Bitcoin Forum>Economy>Marketplace>Services
Pages:
Author

Topic: Bounty 10000$ Who can help me recall password! (Read 705 times)

walletrecovery
copper member
Activity: 421
Merit: 29
Bounty 10000$ Who can help me recall password!
May 27, 2022, 02:15:40 PM
#57
Quote from: PrivatePerson on April 17, 2022, 03:52:49 AM
"Excellent" service...
Is your whole service just about extracting a hash from a file and inserting it into a hashcat?
Post the hash or file here.


If I show HASH here, then whoever finds the password will take all the coins for themselves.
This wallet accidentally fell into the hands of merchants and is now being sold online for little money,
because the merchants do not know anything about these hints.
PrivatePerson
member
Activity: 174
Merit: 12
Re: Bounty 10000$ Who can help me recall password!
April 17, 2022, 03:52:49 AM
#56
"Excellent" service...
Is your whole service just about extracting a hash from a file and inserting it into a hashcat?
Post the hash or file here.
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 12:42:43 PM
#55
Quote
I got anything from 8 to 20 characters, starting with "Ca". See le6-1-93ghostman.pulsedmedia.com/public-loyceclu/all_in_one_3.txt

Dictionary cache built:
* Filename..: f:\hashcat\wallet\all_in_one_3.txt
* Passwords.: 38065930
* Bytes.....: 484817732
* Keyspace..: 38065930
* Runtime...: 3 secs
...

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$***********************************************
Time.Started.....: Mon Apr 04 14:20:03 2022 (6 hours, 20 mins)
Time.Estimated...: Mon Apr 04 20:40:37 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (f:\hashcat\wallet\all_in_one_3.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:     1667 H/s (0.16ms) @ Accel:1024 Loops:16 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 38065930/38065930 (100.00%)
Rejected.........: 0/38065930 (0.00%)
Restore.Point....: 38065930/38065930 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: Caя┐╜adas -> CaшкШчЩ║цAзCaцФ╛xЗ║
Hardware.Mon.#1..: Temp: 41c Fan: 45% Util: 63% Core:1199MHz Mem:6794MHz Bus:16
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 11:48:42 AM
#54
Quote from: PawGo on April 04, 2022, 11:01:31 AM
It would be useful if you post (for example one the first page) the list of already processed files / dictionaries / sources (and maybe size of dic/nb of files)
It is easier to check in one place than read the whole topic and look for filenames.

You are absolutely right, I wrote about this, but I do not receive information about the names of dictionaries that have already been processed.
Those who processed these dictionaries know about it. I can make a list and pin at the beginning of the topic, and I will update this list. Thanks!
LoyceV
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 11:37:53 AM
#53
Quote from: PawGo on April 04, 2022, 11:01:31 AM
It would be useful if you post (for example one the first page) the list of already processed files / dictionaries / sources (and maybe size of dic/nb of files)
If All wordlists in one does what the name says, this includes all other lists:
Quote
This wordlist is the compilation of all wordlists in one. It may be helpful to create a table-lookup for hashes and password search.
It also says that All-in-One-P and All-in-One-Wi-Fi are subsets of All-in-One. So that makes searching further on weakpass.com futile.

I counted: the 57 GB all_in_one.7z file has 40,247,321,168 passwords. After several hours, I found out that's the exact same amount mentioned on weakpass.com already Wink
PawGo
legendary
Activity: 952
Merit: 1385
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 11:01:31 AM
#52
It would be useful if you post (for example one the first page) the list of already processed files / dictionaries / sources (and maybe size of dic/nb of files)
It is easier to check in one place than read the whole topic and look for filenames.
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 10:56:14 AM
#51
Quote from: PawGo on April 04, 2022, 10:15:42 AM
Quote from: walletrecovery on April 02, 2022, 01:50:45 AM

If you are tired and lazy, then do not participate in this process. Write here which dictionaries
You have used and downloaded so that other people do not do the same job twice. Thank You!

Oooh, real gentleman's talk. That's how you make friends?

By the way, I wrote clearly:
Quote from: PawGo on April 01, 2022, 03:26:57 AM
I have prepared 4 files for you: 2 based on openwall, 1 from rocktastic12a and 1 from weakpass3w:
Source dictionary was specified in filename.

Could you clarify based on what you assume that password used on that wallet file is for sure in one of leaked passwords list?
You would quickly extend dictionary to desired number of characters (by the way owner should remember if it was 10 or 20 characters, as it is 100% change) using hybrid mode and extending each of known words by custom set of digits or special characters.

Cash prizes will be given to all who participated in the process.
Prize number 1 - $10,000 for the person whose dictionary contains the password.
Prize number 2 - $ 3000 who participated
Prize number 3 - $ 3000 who participated
Prize number 4 - $ 3000 who participated
I don't think there will be more than 4 helpers. Now I see 2 helpers.

We will not do brute force or search by mask yet, it takes a lot of resources and time.
So far, we have hope that the password was stolen in 2015 and is in one of the dictionaries.
The password is 10 or more characters, including the first two letters "Ca".
PawGo
legendary
Activity: 952
Merit: 1385
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 10:15:42 AM
#50
Quote from: walletrecovery on April 02, 2022, 01:50:45 AM

If you are tired and lazy, then do not participate in this process. Write here which dictionaries
You have used and downloaded so that other people do not do the same job twice. Thank You!

Oooh, real gentleman's talk. That's how you make friends?

By the way, I wrote clearly:
Quote from: PawGo on April 01, 2022, 03:26:57 AM
I have prepared 4 files for you: 2 based on openwall, 1 from rocktastic12a and 1 from weakpass3w:
Source dictionary was specified in filename.

Could you clarify based on what you assume that password used on that wallet file is for sure in one of leaked passwords list?
You would quickly extend dictionary to desired number of characters (by the way owner should remember if it was 10 or 20 characters, as it is 100% change) using hybrid mode and extending each of known words by custom set of digits or special characters.
LoyceV
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 10:07:04 AM
#49
Quote from: seoincorporation on April 04, 2022, 09:01:51 AM
I just sha256 on both strings to verify they are the same, and yes they are:
I was more curious if OP copied the same line twice. But I confirmed it's in the file.

I did sort -u again, but it's still in there twice.
I tried sort -u | uniq, with the same result.

This just doesn't make sense:
Code:
cat all_in_one_3.txt | grep 'Ca$$0411' | sort -u | uniq           
Ca$$0411
Ca$$0411

It turns out they're different after all. It just can't be displayed:
Code:
for i in `cat all_in_one_3.txt | grep 'Ca$$0411' | sort -u | uniq`; do echo $i | md5sum; done
bb63f44bb7d31b5d58e0e4fc75906e9c  -
241b4b251694cb0f29632a89fbde1672  -

Quote
My guess is one of those has an space in front of it
That's not possible after grep "^Ca".
seoincorporation
legendary
Activity: 3346
Merit: 3125
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 09:01:51 AM
#48
Quote from: LoyceV on April 04, 2022, 07:04:52 AM
Quote
Also I see inside this passwords:
...
Ca$$0411 (8 characters)
Ca$$0411 (8 characters)
Are you sure there's a duplicate? That shouldn't have happened. If it did, I forgot a "-u" option somewhere.
...

I just sha256 on both strings to verify they are the same, and yes they are:

Code:
forum@bitcoin:~$ echo 'Ca$$0411' | sha256sum
f5985cfee81e0a3636fa3a5ca5c1c22b0e4a4b97571d840c917f4a903c8fbb1b  -
forum@bitcoin:~$ echo 'Ca$$0411' | sha256sum
f5985cfee81e0a3636fa3a5ca5c1c22b0e4a4b97571d840c917f4a903c8fbb1b  -

My guess is one of those has an space in front of it, and we can remove those with sed:

Code:
sed 's/ //g'

Remember to use sed before sort.  Wink
LoyceV
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 07:04:52 AM
#47
Quote from: walletrecovery on April 04, 2022, 06:11:16 AM
Why can't you pack this file "all_in_one_3.txt" into an archive
Piping it through gzip is no problem. I'll do that right now on all .txt files, see here when it's done.

Quote
462 Mb (before 7-zip)
64,5 Mb (after 7-zip)
It's slightly bigger using gz, but it's a more common (and much faster) compression method.

Quote
Also I see inside this passwords:
...
Ca$$0411 (8 characters)
Ca$$0411 (8 characters)
Are you sure there's a duplicate? That shouldn't have happened. If it did, I forgot a "-u" option somewhere.

Quote
We need a humans passwords of 10 or more characters only :-)
I figured I'd give you some more marging in case it's shorter anyway.
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 04, 2022, 06:11:16 AM
#46
I got anything from 8 to 20 characters, starting with "Ca". See le6-1-93ghostman.pulsedmedia.com/public-loyceclu/all_in_one_3.txt (this server expires in 3 days, I'm going to miss the 16 cores and 128 GB RAM).

Dear friend!
Why can't you pack this file "all_in_one_3.txt" into an archive (7zip, ARJ, ZIP etc)
and then post it to the public via a link? You can download from: https://7-zip.org
462 Mb (before 7-zip)
64,5 Mb (after 7-zip)

Also I see inside this passwords:
...
Ca$$0411 (8 characters)
Ca$$0411 (8 characters)
Ca$$0496 (8 characters)
Ca$$0496 (8 characters)
Ca$$_05 (7 characters)
Ca$$0697 (8 characters)
...

We need a humans passwords of 10 or more characters only :-)
-----------------------------------------------------------------------
Also You can delete this files, because it is a bruteforce method:
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/5.txt
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/6.txt
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/7.txt
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/8.txt
-----------------------------------------------------------------------

Dictionary cache built:
* Filename..: f:\hashcat\wallet\all_in_one_3.txt
* Passwords.: 38065930
* Bytes.....: 484817732
* Keyspace..: 38065930
* Runtime...: 3 secs
...
LoyceV
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Re: Bounty 10000$ Who can help me recall password!
April 03, 2022, 12:17:44 PM
#45
Quote from: walletrecovery on April 02, 2022, 03:51:28 AM
I only know that the password was created by a human, not a robot, and that this password was set in March 2015 and has not changed since then. Therefore, this password could be stolen by hackers and entered the collection of these dictionaries.
If the password is only used for this wallet, the wallet would have been emptied if the password had been leaked. If the same password was used for several different websites it could have been leaked without compromising the wallet, but if it was used on many websites I don't think it's likely it the owner would have forgotten it.

It looks like 7z can't be extracted from stdin:
Quote from: walletrecovery on April 02, 2022, 03:51:28 AM
Update:
I propose to start by processing these 3 dictionaries: https://weakpass.com/all-in-one
1) https://download.weakpass.com/wordlists/all-in-one/1/all_in_one.7z.torrent
2) https://download.weakpass.com/wordlists/all-in-one/1/all_in_one_p.7z.torrent
3) https://download.weakpass.com/wordlists/all-in-one/1/all_in_one_w.7z.torrent
From Costas at StackExchange.com:
Code:
grep -x '.\{3,10\}'
I got anything from 8 to 20 characters, starting with "Ca". See le6-1-93ghostman.pulsedmedia.com/public-loyceclu/all_in_one_3.txt (this server expires in 3 days, I'm going to miss the 16 cores and 128 GB RAM).

There's another problem with the list: there are some empty lines in it, which must be caused by some very weird characters.

Reminder for myself:
Code:
p7zip -c -d all_in_one.7z | grep -a "^Ca" | grep -ax '.\{8,20\}' | sort -u -S 20% | gzip >> output.txt.gz
alexeyneu
member
Activity: 351
Merit: 37
Re: Bounty 10000$ Who can help me recall password!
April 02, 2022, 05:07:04 AM
#44
really? ok looks like that's an answer
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 02, 2022, 04:53:53 AM
#43
Quote from: alexeyneu on April 02, 2022, 04:13:16 AM
what if this dude just joking about c a giving you wallet?
another thing is that neither he nor you  have money now. haha

if you want to troll, then this is not the place for you, we are busy with serious work here.
alexeyneu
member
Activity: 351
Merit: 37
Re: Bounty 10000$ Who can help me recall password!
April 02, 2022, 04:13:16 AM
#42
what if this dude just joking about c a giving you wallet?
another thing is that neither he nor you  have money now. haha
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 02, 2022, 03:51:28 AM
#41
Quote from: LoyceV on April 02, 2022, 02:28:33 AM
Quote from: walletrecovery on April 02, 2022, 02:07:54 AM
For example password is: Ca******** = 10 characters and/or more...
Only by such a template we need to extract passwords from dictionaries.
Who want and can CONTINUE to create another dictionaries from this list?
https://weakpass.com/wordlist
I can continue, but like I said: you'll have to select which .torrents to download by yourself. There are 107 pages on that site, each with 15 download links. If you select them, I'll get you anything that starts with Ca. But I'll need a list that I can easily process.
The Download link itself seems to work fine too, I get 70 MB/s which is even easier than the Torrent. I can pipe the download to extract it and only save the result.
Example:
Code:
wget -O- https://download.weakpass.com/wordlists/1326/b0n3z-sorted-wordlist.gz | gunzip | grep -a "^Ca" > b0n3z-sorted-wordlist.txt
This 23 GB file takes 7 minutes to process.

If you get me a list of all ~1500+ links, I'll extract them all. But I'm not going to copy that many links myself.
I'll even remove duplicates for you Smiley

If I knew which dictionary contains the password I need, then it would be much easier and faster. But the problem is that I don't know which dictionary contains the password and whether it is in any of the dictionaries at all.
I only know that the password was created by a human, not a robot, and that this password was set in March 2015 and has not changed since then. Therefore, this password could be stolen by hackers and entered the collection of these dictionaries. Also I know that the password has the first two letters "Ca" and the password cannot be shorter than 10 characters. Brute force is useless, so all hope is for dictionaries.
Okay, I will prepare for you a list of torrent links and dictionary names. We will keep records and cross out dictionaries that have already been checked.
I need a couple of days or less to complete this work.

Update:
I propose to start by processing these 3 dictionaries: https://weakpass.com/all-in-one
1) https://download.weakpass.com/wordlists/all-in-one/1/all_in_one.7z.torrent
2) https://download.weakpass.com/wordlists/all-in-one/1/all_in_one_p.7z.torrent
3) https://download.weakpass.com/wordlists/all-in-one/1/all_in_one_w.7z.torrent
LoyceV
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Re: Bounty 10000$ Who can help me recall password!
April 02, 2022, 02:28:33 AM
#40
Quote from: walletrecovery on April 02, 2022, 02:07:54 AM
For example password is: Ca******** = 10 characters and/or more...
Only by such a template we need to extract passwords from dictionaries.
Who want and can CONTINUE to create another dictionaries from this list?
https://weakpass.com/wordlist
I can continue, but like I said: you'll have to select which .torrents to download by yourself. There are 107 pages on that site, each with 15 download links. If you select them, I'll get you anything that starts with Ca. But I'll need a list that I can easily process.
The Download link itself seems to work fine too, I get 70 MB/s which is even easier than the Torrent. I can pipe the download to extract it and only save the result.
Example:
Code:
wget -O- https://download.weakpass.com/wordlists/1326/b0n3z-sorted-wordlist.gz | gunzip | grep -a "^Ca" > b0n3z-sorted-wordlist.txt
This 23 GB file takes 7 minutes to process.

If you get me a list of all ~1500+ links, I'll extract them all. But I'm not going to copy that many links myself.
I'll even remove duplicates for you Smiley
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 02, 2022, 02:07:54 AM
#39
Quote from: alexeyneu on April 01, 2022, 04:45:01 PM
but what we really have here? you're talkin that someone lost the password from 7k bucks wallet. Then he told second guy that first symbols are c a and gave him this wallet.and this second guy has -2 trust already . idk what else to say

There are bitcoins in the wallet, but there are not many of them. What $7,000 are you talking about, are you delusional?
My trust is "-2" just because one idiot thought I had a multi-account, and another thought that we were not qualified enough to work in this business, but he idiot is not our client! Our "-2" trust is irrelevant to this case and means nothing. Just like the "+2" trust.
The fact is that there is a genuine wallet and there is reliable information that the password starts with the first letters "Ca", there are many passwords on the site with a collection of dictionaries, but there is no time to check them all and there is no point.
There are a couple of guys here who downloaded large dictionaries and somehow managed to pull out all the passwords that start with the first two letters "Ca", but I checked with the "Hashcat" program and these passwords could not open the wallet.
We need to make a list of dictionaries that we have already checked and download other dictionaries in order to check all the passwords that are on the site. What is not clear here, in what language to write here, I don’t understand, asking such stupid questions is some kind of nightmare.


For example password is: Ca******** = 10 characters and/or more...
Only by such a template we need to extract passwords from dictionaries.
Who want and can CONTINUE to create another dictionaries from this list?
https://weakpass.com/wordlist
walletrecovery
copper member
Activity: 421
Merit: 29
Re: Bounty 10000$ Who can help me recall password!
April 02, 2022, 01:50:45 AM
#38
Quote from: PawGo on April 01, 2022, 04:05:37 PM
I think you have enough passwords. Do not have hope that someone else used the same. In my opinion you should launch a hybrid attack. Think what you would like to append (or prepend) to existing password and prepare the correct mask.
https://hashcat.net/wiki/doku.php?id=hybrid_attack
https://hashcat.net/wiki/doku.php?id=rule_based_attack

You don’t understand that I didn’t use dictionaries from this site: https://weakpass.com/wordlist
because I can’t pull out passwords whose first two letters are “Ca”, so I don’t have passwords,
there is only your work, what you send me and this the only hope is to find the correct password.
If you are tired and lazy, then do not participate in this process. Write here which dictionaries
You have used and downloaded so that other people do not do the same job twice. Thank You!
Pages:
Bitcoin Forum>Economy>Marketplace>Services
Jump to: