Pages:
Author

Topic: Damaged paper wallet - Help!! (Read 889 times)

member
Activity: 180
Merit: 38
January 23, 2021, 11:07:06 AM
#36
Okay glad you got it sorted  Smiley
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
January 27, 2021, 08:36:11 AM
#35
Sheesh... you have an almost impossible task to get "Humpty dumpty" together again. A lesson is to be learnt from this .... always make duplicate copies of your Paper wallets and store them at two separate geographical locations.

I also laminate my Paper wallets to protect them from natural elements and also bugs. (Mites / Silverfish etc.)  I went through something very similar, so I share your frustration.

Tip : DO NOT store loads of coins on a single paper wallet... I distribute small amounts on several wallets. (More convenient if you have to sweep a small amount to use in emergencies and also lower risk when you have to do it)  Wink
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
January 26, 2021, 11:14:49 PM
#34
I am almost certain that I've used a combination of three words, I have a list of words that I might use (around 2000 words). Is there an easy way to create a "mixed" list from them (without those who are less than 15 characters) to test?

There's an online tool for that. Put all your words in https://textmechanic.com/text-tools/combination-permutation-tools/combination-generator/ and optionally select the "repeated words" checkbox if you know that you used some words twice. This won't filter the result list by length though but you can try sorting the list by length using https://miniwebtool.com/sort-text-by-length/ and delete the lines they are shorter than 15 characters.

2000 combinations of 3 words gives you at most 8 billion possibilities before removing the ones that are too short, so your odds with using brainflayer is good even though it is single-threaded.
newbie
Activity: 47
Merit: 0
January 26, 2021, 03:26:26 PM
#33
You used bitaddress to make that brainwallet and chances are you probably did not type random characters as the password there.

Yes brainflayer is an option but the speed will not be great because A) it is not multi-thteaded or GPU-accelerated in any way, and B) you are only searching for the private key of one address, this makes the bloom filter that brainflayer uses very inefficient because bloom filters can check tons of different HASH160s of an address at the same speed. Still, try it anyway, especially if you can guess what kind of password you might have used.

I would not use VanitySearch for this task because while it can use (Nvidia) GPUs, it was not designed with brute-forcing addresses in mind. You need to already know the public key, which cannot be derived from the address, and even if you do have that, it's just a generator program which will terminate as soon as it finds address with a prefix in front of it, while you're looking for the private key, or rather it's WIF specifically.

The alternatives are not much better either and you may have to resort to brute forcing the address with Bitcrack if you cannot remember your password.

I am almost certain that I've used a combination of three words, I have a list of words that I might use (around 2000 words). Is there an easy way to create a "mixed" list from them (without those who are less than 15 characters) to test?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
January 26, 2021, 03:00:44 PM
#32
You used bitaddress to make that brainwallet and chances are you probably did not type random characters as the password there.

Yes brainflayer is an option but the speed will not be great because A) it is not multi-thteaded or GPU-accelerated in any way, and B) you are only searching for the private key of one address, this makes the bloom filter that brainflayer uses very inefficient because bloom filters can check tons of different HASH160s of an address at the same speed. Still, try it anyway, especially if you can guess what kind of password you might have used.

I would not use VanitySearch for this task because while it can use (Nvidia) GPUs, it was not designed with brute-forcing addresses in mind. You need to already know the public key, which cannot be derived from the address, and even if you do have that, it's just a generator program which will terminate as soon as it finds address with a prefix in front of it, while you're looking for the private key, or rather it's WIF specifically.

The alternatives are not much better either and you may have to resort to brute forcing the address with Bitcrack if you cannot remember your password.
newbie
Activity: 47
Merit: 0
January 26, 2021, 02:03:42 PM
#31
I converted my public key to hex and placed it in example.hex.
Than:
hex2blf example.hex example.blf
Public Key? Or your address converted back into Hash160 form? Huh


Installed and ran brainflayer with my public key & possible word list that I've made.
within an hour it said that it found the key, but it's 40 characters, which looks like hex format (starts with 83).
Do I need to convert it to WIF somehow, or it is just a false-positive?
When you ran brainflayer... and it popped out a result... the "passphrase" should have been on the end of the line of output... like this example where I found that "abc123" was the passphrase used:
https://i.imgur.com/misTdXl.png

The 40 char hex at the start of the line should be the "RIPEMD-160(SHA-256(public key))" (aka HASH160) that you derived from your address (convert Base58check address back to Hex) and put into the example.hex file before you ran hex2blf


Anyway, simply put that "passphrase" into a brainwallet generator like: https://www.bitaddress.org/ (use the "Wallet Details" tab)
or, if your passphrase is too short to be recognised using BitAddress (like my example) try: https://brainwalletx.github.io/#generator (click "Toggle Key" to see private key in WIF format)

NOTE: don't run these tools "online"... you should download them and run them "offline"... both have links to github and/or .zip files at the bottom of the page!

This gives:
https://i.imgur.com/K9yxe5o.png


(You may need to check both the "uncompressed" and "compressed" options to see the correct address)

Thanks for that.
I got 20 different results (I used a custom generator key-word + downloaded the English dictionary txt file), none of them match my address.
How it's even possible to get those results if I only type one (mine) address inside the "example.hex" file (and converted it to example.blf)?
HCP
legendary
Activity: 2086
Merit: 4361
January 23, 2021, 05:40:14 PM
#30
I converted my public key to hex and placed it in example.hex.
Than:
hex2blf example.hex example.blf
Public Key? Or your address converted back into Hash160 form? Huh


Installed and ran brainflayer with my public key & possible word list that I've made.
within an hour it said that it found the key, but it's 40 characters, which looks like hex format (starts with 83).
Do I need to convert it to WIF somehow, or it is just a false-positive?
When you ran brainflayer... and it popped out a result... the "passphrase" should have been on the end of the line of output... like this example where I found that "abc123" was the passphrase used:


The 40 char hex at the start of the line should be the "RIPEMD-160(SHA-256(public key))" (aka HASH160) that you derived from your address (convert Base58check address back to Hex) and put into the example.hex file before you ran hex2blf


Anyway, simply put that "passphrase" into a brainwallet generator like: https://www.bitaddress.org/ (use the "Wallet Details" tab)
or, if your passphrase is too short to be recognised using BitAddress (like my example) try: https://brainwalletx.github.io/#generator (click "Toggle Key" to see private key in WIF format)

NOTE: don't run these tools "online"... you should download them and run them "offline"... both have links to github and/or .zip files at the bottom of the page!

This gives:



(You may need to check both the "uncompressed" and "compressed" options to see the correct address)
jr. member
Activity: 39
Merit: 10
January 23, 2021, 01:21:16 PM
#29
I converted my public key to hex and placed it in example.hex.
Than:
hex2blf example.hex example.blf

Than:
brainflayer -v -b example.blf -i phraselist.txt



Put your private key in electrum wallet to check if it is real or not and the balance.
newbie
Activity: 2
Merit: 1
January 23, 2021, 12:46:37 PM
#28
Hello all.
I have been following various discussions in this forum for quite some time.
Wouldn't Vanity Search be useful in this case?

https://github.com/JeanLucPons/VanitySearch

It is described in Step 3, plus the wildcards for the missing digits, that should be much faster.

If I am wrong please ignore my post.
Greetings
newbie
Activity: 47
Merit: 0
January 23, 2021, 10:59:46 AM
#27
I converted my public key to hex and placed it in example.hex.
Than:
hex2blf example.hex example.blf

Than:
brainflayer -v -b example.blf -i phraselist.txt
newbie
Activity: 47
Merit: 0
January 23, 2021, 10:42:02 AM
#26
Installed and ran brainflayer with my public key & possible word list that I've made.
within an hour it said that it found the key, but it's 40 characters, which looks like hex format (starts with 83).
Do I need to convert it to WIF somehow, or it is just a false-positive?
HCP
legendary
Activity: 2086
Merit: 4361
January 22, 2021, 03:15:38 PM
#25
I wrote some words that I might use to create the key, now how can I check them?
Brainflayer is pretty much the "standard" when it comes to brainwallet "cracking"... there are loads of tutorials on google/blogs/youtube etc that show it in action.

You feed it a list of potential passphrases (wordlists, phrase lists, book quotes, song lyrics etc), it then generates the "brainwallet+address" and compares with a bloom filter of addresses you're interested in...
legendary
Activity: 1624
Merit: 2481
January 22, 2021, 12:49:58 PM
#24
I wrote some words that I might use to create the key, now how can I check them?

It depends on the amount of combinations you want to check.
It its just a few, use website you have used to generate your brain paper wallet.

If you want to check tons of information, you'd need a tool to do so. If there is no, you could ask someone to write one for you.
Maybe someone is doing this for free, otherwise it shouldn't cost too much anyway.

But you need a relatively good idea on how the password was. Otherwise there is little to no hope.
member
Activity: 180
Merit: 38
January 22, 2021, 12:11:04 PM
#23
if it's just a brainwallet then you can use a simple SHA256 script that rotates the words and hashes them and then creates a keypair and then checks the outcome against a given address.
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
January 22, 2021, 09:40:27 AM
#22
I'm not sure if there's an off-the-shelve tool for your specific situation... tbh, i've never tried to bruteforce brainwallets Wink
This being said, if a tool doesn't exist, it shouldn't be to hard for a programmer to write one... What you're asking isn't exactly rocket science
newbie
Activity: 47
Merit: 0
January 22, 2021, 08:43:45 AM
#21
--snip--
Single SHA256 of the passphrase while enforcing a minimum 15 character length passphrase.
https://github.com/pointbiz/bitaddress.org/blob/72aefc03e0d150c52780294927d95262b711f602/src/ninja.detailwallet.js#L58-L62

It is insecure so if OP has some idea about the passphrase they used there could be a chance to brute force it rather easily.

Just to make sure the OP isn't getting any false hopes: Coding Enthusiast is using a different way of saying what i've said before: OP could brute force his passphrase if he has an idea what it might have been... If it was a completely random passphrase, it's still allmost impossible... Bruteforcing the actual private key is impossible (well, theoretically it's possible, but in reality it's not)

Yes, I understand that.
I wrote some words that I might use to create the key, now how can I check them?
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
January 22, 2021, 08:42:12 AM
#20
--snip--
Single SHA256 of the passphrase while enforcing a minimum 15 character length passphrase.
https://github.com/pointbiz/bitaddress.org/blob/72aefc03e0d150c52780294927d95262b711f602/src/ninja.detailwallet.js#L58-L62

It is insecure so if OP has some idea about the passphrase they used there could be a chance to brute force it rather easily.

Just to make sure the OP isn't getting any false hopes: Coding Enthusiast is using a different way of saying what i've said before: OP could brute force his passphrase if he has an idea what it might have been... If it was a completely random passphrase, it's still allmost impossible... Bruteforcing the actual private key is impossible (well, theoretically it's possible, but in reality it's not)
legendary
Activity: 952
Merit: 1385
January 22, 2021, 08:29:35 AM
#19
I thought that brain wallets are weaker than random keys, aren't they?

I does not matter really.
Or let's say differently - it depends on the vector of attack.
In your case there are 2 possibilities: you try to recover WIF or you try to recover seed phrase.
With WIF - usually if there is more than 7-8 characters missing (not counting the last 4-5, which are checksum and are not critical for the problem), it becomes difficult (it not really makes sense, or in other words - it would take a log time. Of course there is chance that you will hit the correct WIF after one second, but I would not have too much hope.
You may play with my simple program for that: https://github.com/PawelGorny/WifSolver
Maybe you should think about seed phrase you used? Or you definitely abandon that idea?
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
January 22, 2021, 08:28:01 AM
#18
I'm not exactly sure how Bitaddress used to generate them but I presume they are not salted.
Single SHA256 of the passphrase while enforcing a minimum 15 character length passphrase.
https://github.com/pointbiz/bitaddress.org/blob/72aefc03e0d150c52780294927d95262b711f602/src/ninja.detailwallet.js#L58-L62

It is insecure so if OP has some idea about the passphrase they used there could be a chance to brute force it rather easily.
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
January 22, 2021, 08:18:59 AM
#17
I thought that brain wallets are weaker than random keys, aren't they?
yes
Pages:
Jump to: