Topic: Brutforcing a wallet - page 2. (Read 8184 times)
This whole concept is really, really, flawed. Every single key and wallet ever made can be found at directory.io If you know how to brute force theres your weakness.
how do you locate Rendezvous addresses?
Dear Threadstarter...
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Have fun watching.
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Have fun watching.
First off how do we know you entropy was not something like 1 and the cracker just generated that character first. This shows no flaw, it shows nothing. You took a public key from an unknown entropy and got the private key. You didn't brute force any private key. Until you brute force my private key, this video is invalid.
Lol, if the entropy was 1 we would have only two different addresses generated. But the random address generator was generating dozens of different addresses. More precisely, the entropy came from pythons "random.randrange()".
Actually, now I know that you are just trolling as you seem to ignore everything that I try to explain. You said it is not possible to crack any private_key ... but I have just cracked a private key in seconds. A private key of a legit bitcoin address verified on blockchain.info. So your statement is clearly not true.
You are not cracking anything stop saying it cause you are trolling, you trying to spread FUD, but what you did was just take advantage of poorly created addresses. "random.randrange()" isn't used in any wallet system that I know of it, so this isn't a problem.
What I am actually taking advantage of are "weak" addresses. They are not the same as poorly created addresses. Weak addresses may come from any entropy source - i could (if I had the time to) generate weak adresses using "/dev/urandom" and they would be still crackable easily.
It does not depend on the entropy, in fact it all depends on the distance to a rendezvous point.
https://bitcointalksearch.org/topic/m.4813821
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
Well, the "laws of the universe" know time dilletation right?
You could cause a computer, which is accellerated to near light speed, to bruteforce for 100.000.000.000 years (your picture states that power consumption is negligable) while here on earth only a few seconds pass by. This is Einstein's "laws of the universe".
You could cause a computer, which is accellerated to near light speed, to bruteforce for 100.000.000.000 years (your picture states that power consumption is negligable) while here on earth only a few seconds pass by. This is Einstein's "laws of the universe".
You'd have to do the math but even if 100 billion years pass in a few seconds how many seconds would it take to count to 2^256. Probably a incomprehensible amount of seconds.
Might want to rethink that...
115792089237316195423570985008687907853269984665640564039457584007913129639936 addresses
and
3155760000000000000ish seconds in 100000000000 years. I'll let you figure up the rest of the math.
Before you start, at least try to figure out how successful you might be: If you can check 1 trillion addresses per second (1012), then it will take you only 1015 seconds (32 million years) to go through the entire space.
No no no, don't you dare bring logic into this! 
There is no proof needed:
Nobrainr:
Wordlist Length: 7776
Number of Random Words: 7
Size of Search Space: 7776^7 = 1.71 * 1027
Maximum Possible Search Space: 2256 = 1.15 * 1077
Result: Searchspace is Reduced to this percentage: 1.484618518476838608918817891513466139612896777*10-50
Analogon: This means like I can hide a 10 dollar bill anywhere in the universe, but by accident I have hidden it somewhere in your house.
I am starting right away, in the hope that anyone has a 1000 BTC cold wallet out there just waiting for me.
Nobrainr:
Wordlist Length: 7776
Number of Random Words: 7
Size of Search Space: 7776^7 = 1.71 * 1027
Maximum Possible Search Space: 2256 = 1.15 * 1077
Result: Searchspace is Reduced to this percentage: 1.484618518476838608918817891513466139612896777*10-50
Analogon: This means like I can hide a 10 dollar bill anywhere in the universe, but by accident I have hidden it somewhere in your house.
I am starting right away, in the hope that anyone has a 1000 BTC cold wallet out there just waiting for me.
Before you start, at least try to figure out how successful you might be: If you can check 1 trillion addresses per second (1012), then it will take you only 1015 seconds (32 million years) to go through the entire space.
You have demonstrated that random.randrange() can be an extremely poor entropy generator. I hope that no real bitcoin address generator uses that function to generate addresses, though I guess it is possible that someone might use it.
hmmm.... for starters, randrange() is not a generator. also, many wallets and tools use that function. One simple example is NoBrainr:
https://bitcointalksearch.org/topic/nobrainr-a-secure-and-transparent-cold-address-generator-in-1024-bytes-308972
I would like to challenge you to "crack" any key generated by it...
You are right. I was being sloppy. The problem is not with random.randrange() specifically, but how it might be used. For example, this is an extremely poor way to generate addresses:
key <- SHA-256(random.randrange(0, 232-1, 1))
I'm guessing that this is similar to how the OP generated the addresses that he could easily crack.
flatfly: I have reviewed NoBrainr and I thing you do not need any of these sophisticated tools to crack addresses created by it.
Actually, a simple programmable calculator is enough.
Let me grab all cold wallets ever created with NoBrainr, and come back to this thread ;-)
Actually, a simple programmable calculator is enough.
Let me grab all cold wallets ever created with NoBrainr, and come back to this thread ;-)
I'm not convinced about your uber hax0r skills but you sure are entertaining
Of course, if you post a proof (other than a funny/shaky/blurry video), I'll review my statement
There is no proof needed:
Nobrainr:
Wordlist Length: 7776
Number of Random Words: 7
Size of Search Space: 7776^7 = 1.71 * 1027
Maximum Possible Search Space: 2256 = 1.15 * 1077
Result: Searchspace is Reduced to this percentage: 1.484618518476838608918817891513466139612896777*10-50
Analogon: This means like I can hide a 10 dollar bill anywhere in the universe, but by accident I have hidden it somewhere in your house.
I am starting right away, in the hope that anyone has a 1000 BTC cold wallet out there just waiting for me.
This is all well known. (Full discussion in the NoBrainr thread)
It must be a hell of a programmable calculator you have if it can crack that. I want the same one
Also I'd love to try out what you're smoking.
(No offense meant, I was also young and naive not so long ago)
flatfly: I have reviewed NoBrainr and I thing you do not need any of these sophisticated tools to crack addresses created by it.
Actually, a simple programmable calculator is enough.
Let me grab all cold wallets ever created with NoBrainr, and come back to this thread ;-)
Actually, a simple programmable calculator is enough.
Let me grab all cold wallets ever created with NoBrainr, and come back to this thread ;-)
I'm not convinced about your uber hax0r skills but you sure are entertaining
Of course, if you post a proof (other than a funny/shaky/blurry video), I'll review my statement
There is no proof needed:
Nobrainr:
Wordlist Length: 7776
Number of Random Words: 7
Size of Search Space: 7776^7 = 1.71 * 1027
Maximum Possible Search Space: 2256 = 1.15 * 1077
Result: Searchspace is Reduced to this percentage: 1.484618518476838608918817891513466139612896777*10-50
I am starting right away, in the hope that anyone has a 1000 BTC cold wallet out there just waiting for me.
Good luck with that.
This message was too old and has been purged
flatfly: I have reviewed NoBrainr and I thing you do not need any of these sophisticated tools to crack addresses created by it.
Actually, a simple programmable calculator is enough.
Let me grab all cold wallets ever created with NoBrainr, and come back to this thread ;-)
Actually, a simple programmable calculator is enough.
Let me grab all cold wallets ever created with NoBrainr, and come back to this thread ;-)
I'm not convinced about your uber hax0r skills but you sure are entertaining
Of course, if you post a proof (other than a funny/shaky/blurry video), I'll review my statement
This message was too old and has been purged
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
First off how do we know you entropy was not something like 1 and the cracker just generated that character first. This shows no flaw, it shows nothing. You took a public key from an unknown entropy and got the private key. You didn't brute force any private key. Until you brute force my private key, this video is invalid.Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Actually, now I know that you are just trolling as you seem to ignore everything that I try to explain. You said it is not possible to crack any private_key ... but I have just cracked a private key in seconds. A private key of a legit bitcoin address verified on blockchain.info. So your statement is clearly not true.
You have demonstrated that random.randrange() can be an extremely poor entropy generator. I hope that no real bitcoin address generator uses that function to generate addresses, though I guess it is possible that someone might use it.
hmmm.... for starters, randrange() is not a generator.
also, many wallets and tools use that function. One simple example is NoBrainr:
https://bitcointalksearch.org/topic/nobrainr-a-secure-and-transparent-cold-address-generator-in-1024-bytes-308972
I would like to challenge you to "crack" any key generated by it...
This message was too old and has been purged
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
First off how do we know you entropy was not something like 1 and the cracker just generated that character first. This shows no flaw, it shows nothing. You took a public key from an unknown entropy and got the private key. You didn't brute force any private key. Until you brute force my private key, this video is invalid.Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Actually, now I know that you are just trolling as you seem to ignore everything that I try to explain. You said it is not possible to crack any private_key ... but I have just cracked a private key in seconds. A private key of a legit bitcoin address verified on blockchain.info. So your statement is clearly not true.
You have demonstrated that random.randrange() can be an extremely poor entropy generator. I hope that no real bitcoin address generator uses that function to generate addresses, though I guess it is possible that someone might use it.
You will be happy to know brute forcing takes a little bit longer on the surface of the earth as clocks tick slower here than in free space.
If you sent away a brute forcing computer at high speeds, it would appear from earth's vantage point to be brute forcing more slowly. So the brute force starship attack by brute speed is fundamentally flawed.
If you sent away a brute forcing computer at high speeds, it would appear from earth's vantage point to be brute forcing more slowly. So the brute force starship attack by brute speed is fundamentally flawed.
Well... you can try to bruteforce wallet if you have enought time...
enought time = a few thousand years
enought time = a few thousand years
I will have to take out my wizardry book to enhance the GPU's xD
lol
But seriously now:
he could do it (in theory) if he has blessing of night mother...
It is like solo mining... you can find block in 1 minute or never
Dear Threadstarter...
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Have fun watching.
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Have fun watching.
First off how do we know you entropy was not something like 1 and the cracker just generated that character first. This shows no flaw, it shows nothing. You took a public key from an unknown entropy and got the private key. You didn't brute force any private key. Until you brute force my private key, this video is invalid.
Lol, if the entropy was 1 we would have only two different addresses generated. But the random address generator was generating dozens of different addresses. More precisely, the entropy came from pythons "random.randrange()".
Actually, now I know that you are just trolling as you seem to ignore everything that I try to explain. You said it is not possible to crack any private_key ... but I have just cracked a private key in seconds. A private key of a legit bitcoin address verified on blockchain.info. So your statement is clearly not true.
You are not cracking anything stop saying it cause you are trolling, you trying to spread FUD, but what you did was just take advantage of poorly created addresses. "random.randrange()" isn't used in any wallet system that I know of it, so this isn't a problem.
Well... you can try to bruteforce wallet if you have enought time...
enought time = a few thousand years
enought time = a few thousand years
I will have to take out my wizardry book to enhance the GPU's xD
Dear Threadstarter...
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Have fun watching.
Do not believe these disbelievers, nor believe all these eye catching "all addresses are safe" posters.
Just take a look at my video (http://www.youtube.com/watch?v=TC43aOdsf4g&hd=1) where I actually crack a private key live on camera.
All transactions in this video are performed on the real block chain, and can be verified on blockchain.info.
Have fun watching.
First off how do we know you entropy was not something like 1 and the cracker just generated that character first. This shows no flaw, it shows nothing. You took a public key from an unknown entropy and got the private key. You didn't brute force any private key. Until you brute force my private key, this video is invalid.
Jump to: