What starting position does this attack require?

The first step is Exfil clear-text data (T1041) — a exfiltration primitive. Assumed environment: target laptop uses BitLocker with TPM-only protector (no PIN).

What is the final impact of this kill-chain?

The final step lands on Trigger boot, capture FVEK on the wire (FW-TPM-RELAY), which falls under Credential Access. From here, an operator typically pivots into post-exploitation or maintains persistence.

How can defenders detect or prevent this attack?

Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

← RegistryDossier · 6 steps · 5 edges

Approved

Evil maid → sniff TPM unseal → decrypt BitLocker offline

Brief physical access to a TPM-only BitLocker laptop. Plug a logic analyser onto the LPC / SPI bus; capture the FVEK as the TPM unseals it at boot. Take the disk home, decrypt offline.

Filed by AD Knowledge BasePublished 2026-05-27

§ Kill-chainDrag · zoom · scroll

Exfiltration

Exfil clear-text data

T1041 · Exfiltration Over C2 Channel

Credential Access

Decrypt offline with captured key

T1552 · Unsecured Credentials

Discovery

Image the encrypted disk

T1083 · File and Directory Discovery

Initial Access

Attach logic analyzer to TPM bus

IOT-UART-CONSOLE · UART Debug Console

Initial Access

Open laptop chassis

FW-EVIL-MAID · Evil Maid Boot Tamper

Credential Access

Trigger boot, capture FVEK on the wire

FW-TPM-RELAY · TPM Sniffing / Relay (BitLocker)

§ Context

Assumed environment: target laptop uses BitLocker with TPM-only protector (no PIN). Chassis can be opened in minutes; SPI / LPC bus accessible. Demonstrated repeatedly with ~10 USD logic analyzers.

§ Steps

01
Exfil clear-text dataExfiltration
T1041— Exfiltration Over C2 Channel
02
Decrypt offline with captured keyCredential Access
T1552— Unsecured Credentials
03
Image the encrypted diskDiscovery
T1083— File and Directory Discovery
04
Attach logic analyzer to TPM busInitial Access
IOT-UART-CONSOLE— UART Debug Console
05
Open laptop chassisInitial Access
FW-EVIL-MAID— Evil Maid Boot Tamper
06
Trigger boot, capture FVEK on the wireCredential Access
FW-TPM-RELAY— TPM Sniffing / Relay (BitLocker)

§ References

§ Frequently asked

What is the "Evil maid → sniff TPM unseal → decrypt BitLocker offline" attack path?: Brief physical access to a TPM-only BitLocker laptop. Plug a logic analyser onto the LPC / SPI bus; capture the FVEK as the TPM unseals it at boot. Take the disk home, decrypt offline. It chains 6 steps drawn from real-world offensive-security techniques.
What starting position does this attack require?: The first step is Exfil clear-text data (T1041) — a exfiltration primitive. Assumed environment: target laptop uses BitLocker with TPM-only protector (no PIN).
What is the final impact of this kill-chain?: The final step lands on Trigger boot, capture FVEK on the wire (FW-TPM-RELAY), which falls under Credential Access. From here, an operator typically pivots into post-exploitation or maintains persistence.
How can defenders detect or prevent this attack?: Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

Evil maid → sniff TPM unseal → decrypt BitLocker offline

§ Context

§ Steps

§ References

§ Frequently asked

§ Related dossiers

Exported ContentProvider → private data leak

Apache Struts S2-045 (CVE-2017-5638) → Equifax-style breach

User foothold → keychain dump → cloud creds