Find "[deep]" string from /sys/power/mem_sleep

kkamagui / bitleaker

This tool can decrypt a BitLocker-locked partition with the TPM vulnerability

Other

181 stars 35 forks source link

Find "[deep]" string from /sys/power/mem_sleep #5

Open kkamagui opened 4 years ago

kkamagui commented 4 years ago

For checking the S3 sleep feature of the system, it's needed to find "[deep]" string from /sys/power/mem_sleep like below.

$> cat /sys/power/mem_sleep
s2idle [deep]

Thank you for @roboknight.

roboknight commented 4 years ago

Just leaving a note here that the above is just a quick check to make sure your device ACTUALLY supports the required sleep state S3. If it doesn't, then bitleaker isn't likely to work. This is also one way that vulnerable TPMs might escape bitleaker in actual systems.