Encrypted wallet.dat, lost password, any solutions? - page 14.

ihatepasswords

newbie

Activity: 5

Merit: 0

Quote from: dbradley on December 28, 2013, 10:53:23 PM

Rather than giving your whole wallet over to someone, just extract one keypair, preferably one for an address with 0 balance. They can then crack it, but won't have access to all of your funds when they succeed.

I just need a working script and i can do it myself, is OP going to come back?

dbradley

newbie

Activity: 13

Merit: 0

Rather than giving your whole wallet over to someone, just extract one keypair, preferably one for an address with 0 balance. They can then crack it, but won't have access to all of your funds when they succeed.

ihatepasswords

newbie

Activity: 5

Merit: 0

I ran it from the command prompt, it gave me a password instantly and said it found it but its not the right one, i tried to send coin to myself and electrum said it was invalid.

edit: i added some random word in the initial password and it did the same thing, said found it! but of course it was the wrong password. It seems to think the first guess is the right one.

edit2: for the record im running windows 7x64 + electrum standalone 1.9.5 + ruby 1.9.3.

edit3: this is the script im using

Code:

#!/usr/bin/ruby
require 'base64'
require 'digest/sha2'
require 'open3'
require 'openssl'

# Double substitution for Electrum

# Put your best guess at your passphrase here
passphrase = '****************'

# The full path to your electrum.dat or default_wallet
wallet_file = 'C:\Users\Admin\Desktop\Brute\wallet.dat'

# Where to find Electrum. Use 1.9.2! Older versions may be incompatible.
$electrum = 'C:\Users\Admin\Desktop\Brute\electrum-1.9.5.exe'

def test(phrase)
$cipher.reset
$cipher.key = Digest::SHA256.digest(Digest::SHA256.digest(phrase))
$cipher.update $seed
$cipher.final
puts phrase
i,o,t = Open3.popen2e($electrum, "-o", "getseed")
i.puts(phrase)
i.close
if t.value.success?
puts "Found it! #{phrase}"
exit
end
rescue OpenSSL::Cipher::CipherError
end

def scramble(passphrase)
characters = " !$'(),.ABCDEFGHIJKLMNOPQRSTUVWXYZ^abcdefghijklmnopqrstuvwxyz"
list = []

# transpose adjacent chars
(passphrase.length - 1).times do |i|
testphrase = passphrase.dup
testphrase[i] = passphrase[i+1]
testphrase[i+1] = passphrase[i]
list << testphrase
end

# delete one char
passphrase.length.times do |i|
testphrase = passphrase.dup
testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
list << testphrase
end

# substitutute one char
passphrase.length.times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase[i] = c
list << testphrase
end
end

# insert one char
(passphrase.length + 1).times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase.insert(i, c)
list << testphrase
end
end

return list.uniq
end

wallet = File.read(wallet_file)
seed_base64 = wallet.match(/'seed': '([^']+)'/).captures.first
$seed = Base64.decode64(seed_base64)
$cipher = OpenSSL::Cipher.new('aes-256-cbc')
$cipher.iv = $seed.slice!(0,16)
Dir.chdir File.dirname $electrum
list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}
puts "No luck."
exit 1

mackminer

sr. member

Activity: 348

Merit: 251

Quote from: ihatepasswords on December 27, 2013, 05:26:47 PM

Hi revalin i had an old electrum wallet that i forgot about a while ago and went back recently to get the coins out of it but it wouldnt work even though i saved the password i used, but i think i might have changed it slightly and didnt save the changes or something but i know what it generally is and what characters i used. I found your electrum script and installed ruby on win7 and modified it to point to the wallet and electrum.exe and named it brute.rb but when i ran it it just opened and closed. i dont know what else to do can you please help?

You need to run the script within an already open terminal. Go to the folder where it is and open the command line in there. If you shift and right click you will get the option to open the terminal there.

ihatepasswords

newbie

Activity: 5

Merit: 0

Hi revalin i had an old electrum wallet that i forgot about a while ago and went back recently to get the coins out of it but it wouldnt work even though i saved the password i used, but i think i might have changed it slightly and didnt save the changes or something but i know what it generally is and what characters i used. I found your electrum script and installed ruby on win7 and modified it to point to the wallet and electrum.exe and named it brute.rb but when i ran it it just opened and closed. i dont know what else to do can you please help?

stillfire

full member

Activity: 124

Merit: 100

Quote from: mackminer on December 27, 2013, 06:58:41 AM

Quote from: Revalin on December 27, 2013, 03:54:42 AM

Quote from: mackminer on December 26, 2013, 05:46:46 PM

there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all.

Do you mean you have a long list of passwords and your passphrase is between one and five of them? I can help with that. What do you mean by "include wildcards"?

Can you provide a list of samples of what they would look like? You can substitute different words in. It'd make it easier to see what you're describing.

hotel18461846, caravan*1, thinkpad*1 lenovo*6

It's either a permutation even though I think I have tried them all - not all the words may be included or they all might be included.

I can work with that. I have a password checker built for partially known structures with wildcards. Note that if you have both wildcards and unknown order, the number of permutations can explode very quickly. I will stop after a few hundred thousand attempts so please be as specific as possible. Any detail you can recollect will help (although false recollections have been a problem in the past so don't strain your memory trying). Please PM me with details.

mackminer

sr. member

Activity: 348

Merit: 251

Quote from: Revalin on December 27, 2013, 03:54:42 AM

Quote from: mackminer on December 26, 2013, 05:46:46 PM

there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all.

Do you mean you have a long list of passwords and your passphrase is between one and five of them? I can help with that. What do you mean by "include wildcards"?

Can you provide a list of samples of what they would look like? You can substitute different words in. It'd make it easier to see what you're describing.

hotel18461846, caravan*1, thinkpad*1 lenovo*6

It's either a permutation even though I think I have tried them all - not all the words may be included or they all might be included.

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: mackminer on December 26, 2013, 05:46:46 PM

there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all.

Do you mean you have a long list of passwords and your passphrase is between one and five of them? I can help with that. What do you mean by "include wildcards"?

Can you provide a list of samples of what they would look like? You can substitute different words in. It'd make it easier to see what you're describing.

mackminer

sr. member

Activity: 348

Merit: 251

Hi, I have ruby etc. installed on my machine but I just need a script to do what I want.

My situation is that I have a combination of multiple passwords - there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all.

I can give more details if needs be. .5 of a bitcoin to someone that can get my wallet unlocked.

Thanks.

peta4e

hero member

Activity: 672

Merit: 500

I was able successfully to recover deleted wallets with software called photorec. Great software I am not affiliated in any way just want to mention it to others which face the same problem : ))

Justin00

legendary

Activity: 910

Merit: 1000

★YoBit.Net★ 350+ Coins Exchange & Dice

i have a massive dictionary file. Would be happy to try run her agianst someones wallet for a fee if I find it :] ?

goldbishop

member

Activity: 69

Merit: 10

Quote from: Revalin on December 18, 2013, 04:27:44 AM

Quote from: goldbishop on December 17, 2013, 06:28:24 PM

sorry but..how to luch deamon of PTS-qt? it doesn't have a deamon like bitcoin...

protoshares-qt.exe -server -rpcpassword=some-password -rpcport=8332

Edit: ok i set up it but it's noramal it say:

"password trying"
net/http: waring: content-type did not set; using application/x-www-form-urlencoded

??

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: bitcoma on December 17, 2013, 12:04:57 PM

Revalin, is your script compatible with Multibit?

Multibit doesn't have an RPC or command line interface I can use. I'll try using BitcoinJ to access it when I have some time.

Quote from: goldbishop on December 17, 2013, 06:28:24 PM

sorry but..how to luch deamon of PTS-qt? it doesn't have a deamon like bitcoin...

protoshares-qt.exe -server -rpcpassword=some-password -rpcport=8332

Quote from: madmooseman on December 18, 2013, 02:44:49 AM

Using this, I get the following errors:

It might be a paste error. Open the script in an editor and paste it back to me in a PM.

madmooseman

newbie

Activity: 9

Merit: 0

Quote from: Revalin on December 17, 2013, 01:35:57 AM

Sure:

Code:

#!/usr/bin/ruby
require "net/http"
require "json"

$rpc_pass = "rpc-pass"
words_a = ['hawaiian', 'dress', 'long-sleeve']
words_b = ['ford', 'toyota', 'camry']
words_c = ['australia', 'thailand', 'colombia']
words_d = ['fender', 'gibson', 'valencia']

def test(passphrase)
  puts passphrase.inspect
  request = Net::HTTP::Post.new("/")
  request.basic_auth "", $rpc_pass
  request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
  response = Net::HTTP.new("localhost", 8332).request(request)
  if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
  ret = JSON.parse response.body
  if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
  return if ret["error"]["code"] == -14 # wrong passphrase
  raise "WTF? #{ret.inspect}"
end

words_a.each do |a|
  words_b.each do |b|
    words_c.each do |c|
      words_d.each do |d|
        [a,b,c,d].permutation.each { |p| test p.join }
      end
    end
  end
end

puts "No luck."

Using this, I get the following errors:

http://puu.sh/5QpCL.png

Any ideas?

goldbishop

member

Activity: 69

Merit: 10

Quote from: Revalin on December 17, 2013, 02:17:53 AM

Quote from: goldbishop on December 16, 2013, 11:44:12 AM

another error:

Code:

(Errno::ECONNREFUSED)

That one means the script couldn't connect to your wallet via RPC. Check that the daemon is running with: -rpcpassword=some-password -rpcport=8332

sorry but..how to luch deamon of PTS-qt? it doesn't have a deamon like bitcoin...

bitcoma

newbie

Activity: 3

Merit: 0

Revalin, is your script compatible with Multibit?

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: goldbishop on December 16, 2013, 11:44:12 AM

another error:

Code:

(Errno::ECONNREFUSED)

That one means the script couldn't connect to your wallet via RPC. Check that the daemon is running with: -rpcpassword=some-password -rpcport=8332

Quote from: ?? on ??

1: I encrypted the wallet on a live ubuntu CD. Is there any difference in encoding?

I'm not sure. I suggest you test it with your exact setup. Create a new wallet with a short password, copy it onto the new system, and try the brute force script with a typo in the password. That will verify that everything is working correctly.

Quote

2: Is there any faster way to check the key, besides submitting a message to bitcoind? I am currently doing about 3-4 guesses per second which isn't cutting it so far

Bitcoin stretches the keys to about 0.1 seconds on the CPU where you create your wallet. 4 per second suggests you might be cracking on a slower CPU than the one where your wallet came from.

Submitting to bitcoind is pretty fast. Any of the RPC scripts should keep bitcoind at 99% CPU. Bitcoind itself is using OpenSSL which is also pretty fast. There's not much to optimize there.

Bitcoind only uses a single CPU. A multithreaded version would be several times faster.

GPUs would have less performance gain than mining, but they would help. You'll need someone with experience programming GPUs. I do not.

The best case for optimizing the number crunching is we could speed things up a few hundred times. You will get MUCH bigger gains by targeting the search better. It's easy to get literally a trillion-times speedup by narrowing the search criteria, so that's where I focus most of my time.

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: madmooseman on December 16, 2013, 09:50:09 AM

Is there any way this could be altered for multiple wordlists?

Eg. I am fairly sure I made the password from four wordlists.

For example, List A is shirt-themed (hawaiian, dress, long-sleeve, etc.)

List B is car-themed (ford, toyota, camry, etc.)

List C is country-themed (australia, thailand, colombia, etc.)

List D is guitar-themed (fender, gibson, valencia, etc.)

So it would try "hawaiianfordaustraliafender", "hawaiianfordaustraliagobson", etc.

Right now I am making it run all wordlists at once, but this is inefficient as it repeats words and it has a lot of combinations that I know are not correct (incorrect order, etc.)

Sure:

Code:

#!/usr/bin/ruby
require "net/http"
require "json"

$rpc_pass = "rpc-pass"
words_a = ['hawaiian', 'dress', 'long-sleeve']
words_b = ['ford', 'toyota', 'camry']
words_c = ['australia', 'thailand', 'colombia']
words_d = ['fender', 'gibson', 'valencia']

def test(passphrase)
  puts passphrase.inspect
  request = Net::HTTP::Post.new("/")
  request.basic_auth "", $rpc_pass
  request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
  response = Net::HTTP.new("localhost", 8332).request(request)
  if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
  ret = JSON.parse response.body
  if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
  return if ret["error"]["code"] == -14 # wrong passphrase
  raise "WTF? #{ret.inspect}"
end

words_a.each do |a|
  words_b.each do |b|
    words_c.each do |c|
      words_d.each do |d|
        [a,b,c,d].permutation.each { |p| test p.join }
      end
    end
  end
end

puts "No luck."

goldbishop

member

Activity: 69

Merit: 10

Quote from: Revalin on December 15, 2013, 05:13:22 PM

Quote from: goldbishop on December 15, 2013, 12:48:02 PM

uninitialized constant Net (NameError)

Whoops, paste error. I've fixed it above. The top of the script should look like this:

Code:

#!/usr/bin/ruby -w
require 'net/http'
require 'json'

another error:

Code:

C:\Users\Antonio\AppData\Roaming\ProtoShares>brute.rb
"psw "
C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:878:in `initialize': Impossibile stabi
lire la connessione. Rifiuto persistente del computer di destinazione. - connect
(2) (Errno::ECONNREFUSED)
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:878:in `open'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:878:in `block in connect'

        from C:/Ruby200-x64/lib/ruby/2.0.0/timeout.rb:52:in `timeout'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:877:in `connect'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:862:in `do_start'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:851:in `start'
        from C:/Ruby200-x64/lib/ruby/2.0.0/net/http.rb:1367:in `request'
        from C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:13:in `test'
        from C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:62:in `block
in '
        from C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:62:in `each'
        from C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:62:in `
'

madmooseman

newbie

Activity: 9

Merit: 0

Is there any way this could be altered for multiple wordlists?

Eg. I am fairly sure I made the password from four wordlists.

For example, List A is shirt-themed (hawaiian, dress, long-sleeve, etc.)

List B is car-themed (ford, toyota, camry, etc.)

List C is country-themed (australia, thailand, colombia, etc.)

List D is guitar-themed (fender, gibson, valencia, etc.)

So it would try "hawaiianfordaustraliafender", "hawaiianfordaustraliagobson", etc.

Right now I am making it run all wordlists at once, but this is inefficient as it repeats words and it has a lot of combinations that I know are not correct (incorrect order, etc.)

Topic: Encrypted wallet.dat, lost password, any solutions? - page 14. (Read 213559 times)