的“后门”，但具体原因尚未明确。",2,"2026-05-19 02:30:05","CREATED_QUERY"]