Pages:
Author

Topic: 0.1 BTC prize - Find Electrum pass by knowing both unecrypted+encrypted wallet? (Read 1197 times)

member
Activity: 378
Merit: 53
Telegram @keychainX


If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?
If he could do it he would've already done it and ran with the "Large amount of money" that is supposedly stored on the wallet.

alas, he can't do it.

Guys calm down, im waiting rockyou.txt

Edit : seed is already avaible in unencrpyted wallet, i mean no need to money transfer etc, its just password challange.

Edit2 : i tried opencl with 7 gpu bruteforce ; 1024 iteration sha512 decrypt not efficient even if opencl. Also password not in the rockyou.txt list.

I've made a random password similar to something like this: KdR.72.G@$.1eeFug.1@#s!
Just something random that you will never find in any password lists or anything, so don't even try to find it, you'll just lose your time, the whole point was to find someone capable of retrieving the password from the encrypted and decrypted file, not to bruteforce it cause it was pointless.

Again as outlined earlier by other bt members "known plaintext attacks" are not possible Sad

I have looked at the amount again and it's laughing at me back with an evil smile, and I can never access it. I guess it's the power of encryption and the universe.

I am thinking of bruteforcing it more and more, probably the length of the password is not that high, who knows, but I don't have the tools or computers required for the job, might be a dead end eventually.


LATER EDIT: THE PASSWORD TO THE PUZZLE WAS: AFS.ss4.19doEE1!wt1

One can easily verify, but since no one posted it or messaged it to me, I find this lead a dead end. I will go the bruteforce way

You cannot, If the password is anything close to 10+ characters you will not make it in lifetine with todays speed of computers.

/KX
newbie
Activity: 11
Merit: 18


If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?
If he could do it he would've already done it and ran with the "Large amount of money" that is supposedly stored on the wallet.

alas, he can't do it.

Guys calm down, im waiting rockyou.txt

Edit : seed is already avaible in unencrpyted wallet, i mean no need to money transfer etc, its just password challange.

Edit2 : i tried opencl with 7 gpu bruteforce ; 1024 iteration sha512 decrypt not efficient even if opencl. Also password not in the rockyou.txt list.

I've made a random password similar to something like this: KdR.72.G@$.1eeFug.1@#s!
Just something random that you will never find in any password lists or anything, so don't even try to find it, you'll just lose your time, the whole point was to find someone capable of retrieving the password from the encrypted and decrypted file, not to bruteforce it cause it was pointless.

Again as outlined earlier by other bt members "known plaintext attacks" are not possible Sad

I have looked at the amount again and it's laughing at me back with an evil smile, and I can never access it. I guess it's the power of encryption and the universe.

I am thinking of bruteforcing it more and more, probably the length of the password is not that high, who knows, but I don't have the tools or computers required for the job, might be a dead end eventually.


LATER EDIT: THE PASSWORD TO THE PUZZLE WAS: AFS.ss4.19doEE1!wt1

One can easily verify, but since no one posted it or messaged it to me, I find this lead a dead end. I will go the bruteforce way
legendary
Activity: 1946
Merit: 1427


If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?
If he could do it he would've already done it and ran with the "Large amount of money" that is supposedly stored on the wallet.

alas, he can't do it.
jr. member
Activity: 87
Merit: 5


If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?
HCP
legendary
Activity: 2086
Merit: 4363
Thanks to OP for this thread actually because this thing has made one thing clear to me (I was too confused about), that when you've got your seed phrase with you but you forget your password, it means that you've lost your chance on seeing your BTC again until you remember it or just get the privkeys if ever stored anywhere out of the wallet.
What? Huh Are you referring to the BIP39 passphrase? or the wallet password? Huh

If you're talking about the BIP39 passphrase, then yes... the seed mnemonic alone is not enough... you need mnemonic+passphrase to be able to recover your wallet. If you're talking about the wallet password, that is completely irrevelant, as you can simply restore your wallet from the seed mnemonic and put whatever new wallet password that you want.

legendary
Activity: 3052
Merit: 1273
To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

How can someone even bruteforce it when you've already claimed it to be a very heavy password with at least 19 chars having everything from alphabets to numbers to symbols and even non alphabetical characters!

Why don't you try Dave's service as directed by LoyceV? We're literally not capable of getting your password to you because if it'd be so easy to get one, it'd be called a defect as well as defeat to the properties of cryptography and show that even this genre can't be trusted in terms of keeping our data/digital money safe. We don't have quantum computing technologies with us, else that prize would have been distributed till now.

Thanks to OP for this thread actually because this thing has made one thing clear to me (I was too confused about), that when you've got your seed phrase with you but you forget your password, it means that you've lost your chance on seeing your BTC again until you remember it or just get the privkeys if ever stored anywhere out of the wallet.
member
Activity: 378
Merit: 53
Telegram @keychainX
To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

Well, theoretically its possible if you could store the decryption process in an ARM processor. There are ways to decrypt the AES key with tools such as the chipwhisperer, using methods like power consumption detection.
What you describing might allow someone to determine the private key being used to decrypt something when an attacker has physical access to the computer.

It is not possible to look at a decrypted and encrypted version of a file and determine the decryption key.

Thats why I wrote IF you can store the decryption process in a ARM processor, which is whats "having physical access" would simulate.

/KX
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

Well, theoretically its possible if you could store the decryption process in an ARM processor. There are ways to decrypt the AES key with tools such as the chipwhisperer, using methods like power consumption detection.
What you describing might allow someone to determine the private key being used to decrypt something when an attacker has physical access to the computer.

It is not possible to look at a decrypted and encrypted version of a file and determine the decryption key.
member
Activity: 378
Merit: 53
Telegram @keychainX
To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

Well, theoretically its possible if you could store the decryption process in an ARM processor. There are ways to decrypt the AES key with tools such as the chipwhisperer, using methods like power consumption detection.

I was just attending the Blackhat Las Vegas forum last week where we did this hands on with python scripts. You can do this both for AES-128 and AES-256. The tool I'm talking about is this: https://newae.com/tools/chipwhisperer/

I'm not going to argue wheather its possible with your specific case, but wanted to throw in my 5 cents on technologies out there which are available and theoretically could prove what you are trying to solve.

/KX
HCP
legendary
Activity: 2086
Merit: 4363
Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.
I thought that was made fairly clear by the first reply in this thread... and then the subsequent follow up from achow Roll Eyes

Note that they are specifically talking about the AES-256 encryption used by Electrum... other encryptions may be susceptible to "known plaintext attacks".
newbie
Activity: 11
Merit: 18
To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.
HCP
legendary
Activity: 2086
Merit: 4363
I was thinking we need the seed and the password to get access to those keys, and when i try with bitcoin password it worked, but maybe it does because was the password Electrum asked to configure the wallet. Then when i get access to those private keys i think for a moment i solve the puzzle and i posted here.
Electrum doesn't use the password to generate keys... it only uses the seed mnemonic. The wallet file password is only used to encrypt the data stored in the wallet file. You can setup a wallet without a password using that same seed and it will generate the same addresses/keys.

In any case, it seems you have missed the point of the OP. They were looking for a reliable method to be able to use an unencrypted Electrum wallet to determine the password of an encrypted version of that same Electrum wallet file. They were not simply asking you to "guess" or bruteforce the password for the wallet that they linked. Roll Eyes

And it would appear that odolvlobo has taken pity on you and removed their feedback.
legendary
Activity: 3346
Merit: 3130
...
Since i got access to those private keys i assume i got access to the wallet, maybe the method i used was wrong or i get confused, sorry to waste your time guys.

You have access to the private keys because you were given the seed.

Since you update the post i will reply again, i don't want to spam this thread, i just want to recovery my neutral trust. i'm not a scammer odolvlobo and you are making a mistake here, i say it again, my answer was wrong and i didn't get the price, i make the mistake when i think the password was bitcoin because as you say i already have seed.

I was thinking we need the seed and the password to get access to those keys, and when i try with bitcoin password it worked, but maybe it does because was the password Electrum asked to configure the wallet. Then when i get access to those private keys i think for a moment i solve the puzzle and i posted here.

But cmon odolvlobo, it was just a try, i recognize my mistake, but i'm not a bad guy, i'm not here trying to scam, i'm the kind of guys who like to help others on the community and even sometimes i like to make giveaways to attract more people in the spanish community as you can see on the next post:

https://bitcointalksearch.org/topic/direcciones-de-vanidad-giveaway-5104776
https://bitcointalksearch.org/topic/ultimo-giveaway-del-2018-10-en-premios-5083430
https://bitcointalksearch.org/topic/ordena-la-frase-por-0001-btc-5126071
https://bitcointalksearch.org/topic/fuerza-bruta-en-sitios-web-giveaway-5117693

Hope you can forgive my mistake.
legendary
Activity: 3346
Merit: 3130
I already find the password, i will message it to you right now, feel free to send the BTC to the bitcoin addy i have in my profile. As proof i will leave the screenshot here:

You may have determined the encryption key, but that's not proof.

Sorry guys, i didn't understand the mechanic but since i could add the wallet with only the seed and 'bitcoin' password i think for a moment i found the right password, maybe a screenshot isn't proof enough, but i will post the private keys from the addies we see on the Unencrypted test wallet : https://pastebin.com/yemmF3Te

Code:
lies and more lies

Since i got access to those private keys i assume i got access to the wallet, maybe the method i used was wrong or i get confused, sorry to waste your time guys.

Why do you continue lying? Those are not the private keys for those addresses. Some of them aren't even valid private keys (the first one, for example).

I don't understand why do you hate me so much, but if you want to try the keys feel free to use a service like https://brainwalletx.github.io/

Get Address From: Private Key
Point Conversion: Compressed

And then post the private key to verify them as you can see in the next image:



So, hope you can remove the negative trust, I'm not lying when I say I got access to those addys, I already apologize and as I say before, I didn't get the price because my answer was wrong, so, I don't understand why all this hate from your side. But i don't deserve a negative trust since I don't scam anyone and I'm talking with the truth.
legendary
Activity: 4522
Merit: 3426
...
Since i got access to those private keys i assume i got access to the wallet, maybe the method i used was wrong or i get confused, sorry to waste your time guys.

You have access to the private keys because you were given the seed.
legendary
Activity: 3346
Merit: 3130
I already find the password, i will message it to you right now, feel free to send the BTC to the bitcoin addy i have in my profile. As proof i will leave the screenshot here:

You may have determined the encryption key, but that's not proof.

Sorry guys, i didn't understand the mechanic but since i could add the wallet with only the seed and 'bitcoin' password i think for a moment i found the right password, maybe a screenshot isn't proof enough, but i will post the private keys from the addies we see on the Unencrypted test wallet : https://pastebin.com/yemmF3Te

Code:
address private_key
1NapuBZ2HwG8R97eZmUMDBbDfZMFiDwmFb KxGXVjrsFyybEMgCVQYfmBj5gDXV1dJ8hhrvgoZ635TV1maY867j
1KVPU4rBEY99tNvzEpT3Q9yNDEBHGgnb9z Kwc9gqzboTpgyQyWbt5jaB6doM8rECCTib3z7fNmF216Zs7KfDRy
18Ypd1vWSXYChQpWXV8GFbz9xfZ4WeToVS L3MSENg9LK7qzEghGjk96iko9z1FpPVpnRM1wJ1ZrstLxuQ8NnzP
1ECAsUAy96at3bnPLqazRRP5ms6we7jMu5 Kzmzo3FCSkaLPw6LiGRyS9bdpcDF63tNTd6LbdJQUyzSDTLombmn
1NJWjeP35ohkVvF75wQCN59HSc5sMngnp7 KyUhEihhTbHq8tQBHa9kZg7iaXam2eNVWZUXJUouptQNsAKwyKuJ
17bhUrTnmTRp97dADYCmXduzRJYUChfTAP KzqVnUg3tnbdZPSYXdoDwYY4gHYFpNQHTSoA7EJdMiwM3JzNmBnS
 1r8guwjoWDpbzBVdv3XWuWjj7FLT5obmD L53nipw54LBbWXZRA8d8XAEcNqm7k5zGyykaS5GynwUZmCPUkxf7
1GPkEPJWffccwBVk6fDyBEQ5U7FV7XnfgJ KxBUzqrhuDpXRRXgMShohLoj4ojVrUZ8ujDCQ6PUBhLARfmmfkMi
1A2cvszhViScACdhxb7fDKfuXQcfoHSPXW KyAFVkYZ6ZkKekWCawWJSdW6aHr9dP6rybA4LiVKywD9QAQZ3iRK
16TeBmyKmjY9AnfmGTDahRconR4R1qybh4 L4Ccwipx3WJSBZjYCa2AfCxNxKa6XZtjT6Ayd9DF9aTa7Aacyzrx
1Nh8BxDFSvW2SKmj486Eh1cffLLr1JaLQ7 L58fu5fQNj8nMgyasso8VZymdG1vqSra8NsT2atDnxzomtrVKaCv
1LwtUu2sEQ7Z53gbVqfLCH2XKvmW1wKpgH L3v5s46VqeDfKidEZo4jg93DHZSbBFWnvVwmdHriFxASaHRh3vNc
14JXuPBYhPqHuZ7qQyr5EJAXLbFG1BMywS KyqEjv6Eyhfme5Ru2f27ZdMqNuipqLDdYjYDM9vjVxW8kKXJDbLX
1GpyeXtwpTwoWYcqjfMD1WaEAqF8hqJETN KwaYNqaFAzftSey2sz7yHahrzLxumLCjkadVB3Vqpknxm4PiGp4H
 1qKdWNLaiQJ3mKCVDhW1Lq95715fJWDV4 L5kUqgyD4MqC3vHbLgz8ahR28R3ee7B2NB7w9a4sS9oKcP25RRbB
1KVzy777mWzZvVRRHt76UPVMwJ4iMDWgtC L4oaLdsck4a8vqSVEVzjcX2vBpThNWdzXEt5ZUwxNETd4a26eHZ6
1JCEL2GgfUKyu25GohKWPAdi6ctdPh2XsZ L2kEFjsPBaK9xcaDBb8N74fa3wkam6GrwWpL7meKjYcjWRPX74kJ
15PNyRBfuybB2B1D4HNWXeeV3baS7Y4bg8 L5P2WVFSmsZUZYrN1GQiCciUwe7XB4p3cXjfb4oVEM2aig5irdsh
1MURZyCqtvPH4h82qmbiu1Ah1UsBGXRNSY L3tcLKZZqCtoZXYKFHLC5ac4hbxVT3FWawWcjSG3nmRY4aoDKwrp
1Lrv1JyuXsXcQ6Q8DX8DpGvcHYHne6oWBD L2Yk6cuRgm2sdihVd4y4rZg47ydfsimBpSz3Mg8yrC9wPNxu1GbU
167dvYveHEsxCLcsCTH4T9QWHs5BsQSDYc KwUPFaExCp1YNoY7PpnyDR7fS96piKt9wMEWzXdE442EpQsu3KzY
15CxyeuMRP4yULTSxcCwu5bdjB43AToZaC KzDfS7fqhY8a3JuycwLDUivgCjursjmTmLinTbeFyKz6H4zFXNfx
17AVfBi3Y9Q1WDxJATqbU2T13ZMvKidqBK L3xU6nkYDxCpvjf43NwND52BwmmFx4JECDHoZ1ENoHT13GsVC7oD
1CBw77Uf2GtNrAi8Cv9EMGWLx1mKaCkZkC KzyeA3LCmzWvnvMc341G87hh6wZyRpUiTtiCpza94QTGTNrT9NkV
1HdksBc9ABhX3Ngw85AHBrXeXM1UTVs59g L5MvhEJATBzkokZCtMr4EX3dqzVcxruryRVweoRGotv7QQBaG6hg
1E4gmz2oybGv6ibBaiCxBdB9yVEaCSNdZY L3tQk4RbMQ6LpXJMh7aN3QN4AKfrnRqAHDPDomFkS1swrnHUUk9G

Since i got access to those private keys i assume i got access to the wallet, maybe the method i used was wrong or i get confused, sorry to waste your time guys.
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
However I'd like to try the bruteforce to a certain extent, at least to be content that I tried that option too.
Can anyone direct me to a bruteforce tool for electrum, preferably one that I can set up my own alphabet.

Check out https://github.com/gurnec/btcrecover I believe it has options you are looking for.

Thanks but it only works with Electrum 1.x and 2.x

Seeds, key derivation and wallet structure changed from 1.x to 2.x but did not change in 3.x. The version 3 Electrum introduces SegWit support hence the major version bump.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
However I'd like to try the bruteforce to a certain extent, at least to be content that I tried that option too.
Have you considered contacting a specialist? See Bitcoin Wallet Recovery Services - for forgotten wallet password for Dave's topic on walletrecoveryservices.com. Unless the password is too difficult, they'll have the computing power and knowledge to brute-force it.
I haven't tried (nor needed) his services, but from what I've seen, he's legit. Note that there are many "recovery services" that I wouldn't trust at all too, so be very careful which one you use!

newbie
Activity: 11
Merit: 18
However I'd like to try the bruteforce to a certain extent, at least to be content that I tried that option too.
Can anyone direct me to a bruteforce tool for electrum, preferably one that I can set up my own alphabet.

Check out https://github.com/gurnec/btcrecover I believe it has options you are looking for.

Thanks but it only works with Electrum 1.x and 2.x
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
However I'd like to try the bruteforce to a certain extent, at least to be content that I tried that option too.
Can anyone direct me to a bruteforce tool for electrum, preferably one that I can set up my own alphabet.

Check out https://github.com/gurnec/btcrecover I believe it has options you are looking for.
Pages:
Jump to: