Topic: Bitcoin Core wallet.dat file containing 3.5 BTC + Password Hint (Read 1697 times)

hello all,

can someone upload the wallet into a free hosting service.

thanks,

can you reupload the wallet file again ?

So, did you get the help you needed?

Nigerian scam - BTC edition?

He's lied about the wallet he hasn't been active since May 8. It isn't his wallet.

I don't think so, redownloaded from my link and compared with file from 1st post from OP: both are identical and give the very same SHA-256 hash which I included.
Size of file: 408 KiB (417792 Bytes)

to save you a few keys the password is bigger than 7 chars

thank you bro ..if I'm lucky you will be too...

but the SHA256 you gave is not valid ..

Have fun with it: https://ufile.io/3bhfrwas (SHA256: 5043E89165952E9AE9F24615319DC343C13150CF0B57537FA0D10F3D89EAA44A)

@entropyapes....guys

please can you reupload the wallet file again cant find it anywhere ..
only in scam selling sites ...

Not if the scammers modified the file correctly. For example I suppose they could just create a wallet with bitcoin core and encrypt it with a strong password then go back and start modifying the result by injecting the address that doesn't belong to the wallet so that if you look inside you see the address and think it is real. In that case the file content would look legitimate.

I assume there's no way to check if the encrypted parts of a wallet.dat aren't rigged or otherwise made up without knowing the correct encryption passphrase?

Usually you do not need to load a file into Bitcoin Core, it is enough to open in any text editor and look for the phrase name




Exactly what I wrote 2 weeks ago: https://bitcointalksearch.org/topic/m.60052093

The market exists, but after initial excitement I am not sure if people are not tired of lack of success and if their business is still running. For sure they were able to earn some money (+ other's like satoshidisk which is/was used for hosting).

This possible scam wallet.dat  That file, is works but struck with a password, right?

Why owner file did not try to crack the password themself?

Well i managed to download it few days ago and loaded it in bitcoin core and it seems normal wallet.dat file. the address with balance is, 1NUW3z5z6cNs8Ltd2cN2BnxP92dySdcuG8

https://imgur.com/a/fbDdLrB

I tried to search the address and it lead me to this site: https://allprivatekeys.com/wallet/3.53BTC
I think OP bought this wallet on that site and got tired to brute force it so that's why he gave it away the wallet.dat

I didn't know that wallet.dat file with lost passwords can be sold lol..

If it's pretty easy one why you're unable to open the wallet ?

People don't give wallets holding BTC3.5 for free you're hiding details.

I don't believe your excuse for being unable to crack with brute forces. Wallet cracking services exist. You aren't giving BTC3.5 to anonymous people expecting a tip. It isn't your wallet.

There are some possible reasons why he is sharing it with this forum:

1. He did not know about wallet cracking services. Though a quick google would have shown it up.

2. He don't trust the wallet cracking services and wants it out in the open.

3. He wants to see if anybody has the computational horse power to crack these passwords to verify how safe bitcoin actually is.

4. Most likely the wallet.dat is stolen and it is therefore too risky to send it to a wallet cracking service, this way he is hoping to catch some of the money for the cracking work of others.

Whatever the case may be my advise to whoever cracks it if real is to do the following:

1. Keep 3.0 BTC for yourself.
2. Send 0.5 BTC to him.
3. Show screenshots that 0.5 BTC was send to him.

Step 3 is very important, because this builds some level of trust and word of mouth that forum-ites on this forum can actually help and re-gain funds. This may bring in more oppertunities for forum-ites.

So at first glance sending 0.5 BTC to him seems sour, but it could be a very smart thing to do long term.

Anyway finally if the original poster does receive some BTC he also be smart to post it here with some screenshot for the exact same reaosn as 3. LOL.

GOOD LUCK.

(P.S.: The last time I investigate such an offering, it was in a different way, it was real... so....)

*addition*:

One remaining and intrigueing question remains:

Suppose it's number 4. The wallet was/is stolen, then how does the poster know that the password is 8 characters long and numbers and letters ? This would imply that somebody observed somebody else typing in the password and may have seen the number of fingers being used or key pressed being made. It could also be the number of clicks on the keyboard.

This could also explain why the estimate is not exact but somewhere between 6 and 8. (If you do try I would recommend going up to 9, if feasible/possible ! )

Yes, or it could be a valid wallet.dat but encrypted with a very strong password in bitcoin core (for ex more than 20 random  chars).
 the proprietary can sold him claiming that the password is accessible with few resources but it fact it is waste of time

Well, you know, there are quite some weirdos in this world. Not here to judge, but some people have fun in strange things.

There are some people now already involved in this thread and I for myself enjoy the valuable contribution of some of you providing good links very much for details I forgot or never knew. Many thanks, greatly appreciated!

As chances are slim, I will skip to waste energy for password crunching as there are too many red flags in my opinion.

That's right. As I've already said, it doesn't make much sense to share so much money with strangers. Perhaps because it's not yours either.

In this case - I do not know what OP is hoping for. For success it must be 1) real wallet 2) opened by someone 3) honest "winner" share coins with OP. Maybe he bought that wallet and has no resources to crack the password?
Here, there is no clear gain for him. But in general it seems there is a huge "market" for locked wallets.
For example that topic from Russian board: https://bitcointalksearch.org/topic/1000-0001-btc-5160025
Or that topic, already mentioned by me: https://bitcointalksearch.org/topic/dont-buy-walletdat-files-with-lost-passwords-exchange-them-5242967
So you may buy password protected wallet and try your luck or you may just get one for free.

If you check addresses sold, most of them has public key exposed...

For that amount, I suspect the hints aren't proper, for if they did, one would have cracked the password already. OP, are you sure the password is 4-8 characters long with the English letters and/or numbers? Is there a slight chance you've chosen a special character which isn't mentioned?

For those who say it's a scam, what's the benefit of the scammer exactly?

It is pretty easy to manipulate a wallet file simply because wallet files don't really have any kind of checksum or integrity check to make sure the file is not manipulated. It is jut raw data that can be modified and any part of it like the addresses can be changed to a funded one and the encrypted keys to garbage undecryptable data.

I do not know how all that .dat files are manipulated, but as far I recall, it was somehow proved that it is possible to "inject" given address into wallet.dat file knowing it's public key. In other words - if you know public key (wallet has spending transaction) it is possible to create a forged wallet file for that address. Wallet will work in bitcoin core, show correct balance etc. But of course it will not be possible to withdraw coins as private key will not be available.
Such a bad surprise when you already crack the password.

And yes, address from OP's wallet has spending transaction, which means (in my opinion) that chances it is forged change from 50/50 to 99%.

It's true Bitcoin Core use AES, although it's more than encrypt private key with AES[1-2].


Since you asked, i just did it on VM. Looking at it's transaction history, 1NUW3z5z6cNs8Ltd2cN2BnxP92dySdcuG8 is the only receiving address. According to mempool.space[3], it has ~3.5BTC. But there's no way to know whether the non-encrypted part of the wallet is manipulated or not[4].

[1] https://en.bitcoin.it/wiki/Wallet_encryption
[2] https://bitcoin.stackexchange.com/a/1714
[3] https://mempool.space/address/1NUW3z5z6cNs8Ltd2cN2BnxP92dySdcuG8
[4] https://bitcointalksearch.org/topic/m.50566174

Why is BIP38 involved here? From what I remember a password protected wallet.dat basically encrypts more or less only the private key stuff with AES. I may lack knowledge here though as cracking wallet.dats is not my business. I'm more just curious and have fun to broaden my crypto knowledge.

Has anyone tried to load this wallet.dat into Bitcoin Core to check which addresses claim to hold the funds and if a blockexplorer actually shows these funds? I admit, I haven't tried yet because I don't believe this is a legit and valid wallet.dat (well, likely 99.999% of publicly available wallet.dats are manipulated scams).

I try (just for fun) because i'm pretty sure that this is a scam every numeric possibility
between 0->99999999. no found

Does someone know if the OPENCL implementation of bip38 decoding in hashcat is optimised ?
I have only a speed of 28000 tests / sec on my RTX3070...
I want to test a coding from scratch of AES and scrypt (used in bip38) on a CUDA kernel
with this library :
https://github.com/franneck94/CUDA-AES/blob/master/AES%20CUDA/AES.cu

but i d'ont know if the game deserves to ?

can already confirm that 1-6 characters the password is not.
who knows...maybe he is the owner maybe not... i will try up to 7 characters to help him.
and yes the story it's a little weird.. no money but posted the walled.

Exactly.
Checking 1-8 digits is trivial. To check 6 characters lowercase+digits takes around 2h on 7x 3090 using hashcat. If OP gave that wallet to open long time ago, I believe there is at least one person who checked that possibilities. There is of course always a chance that password has 9 characters... no?
Anyway, if one of you wants to try hashcat, this is the configuration:
Save wallet hash into file (hash.txt):

Commands for hashcat to launch search of digits + lowercase letters, passwords 6, 7 and 8 characters long:

Good luck!

Considering all OP's posts so far, I have some doubt that this wallet.dat actually contains keys for those funds that you claim are in "your" wallet.
If it were legit, you'd get the most from Dave of walletrecoveryservices.com who has decent fast hardware for cracking and you'd get 85% of the wallet's funds.
Whereas posting it here to the public is kinda weird, you'd risk to get 0% if it were a valid wallet.dat with "real funds".

Taking your password hints into account, only lowercase letters and numbers, a length of 4-8 as you claim: that's a search space of approx. 2.9*10^12 possible passwords in total. Who's going to waste the energy to try to crack this under the assumption that your password hints are even valid? (Yes, I'm judging you by your posting behavior, I might misjudge you or not.)

It means some of those people have violated your secrecy.

But I am surprised that the wallet has not been cracked yet given that it is between 4-8 chars with only numbers and letters. That would be easy fodder for Hashcat and a lone (high-end) GPU. Are you sure these are the exact constraints of the password? Maybe there could be some non-latin characters that you have forgotten about?

This wallet was mine, in 2012 I bought some BTC than I wasnt very educated and I forget the password, but all my passwords at that time was only number and some number and letter without capital letter, I shared it before with 3 guys that claimmed be able to brute force but till now nothing happenned and the funds are still in the hash, may someone here find and we will have a good time on it.

It is the most probably forged wallet. Did you buy it and now you want others to open it for you?
It is available for sale on some scam websites: https://wallet-dat.net/bitcoin-core-wallet-dat/bitcoin-core-wallet-dat-3-53-btc/
Some even give it for free: https://bitcointalksearch.org/topic/m.54284429

If you got success it will be a dream coming true in my life, any couple of thousands would change my reality, thanks for your effords!

oh well, your wallet, your money.
I can't guarantee that someone else with faster machine will not find the password first without giving you back whats your.
I will try to see if i can help you.

I would be very glad if you pay me 50% or a couple of thousands if you got success, but I already shared and I dont think is fair to delete, if you find and give me some of the funds I will be more than happy because am currently almost bankrupted.

I will help you recover what's yours.
I will pm you if what you provided is correct.
Please delete the link for now for your safety

If it's a pretty easy one, why don't you pay a wallet recovery service to do it for you? The most reputable I know is walletrecoveryservices.com. Dave, who's the administrator, takes only 15% of what's found for amounts greater than $100k.

It's already late, but if it's indeed easy, don't expect someone to send you more than a tenth of it. That's a lot of money.

You can use bicoin2john to extract the password hash from the wallet and then someone can brute-force it with Hashcat. I wrote a guide [1] with details on how do do this.
Cheap GPU power can be rented from vast.ai as well.

---

[1]: https://notatether.com/tutorials/what-is-the-bitcoin2john-script-and-how-do-you-use-it/

Hello, I got one wallet.dat containing 3.5BTC and the password is 4 to 8 digits numbers and letters only, pretty easy one.
You can use BTCrecover or whatever techniques you have to find the password.
This is a technical discussion so I belive am in the right place.
Am giving the wallet.dat for free and if the password finder is ethical send me whatever it thinks is right to:
1CuBp3ZUhebentFtYaZMSGFSVzV4Aga3TZ

Link to Download the File:
https://www.transfernow.net/dl/20220504e6gZ6GTD

I have a cheap 2 core laptop as my driver so am not able to even to try to find it, but as I mentioned above, it is only 4 to 8 digits password. there is good odds to be only numbers, that is all I know about the password.
Have fun and if you find share with us the experience and dont forget my tip.

AM A HOMO SAPIENS TRYING TO MAKE MILLIONS TO DEVELOPE MY OWN NUCLEAR WEPONS AND HIRE PEOPLE TO DEVELOPE BIOLOGICAL IMMORTALITY, AM CURRENTLY HOMELESS BECAUSE I WAS A ELON MUSK THAT FAILLED, HELP ME RISE AGAIN AND LET ME EXPLODE THE PARTICULES.

DONATE MILLIONS TO ADDRESS BELOW AND LET SEE ME BENDING THE PARTICULES HARDER THAN BIG BANG ~~~~~~~~~~~~~~~~~~

1APEXJf4M5ajLkeK3JxjAJ284zJLCcELj1
1APEXJf4M5ajLkeK3JxjAJ284zJLCcELj1
1APEXJf4M5ajLkeK3JxjAJ284zJLCcELj1
1APEXJf4M5ajLkeK3JxjAJ284zJLCcELj1
1APEXJf4M5ajLkeK3JxjAJ284zJLCcELj1