How to decrypt an image * .vhd from Oracle VM VirtualBox?

[Kenny00]

Hello!
The task is to recover information from the disk.
Virtual Machine has been removed.
The disc was left, and moved to enother drive.
VHD disk image, encryption method AES-XTS256-PLAIN64.
I know password.
Tried the following:

Code: Select all

openssl enc -aes-256-cbc -d -in encrypted.VHD -out decrypted.VHD

Error: bad magic number

i was trying read manual- 9.31.4. Decrypting encrypted images
but error:

Code: Select all

VBoxManage encryptmedium  "encrypted.VHD" --cipher AES-XTS256-PLAIN64 --oldpassword "PASSWD.TXT"
0%...
Progress state: VBOX_E_INVALID_OBJECT_STATE
VBoxManage.exe: error: Failed to encrypt hard disk
VBoxManage.exe: error: The image is not configured for encryption
VBoxManage.exe: error: Details: code VBOX_E_INVALID_OBJECT_STATE (0x80bb0007), component MediumWrap, interface IMedium
VBoxManage.exe: error: Context: "enum RTEXITCODE __cdecl handleEncryptMedium(struct HandlerArg *)" at line 1890 of file VBoxManageDisk.cpp

[mpack]

There is no way to retrieve information from an encrypted disk unless you have the control data. That is what it means to encrypt a disk.

Your password is not the key which decrypts the disk. Your password merely decodes the real key (DEK) that was stored in the .vbox file. Without the .vbox file you have no chance.

[Kenny00]

There is no way to retrieve information from an encrypted disk unless you have the control data. That is what it means to encrypt a disk.

Your password is not the key which decrypts the disk. Your password merely decodes the real key (DEK) that was stored in the .vbox file. Without the .vbox file you have no chance.

Thanks a lot.