<# Script by s0dd3r. Like this script? show some love <3 donate USDT trc20: TEYv184ysdtXsqoiGEzDjM2Sfzvkrzugke contacts: we@dontbit.com #> function Exit-WithPause { param([string]$Message = "Press any key to exit...") Write-Host "" Write-Host $Message -ForegroundColor Yellow try { $null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") } catch { Read-Host "Press Enter to exit" } exit } function Wait-ForKey { param([string]$Message = "Press any key to continue...") Write-Host "" Write-Host $Message -ForegroundColor Gray try { $null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") } catch { Read-Host "Press Enter to continue" } } function Test-AdminRights { try { return ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") } catch { return $false } } function Get-RecoveryPassword { Write-Host "Getting Recovery Password..." -ForegroundColor Cyan try { $protectorsOutput = & manage-bde -protectors -get C: 2>&1 if ($LASTEXITCODE -ne 0) { Write-Host "Error getting protectors: $protectorsOutput" -ForegroundColor Red return $null } $recoveryPasswordLine = $null $nextLineIsPassword = $false foreach ($line in $protectorsOutput) { $lineStr = $line.ToString().Trim() if ($lineStr -match "Numerical Password:") { $nextLineIsPassword = $true continue } if ($nextLineIsPassword -and $lineStr -match "^\d{6}-\d{6}-\d{6}-\d{6}-\d{6}-\d{6}-\d{6}-\d{6}$") { $recoveryPasswordLine = $lineStr break } if ($lineStr -match "Recovery Password:\s*(\d{6}-\d{6}-\d{6}-\d{6}-\d{6}-\d{6}-\d{6}-\d{6})") { $recoveryPasswordLine = $matches[1] break } } if ($recoveryPasswordLine) { Write-Host "✅ Recovery Password found: $recoveryPasswordLine" -ForegroundColor Green return $recoveryPasswordLine } else { Write-Host "⚠️ Recovery Password not found in command output" -ForegroundColor Yellow Write-Host "Full command output:" -ForegroundColor Gray $protectorsOutput | ForEach-Object { Write-Host " $_" -ForegroundColor Gray } return $null } } catch { Write-Host "Error getting Recovery Password: $($_.Exception.Message)" -ForegroundColor Red return $null } } function Create-PasswordFile { param( [string]$Pin, [string]$RecoveryPassword ) $desktopPath = [Environment]::GetFolderPath("Desktop") $passwordFile = Join-Path $desktopPath "BitLocker_Complete_Passwords.txt" $date = Get-Date -Format "yyyy-MM-dd HH:mm:ss" $fileContent = @" =============================================== BITLOCKER - COMPLETE PASSWORD INFORMATION =============================================== Creation date: $date Computer: $env:COMPUTERNAME User: $env:USERNAME 🔑 PIN CODE for boot login: $Pin 🛡️ RECOVERY PASSWORD (48 characters): $RecoveryPassword =============================================== USAGE INSTRUCTIONS: =============================================== 1. PIN-code ($Pin): • Used at every computer boot • Entered on the blue BitLocker screen • Consists of 8 digits 2. RECOVERY PASSWORD ($RecoveryPassword): • Used for access recovery • Needed if you forgot PIN or have TPM problems • Consists of 48 digits in format ######-######-... • Can be entered with or without hyphens =============================================== EMERGENCY RECOVERY: =============================================== If you forgot PIN or cannot login: 1. On BitLocker screen press Esc 2. Select "Enter recovery key" 3. Enter Recovery Password: $RecoveryPassword 4. System will boot Alternatively: • Boot from Windows installation USB • In command line: manage-bde -unlock C: -rp $RecoveryPassword =============================================== IMPORTANT NOTES: =============================================== ⚠️ KEEP THIS FILE IN A SAFE PLACE! ⚠️ DO NOT DELETE THIS FILE! ⚠️ MAKE A COPY ON ANOTHER DEVICE! Without these passwords you will not be able to access encrypted data! =============================================== TECHNICAL INFORMATION: =============================================== Encryption mode: TPM + PIN Algorithm: AES-256 File created by script: BitLocker Manager Version: 3.1 =============================================== "@ try { $fileContent | Out-File -FilePath $passwordFile -Encoding UTF8 -Force Write-Host "✅ Complete password file created: $passwordFile" -ForegroundColor Green return $passwordFile } catch { Write-Host "❌ File creation error: $($_.Exception.Message)" -ForegroundColor Red return $null } } function Setup-BitLockerComplete { Write-Host "" Write-Host "██████╗ ██╗████████╗██╗ ██████╗ ██████╗██╗ ██╗███████╗██████╗ " -ForegroundColor Green Write-Host "██╔══██╗██║╚══██╔══╝██║ ██╔═══██╗██╔════╝██║ ██╔╝██╔════╝██╔══██╗" -ForegroundColor Green Write-Host "██████╔╝██║ ██║ ██║ ██║ ██║██║ █████╔╝ █████╗ ██████╔╝" -ForegroundColor Green Write-Host "██╔══██╗██║ ██║ ██║ ██║ ██║██║ ██╔═██╗ ██╔══╝ ██╔══██╗" -ForegroundColor Green Write-Host "██████╔╝██║ ██║ ███████╗╚██████╔╝╚██████╗██║ ██╗███████╗██║ ██║" -ForegroundColor Green Write-Host "╚═════╝ ╚═╝ ╚═╝ ╚══════╝ ╚═════╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝" -ForegroundColor Green Write-Host "" Write-Host " by s0dd3r." -ForegroundColor White Write-Host " Script worked? Saved you time? The universe is hinting:" -ForegroundColor Gray Write-Host " Time to thank the author! 💸" -ForegroundColor Gray Write-Host " USDT trc20 crypto wallet for donations: TEYv184ysdtXsqoiGEzDjM2Sfzvkrzugke " -ForegroundColor Gray Write-Host "" do { $pin = "" for ($i = 0; $i -lt 8; $i++) { $pin += Get-Random -Minimum 0 -Maximum 10 } $isSimple = ($pin -match "01234567|12345678|87654321|76543210|11111111|22222222|33333333|44444444|55555555|66666666|77777777|88888888|99999999|00000000") $hasRepeating = ($pin -match "(.)
{3,}") } while ($isSimple -or $hasRepeating) Write-Host "===============================================" -ForegroundColor Cyan Write-Host " GENERATED PIN" -ForegroundColor Cyan Write-Host "===============================================" -ForegroundColor Cyan Write-Host "" Write-Host " >>> $pin <<<" -ForegroundColor Cyan -BackgroundColor Black Write-Host "" Write-Host "REMEMBER THIS PIN!" -ForegroundColor Red Write-Host "" try { Write-Host "STEP 1: Configuring group policies..." -ForegroundColor Cyan $regPath = "HKLM:\SOFTWARE\Policies\Microsoft\FVE" if (-not (Test-Path $regPath)) { New-Item -Path $regPath -Force | Out-Null } Set-ItemProperty -Path $regPath -Name "UseAdvancedStartup" -Value 1 -Type DWord Set-ItemProperty -Path $regPath -Name "EnableBDEWithNoTPM" -Value 0 -Type DWord Set-ItemProperty -Path $regPath -Name "UseTPM" -Value 2 -Type DWord Set-ItemProperty -Path $regPath -Name "UseTPMPIN" -Value 2 -Type DWord Set-ItemProperty -Path $regPath -Name "UseTPMKey" -Value 0 -Type DWord Set-ItemProperty -Path $regPath -Name "UseTPMKeyPIN" -Value 0 -Type DWord & gpupdate /force | Out-Null Start-Sleep -Seconds 3 Write-Host "✅ Group policies configured" -ForegroundColor Green Write-Host "" Write-Host "STEP 2: Adding Recovery Password..." -ForegroundColor Cyan Write-Host "Command: manage-bde -protectors -add C: -rp" -ForegroundColor Gray Wait-ForKey "Press any key to execute command..." $recoveryResult = & manage-bde -protectors -add C: -rp 2>&1 if ($LASTEXITCODE -eq 0) { Write-Host "✅ Recovery Password added successfully" -ForegroundColor Green $recoveryPassword = Get-RecoveryPassword if (-not $recoveryPassword) { Write-Host "⚠️ Trying to get Recovery Password by alternative method..." -ForegroundColor Yellow try { $bitlockerVolume = Get-BitLockerVolume -MountPoint "C:" -ErrorAction SilentlyContinue if ($bitlockerVolume -and $bitlockerVolume.KeyProtector) { $recoveryProtector = $bitlockerVolume.KeyProtector | Where-Object { $_.KeyProtectorType -eq "RecoveryPassword" } | Select-Object -First 1 if ($recoveryProtector) { $recoveryPassword = $recoveryProtector.RecoveryPassword Write-Host "✅ Recovery Password obtained via PowerShell: $recoveryPassword" -ForegroundColor Green } } } catch { Write-Host "PowerShell method also failed: $($_.Exception.Message)" -ForegroundColor Yellow } } if (-not $recoveryPassword) { Write-Host "❌ Failed to automatically get Recovery Password" -ForegroundColor Red Write-Host "Execute command manually to get Recovery Password:" -ForegroundColor Yellow Write-Host "manage-bde -protectors -get C:" -ForegroundColor White $recoveryPassword = "NOT OBTAINED AUTOMATICALLY - EXECUTE: manage-bde -protectors -get C:" } } else { Write-Host "❌ Error adding Recovery Password: $recoveryResult" -ForegroundColor Red Wait-ForKey return } Write-Host "" Write-Host "STEP 3: Adding TPM+PIN protector..." -ForegroundColor Cyan Write-Host "" Write-Host "ATTENTION! Command will be executed now:" -ForegroundColor Yellow Write-Host "manage-bde -protectors -add C: -tpmandpin" -ForegroundColor White Write-Host "" Write-Host "When PIN code prompt appears:" -ForegroundColor Yellow Write-Host "1. Enter PIN: $pin" -ForegroundColor Cyan -BackgroundColor Black Write-Host "2. Repeat PIN: $pin (for confirmation)" -ForegroundColor Cyan -BackgroundColor Black Write-Host "" Write-Host "PIN: $pin" -ForegroundColor Cyan -BackgroundColor Black Write-Host "" $confirm = Read-Host "Ready to execute command? (press Enter)" Write-Host "" Write-Host "Executing command..." -ForegroundColor Gray Write-Host ">>> ENTER PIN: $pin <<<" -ForegroundColor Cyan -BackgroundColor Black Write-Host "" try { & manage-bde -protectors -add C: -tpmandpin Write-Host "" if ($LASTEXITCODE -eq 0) { Write-Host "✅ TPM+PIN protector configured successfully!" -ForegroundColor Green } else { Write-Host "⚠️ Possible error (code: $LASTEXITCODE)" -ForegroundColor Yellow Write-Host "Checking result..." -ForegroundColor Gray } } catch { Write-Host "❌ Command execution error: $($_.Exception.Message)" -ForegroundColor Red } Write-Host "" Write-Host "STEP 4: Checking installed protectors..." -ForegroundColor Cyan Write-Host "" $protectorsResult = & manage-bde -protectors -get C: 2>&1 if ($LASTEXITCODE -eq 0) { $protectorsResult | ForEach-Object { $line = $_.ToString() if ($line -match "TPM And PIN|Numerical Password|Recovery Password") { Write-Host $line -ForegroundColor Green } elseif ($line -match "Key Protector Type") { Write-Host $line -ForegroundColor Cyan } else { Write-Host $line -ForegroundColor Gray } } Write-Host "" Write-Host "Updating Recovery Password in file..." -ForegroundColor Cyan $finalRecoveryPassword = Get-RecoveryPassword if ($finalRecoveryPassword) { $recoveryPassword = $finalRecoveryPassword Write-Host "✅ Recovery Password updated: $recoveryPassword" -ForegroundColor Green } else { Write-Host "⚠️ Recovery Password not found, using previous value" -ForegroundColor Yellow } if ($protectorsResult -match "TPM And PIN") { Write-Host "" Write-Host "✅ TPM+PIN protector SUCCESSFULLY installed!" -ForegroundColor Green $tpmPinSuccess = $true } else { Write-Host "" Write-Host "⚠️ TPM+PIN protector not found, but other protectors exist" -ForegroundColor Yellow $tpmPinSuccess = $false } } Write-Host "" Write-Host "STEP 5: Creating file with complete information..." -ForegroundColor Cyan $passwordFile = Create-PasswordFile -Pin $pin -RecoveryPassword $recoveryPassword if ($passwordFile) { Write-Host "✅ File created: $passwordFile" -ForegroundColor Green try { Start-Process notepad.exe -ArgumentList $passwordFile -ErrorAction SilentlyContinue } catch { Write-Host "Failed to open notepad" -ForegroundColor Yellow } } Write-Host "" Write-Host "STEP 6: Enabling BitLocker encryption..." -ForegroundColor Cyan Write-Host "Command: manage-bde -on C:" -ForegroundColor Gray Wait-ForKey "Press any key to enable encryption..." $encryptionResult = & manage-bde -on C: 2>&1 if ($LASTEXITCODE -eq 0) { Write-Host "✅ BitLocker enabled successfully!" -ForegroundColor Green } else { Write-Host "❌ BitLocker enable error: $encryptionResult" -ForegroundColor Red } Write-Host "" Write-Host "===============================================" -ForegroundColor Green Write-Host " SETUP COMPLETED!" -ForegroundColor Green Write-Host "===============================================" -ForegroundColor Green Write-Host "" Write-Host "🔑 YOUR PIN CODE: $pin" -ForegroundColor Cyan -BackgroundColor Black Write-Host "🛡️ RECOVERY PASSWORD: $recoveryPassword" -ForegroundColor Yellow Write-Host "" Write-Host "📄 File with complete information: $passwordFile" -ForegroundColor Green Write-Host "" if ($tpmPinSuccess) { Write-Host "✅ TPM+PIN configured - PIN will be requested at boot" -ForegroundColor Green } else { Write-Host "⚠️ Check TPM+PIN setup after reboot" -ForegroundColor Yellow } Write-Host "" $reboot = Read-Host "Reboot computer for testing? (y/n)" if ($reboot -eq "y" -or $reboot -eq "Y") { Write-Host "" Write-Host "===============================================" -ForegroundColor Red Write-Host " REBOOTING" -ForegroundColor Red Write-Host "===============================================" -ForegroundColor Red Write-Host "" Write-Host "Enter PIN at boot:" -ForegroundColor Yellow Write-Host "" Write-Host ">>> $pin <<<" -ForegroundColor Cyan -BackgroundColor Black Write-Host "" Write-Host "If PIN is not requested, use Recovery Password:" -ForegroundColor Yellow Write-Host "$recoveryPassword" -ForegroundColor Yellow -BackgroundColor Black Write-Host "" Write-Host "Rebooting in 20 seconds..." -ForegroundColor Red for ($i = 20; $i -gt 0; $i--) { if ($i % 4 -eq 0) { Write-Host "`n🔑 PIN: $pin" -ForegroundColor Cyan -BackgroundColor Black } Write-Host "Remaining: $i sec" -ForegroundColor Yellow Start-Sleep -Seconds 1 } Restart-Computer -Force } } catch { Write-Host "❌ Critical error: $($_.Exception.Message)" -ForegroundColor Red } Wait-ForKey } function Show-BitLockerStatus { try { Write-Host "" Write-Host "===============================================" -ForegroundColor Cyan Write-Host " DISK C: ENCRYPTION STATUS" -ForegroundColor Cyan Write-Host "===============================================" -ForegroundColor Cyan Write-Host "" & manage-bde -status C: Write-Host "" Write-Host "--------------- PROTECTORS --------------------" -ForegroundColor Yellow & manage-bde -protectors -get C: } catch { Write-Host "Error getting status: $($_.Exception.Message)" -ForegroundColor Red } Wait-ForKey } function Remove-AllProtectors { Write-Host "" Write-Host "===============================================" -ForegroundColor Red Write-Host " REMOVING ALL PROTECTORS" -ForegroundColor Red Write-Host "===============================================" -ForegroundColor Red Write-Host "" try { Write-Host "Checking current protectors on drive C:" -ForegroundColor Yellow $protectorsResult = & manage-bde -protectors -get C: 2>&1 $protectorsExitCode = $LASTEXITCODE if ($protectorsExitCode -ne 0) { Write-Host "No protectors found on drive C: or disk is not encrypted" -ForegroundColor Green Wait-ForKey "Press any key to return to menu..." return } $protectorsResult | Write-Host Write-Host "" Write-Host "WARNING!" -ForegroundColor Red -BackgroundColor Yellow Write-Host "Removing all protectors may lead to:" -ForegroundColor Red Write-Host "• System boot failure" -ForegroundColor Red Write-Host "• Loss of access to encrypted data" -ForegroundColor Red Write-Host "• Need for complete disk decryption" -ForegroundColor Red Write-Host "" Write-Host "Are you sure you want to remove ALL protectors? (yes/no): " -NoNewline -ForegroundColor Yellow $confirmation = Read-Host if ($confirmation -ne "yes") { Write-Host "Operation cancelled" -ForegroundColor Green Wait-ForKey "Press any key to return to menu..." return } Write-Host "" Write-Host "Removing all protectors..." -ForegroundColor Red $deleteResult = & manage-bde -protectors -delete C: -type all 2>&1 $deleteExitCode = $LASTEXITCODE if ($deleteExitCode -eq 0) { Write-Host "✓ All protectors successfully removed!" -ForegroundColor Green } else { Write-Host "Batch removal failed/not supported. Attempting to remove by ID..." -ForegroundColor Yellow $ids = @() $lines = $protectorsResult -split "`r?`n" foreach ($line in $lines) { if ($line -match '^\s*ID:\s*\{([0-9A-Fa-f\-]+)\}') { $ids += $Matches[1] } } if ($ids.Count -eq 0) { Write-Host "No protector IDs found for removal." -ForegroundColor Red } else { foreach ($id in $ids) { Write-Host "Removing protector ID {$id}..." -ForegroundColor Yellow & manage-bde -protectors -delete C: -id "{$id}" 2>&1 | Out-Null } Write-Host "✓ Removal by ID completed." -ForegroundColor Green } } Write-Host "" Write-Host "Checking result:" -ForegroundColor Cyan $finalCheckResult = & manage-bde -protectors -get C: 2>&1 $finalCheckExitCode = $LASTEXITCODE if ($finalCheckExitCode -ne 0) { Write-Host "✓ Protectors completely removed" -ForegroundColor Green } else { Write-Host "⚠ Some protectors may remain:" -ForegroundColor Yellow $finalCheckResult | Write-Host } } catch { Write-Host "Critical error removing protectors: $($_.Exception.Message)" -ForegroundColor Red } Wait-ForKey "Press any key to return to menu..." } function Show-MainMenu { Clear-Host Write-Host "" Write-Host "██████╗ ██╗████████╗██╗ ██████╗ ██████╗██╗ ██╗███████╗██████╗ " -ForegroundColor Cyan Write-Host "██╔══██╗██║╚══██╔══╝██║ ██╔═══██╗██╔════╝██║ ██╔╝██╔════╝██╔══██╗" -ForegroundColor Cyan Write-Host "██████╔╝██║ ██║ ██║ ██║ ██║██║ █████╔╝ █████╗ ██████╔╝" -ForegroundColor Cyan Write-Host "██╔══██╗██║ ██║ ██║ ██║ ██║██║ ██╔═██╗ ██╔══╝ ██╔══██╗" -ForegroundColor Cyan Write-Host "██████╔╝██║ ██║ ███████╗╚██████╔╝╚██████╗██║ ██╗███████╗██║ ██║" -ForegroundColor Cyan Write-Host "╚═════╝ ╚═╝ ╚═╝ ╚══════╝ ╚═════╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝" -ForegroundColor Cyan Write-Host "" Write-Host " by s0dd3r." -ForegroundColor White Write-Host " Script worked? Saved you time? The universe is hinting:" -ForegroundColor Gray Write-Host " Time to thank the author! 💸" -ForegroundColor Gray Write-Host " USDT trc20 crypto wallet for donations: TEYv184ysdtXsqoiGEzDjM2Sfzvkrzugke " -ForegroundColor Gray Write-Host "" Write-Host "===============================================" -ForegroundColor White Write-Host "" Write-Host "[1] - Setup BitLocker with Complete Password Saving" -ForegroundColor Green Write-Host " PIN + Recovery Password in one file" -ForegroundColor Green Write-Host "" Write-Host "[2] - Show Disk Encryption Status and Protectors" -ForegroundColor Yellow Write-Host "" Write-Host "[3] - Remove All BitLocker Protectors" -ForegroundColor Magenta Write-Host "" Write-Host "[0] - Exit" -ForegroundColor White Write-Host "" Write-Host "===============================================" -ForegroundColor White } if (-not (Test-AdminRights)) { Write-Host "❌ Administrator rights required!" -ForegroundColor Red Exit-WithPause } $continueRunning = $true while ($continueRunning) { try { Show-MainMenu Write-Host -NoNewLine "Your choice (0-3): " -ForegroundColor Yellow $choice = Read-Host switch ($choice.Trim()) { "1" { Setup-BitLockerComplete } "2" { Show-BitLockerStatus } "3" { Remove-AllProtectors } "0" { Write-Host "Exit the script..." -ForegroundColor Green $continueRunning = $false } default { Write-Host "Invalid choice! Enter 0-3." -ForegroundColor Red Start-Sleep -Seconds 2 } } } catch { Write-Host "Error: $($_.Exception.Message)" -ForegroundColor Red Wait-ForKey } } Exit-WithPause "Thank you for using the script! If it was helpful to you, don’t be shy — support the author with a small donation. USDT (TRC20) crypto wallet for donations: TEYv184ysdtXsqoiGEzDjM2Sfzvkrzugke"