Encrypted wallet.dat, lost password, any solutions? - page 15.

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: goldbishop on December 15, 2013, 11:48:02 AM

uninitialized constant Net (NameError)

Whoops, paste error. I've fixed it above. The top of the script should look like this:

Code:

#!/usr/bin/ruby -w
require 'net/http'
require 'json'

goldbishop

member

Activity: 69

Merit: 10

Quote from: Revalin on December 14, 2013, 07:44:34 PM

Quote from: goldbishop on December 14, 2013, 06:04:51 PM

i've lost my PTS & DTC wallet psw (The psw is the same at both) like bounty i offer 30% of my pts & 25% of my DTC!
i remember it but when i try to put it the wallet give a error
The psw was Ctrl+c & ctrl+v form a wikipedia page so i'm sure at 100% it is. but maybe i'm missing a space or something like that...thanks who will pm me!

You should check if that page has been edited.

If that doesn't work you can try the standard double-typo script:

Code:

#!/usr/bin/ruby -w

passphrase = 'oops i forgot'
$rpc_pass = "some-password"

def test(passphrase)
  puts passphrase.inspect
  request = Net::HTTP::Post.new("/")
  request.basic_auth "", $rpc_pass
  request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
  response = Net::HTTP.new("localhost", 8332).request(request)
  if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
  ret = JSON.parse response.body
  if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
  return if ret["error"]["code"] == -14 # wrong passphrase
  raise "WTF? #{ret.inspect}"
end

def scramble(passphrase)
  characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
  list = []

  # transpose adjacent chars
  (passphrase.length - 1).times do |i|
    testphrase = passphrase.dup
    testphrase[i] = passphrase[i+1]
    testphrase[i+1] = passphrase[i]
    list << testphrase
  end

  # delete one char
  passphrase.length.times do |i|
    testphrase = passphrase.dup
    testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
    list << testphrase
  end

  # substitutute one char
  passphrase.length.times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase[i] = c
      list << testphrase
    end
  end

  # insert one char
  (passphrase.length + 1).times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase.insert(i, c)
      list << testphrase
    end
  end

  return list.uniq
end

list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}
puts "No luck."
exit 1

Instructions are here: https://bitcointalksearch.org/topic/m.3746636
And here: https://bitcointalksearch.org/topic/m.3882236

Protoshares uses a different RPC port so either change it in the script above or start protoshares with -rpcport=8332 in addition to -rpcpassword=some-password .

Give it a try, and we'll help you get it working if you get stuck.

thanks for reply! btw i get this error:

Code:

C:\Users\Antonio\AppData\Roaming\ProtoShares>brute
"the psw "
C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:8:in `test': uninitialized
 constant Net (NameError)
        from C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:60:in `block
in '
        from C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:60:in `each'
        from C:/Users/Antonio/AppData/Roaming/ProtoShares/brute.rb:60:in `
'

C:\Users\Antonio\AppData\Roaming\ProtoShares>

jongameson

member

Activity: 84

Merit: 10

Update: I remembered an older version of the password stored on the wallet.dat on another computer

But thanks for the help. teenie BTC tip comin your way

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: jongameson on December 15, 2013, 01:49:16 AM

I don't have Electrum. I have feathercoin. I know the first 16 characters of the password, but the last 9-12 characters I am unsure of. can u make it so it is case insensitive, and try a 1-2 digit number at the end, with a ~ or ~~ after or before, I forgot..?

I think you got the Electrum script by accident. Try this one: https://bitcointalksearch.org/topic/m.3969951

We will need to narrow the password down more. Do you know approximately what the last 9-12 are, or are they completely unknown?

jongameson

member

Activity: 84

Merit: 10

I don't have Electrum. I have feathercoin. I know the first 16 characters of the password, but the last 9-12 characters I am unsure of. can u make it so it is case insensitive, and try a 1-2 digit number at the end, with a ~ or ~~ after or before, I forgot..?

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: jongameson on December 14, 2013, 08:07:51 PM

Quote from: user0244 on November 30, 2013, 05:05:20 PM

And now i get this error brute.rb:62in '

' : underfined method 'captures' for NilClass

seed_base64 = wallet.match(/'seed': '([^']+)'/).captures.first

That indicates the script couldn't find the seed in your Electrum wallet. Try putting this just above that line:

Code:

puts wallet

That will print out the raw wallet (it's just a text file for Electrum). Read through it and see if it has something like this: 'seed': 'a349iYLbPwas1O4mXdLDcg/N1RLK2Hb6oZdee7JLsf6J79EGZORmLY9+a5yBryFxKtPBl3WWUdFmNjEdEXo8dg=='

If it doesn't print anything it didn't load your wallet for some reason. If it doesn't have a seed it might be a different wallet version. If it does have a seed we'll have to find the bug in my script.

jongameson

member

Activity: 84

Merit: 10

Quote from: user0244 on November 30, 2013, 05:05:20 PM

Quote from: KieranJones1 on November 30, 2013, 03:34:53 PM

Are you typing "ruby brute.rb"? That's what you need to type.

If this still doesn't work, give me a slightly fuller explanation of exactly what you're trying to do and I'll see if I can solve this for you.

Thanks again
Just done that and got this error no such file or directory
So i removed the "" from the save file and just saved as brute.rb
And now i get this error brute.rb:62in '

' : underfined method 'captures' for NilClass

Getting closer?

Cheers

how do i fix this error?

here is line 62:

seed_base64 = wallet.match(/'seed': '([^']+)'/).captures.first

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: goldbishop on December 14, 2013, 06:04:51 PM

i've lost my PTS & DTC wallet psw (The psw is the same at both) like bounty i offer 30% of my pts & 25% of my DTC!
i remember it but when i try to put it the wallet give a error
The psw was Ctrl+c & ctrl+v form a wikipedia page so i'm sure at 100% it is. but maybe i'm missing a space or something like that...thanks who will pm me!

You should check if that page has been edited.

If that doesn't work you can try the standard double-typo script:

Code:

#!/usr/bin/ruby -w
require 'net/http'
require 'json'

passphrase = 'oops i forgot'
$rpc_pass = "some-password"

def test(passphrase)
  puts passphrase.inspect
  request = Net::HTTP::Post.new("/")
  request.basic_auth "", $rpc_pass
  request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
  response = Net::HTTP.new("localhost", 8332).request(request)
  if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
  ret = JSON.parse response.body
  if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
  return if ret["error"]["code"] == -14 # wrong passphrase
  raise "WTF? #{ret.inspect}"
end

def scramble(passphrase)
  characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
  list = []

  # transpose adjacent chars
  (passphrase.length - 1).times do |i|
    testphrase = passphrase.dup
    testphrase[i] = passphrase[i+1]
    testphrase[i+1] = passphrase[i]
    list << testphrase
  end

  # delete one char
  passphrase.length.times do |i|
    testphrase = passphrase.dup
    testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
    list << testphrase
  end

  # substitutute one char
  passphrase.length.times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase[i] = c
      list << testphrase
    end
  end

  # insert one char
  (passphrase.length + 1).times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase.insert(i, c)
      list << testphrase
    end
  end

  return list.uniq
end

list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}
puts "No luck."
exit 1

Instructions are here: https://bitcointalksearch.org/topic/m.3746636
And here: https://bitcointalksearch.org/topic/m.3882236

Protoshares uses a different RPC port so either change it in the script above or start protoshares with -rpcport=8332 in addition to -rpcpassword=some-password .

Give it a try, and we'll help you get it working if you get stuck.

goldbishop

member

Activity: 69

Merit: 10

i've lost my PTS & DTC wallet psw (The psw is the same at both) like bounty i offer 30% of my pts & 25% of my DTC!
i remember it but when i try to put it the wallet give a error
The psw was Ctrl+c & ctrl+v form a wikipedia page so i'm sure at 100% it is. but maybe i'm missing a space or something like that...thanks who will pm me!

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Sorry, my mistake. Change this:

words.repeated_permutation(n_words).each { |p| test p }

to this:

words.repeated_permutation(n_words).each { |p| test p.join }

madmooseman

newbie

Activity: 9

Merit: 0

Using that script, I get this error:

http://puu.sh/5LZZp.png

Only thing I changed was the word list.

Any ideas?

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: madmooseman on December 13, 2013, 10:47:54 PM

Is there any way to make the script not check passwords with spaces between them?

Sure:

Code:

#!/usr/bin/ruby
require "net/http"
require "json"

$rpc_pass = "rpc-pass"
words = ['pass1', 'pass2', 'pass3', 'pass4']
max_words = 4

def test(passphrase)
  puts passphrase.inspect
  request = Net::HTTP::Post.new("/")
  request.basic_auth "", $rpc_pass
  request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
  response = Net::HTTP.new("localhost", 8332).request(request)
  if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
  ret = JSON.parse response.body
  if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
  return if ret["error"]["code"] == -14 # wrong passphrase
  raise "WTF? #{ret.inspect}"
end

(1..max_words).each do |n_words|
  words.repeated_permutation(n_words).each { |p| test p.join }
end

puts "No luck."

This should be much faster. For a list of 30 words it will take less than a day, and 50 words will take about a week.

madmooseman

newbie

Activity: 9

Merit: 0

Quote from: tjc on December 13, 2013, 08:55:18 AM

Quote from: madmooseman on December 13, 2013, 02:45:02 AM

Great, that's running now. Thanks Revalin!

So when it's gone through them all I'll either get a "success: your password is: dontbeanidiot" or "no luck"?

EDIT: I still get "Incorrect RPC user/pass" even when starting bitcoind as "bitcoind -rpcpassword=rpc-pass". I renamed bitcoin.conf to bitcoin.conf.old like you said (in linux)

I've got it running on my windows machine, but it won't run in my ubuntu VM properly. I want to run it in the VM as it may take a while, and I can save the state of the VM and safely reboot my computer without losing the progress.

I misspoke in my write up. The rpc password is in the config file but i did not add it to the ruby script. I could not get it to run if I did. I do not understand the reasoning but that is how it worked for me. I have edited it.

Yeah alright, so what I did to get it running was to have the line "$rpc_pass = "rpc-pass"" in brute.rb and then start bitcoind as "bitcoind -rpcpassword=rpc-pass".

Is there any way to make the script not check passwords with spaces between them?

tjc

full member

Activity: 145

Merit: 100

Quote from: madmooseman on December 13, 2013, 02:45:02 AM

Great, that's running now. Thanks Revalin!

So when it's gone through them all I'll either get a "success: your password is: dontbeanidiot" or "no luck"?

EDIT: I still get "Incorrect RPC user/pass" even when starting bitcoind as "bitcoind -rpcpassword=rpc-pass". I renamed bitcoin.conf to bitcoin.conf.old like you said (in linux)

I've got it running on my windows machine, but it won't run in my ubuntu VM properly. I want to run it in the VM as it may take a while, and I can save the state of the VM and safely reboot my computer without losing the progress.

I misspoke in my write up. The rpc password is in the config file but i did not add it to the ruby script. I could not get it to run if I did. I do not understand the reasoning but that is how it worked for me. I have edited it.

madmooseman

newbie

Activity: 9

Merit: 0

Great, that's running now. Thanks Revalin!

So when it's gone through them all I'll either get a "success: your password is: dontbeanidiot" or "no luck"?

EDIT: I still get "Incorrect RPC user/pass" even when starting bitcoind as "bitcoind -rpcpassword=rpc-pass". I renamed bitcoin.conf to bitcoin.conf.old like you said (in linux)

I've got it running on my windows machine, but it won't run in my ubuntu VM properly. I want to run it in the VM as it may take a while, and I can save the state of the VM and safely reboot my computer without losing the progress.

Revalin

hero member

Activity: 728

Merit: 500

165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g

Quote from: madmooseman on December 12, 2013, 05:40:42 AM

I assume with this you have to navigate to the folder where brute.rb is?

Whether I run it on windows or ubuntu, I have the same problem - it says that my RPC password is incorrect, even when copying the password from the file.

I recommend that you rename bitcoin.conf to bitcoin.conf.old to disable it, then provide the password on the command line when you start Bitcoin:
C:\"Program Files (x86)"\Bitcoin\daemon\bitcoind -rpcpassword=rpc-pass

Quote

Here is the code I'm running (with my passwords censored)
(...)
My problem is that I have a list of words, but I don't know the order. I know that I used either 3 or 4 of these words.

That script is exactly what you need. Just fill in your list of words in this part: words = ['pass1', 'pass2', 'pass3', 'pass4']

madmooseman

newbie

Activity: 9

Merit: 0

Quote

type ruby brute.rb

The script should start running and you will see it fill with lines of attempted and failed passphrases. If it succeeds, it stops running and prints Found it! youractualpasscode

*Note: for step 4 above, I still do not know the proper way to make a config file for windows 7. I struggled with this and finally got something to work. If anyone can give some simple and complete instructions please add them.

I assume with this you have to navigate to the folder where brute.rb is?

Whether I run it on windows or ubuntu, I have the same problem - it says that my RPC password is incorrect, even when copying the password from the file.

It does try one guess first, but it isn't correct.

Here is the code I'm running (with my passwords censored)

Code:

#!/usr/bin/ruby
require "net/http"
require "json"

$rpc_pass = "rpc-pass"
words = ['pass1', 'pass2', 'pass3', 'pass4']
max_words = 4

def test(passphrase)
  puts passphrase.inspect
  request = Net::HTTP::Post.new("/")
  request.basic_auth "", $rpc_pass
  request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
  response = Net::HTTP.new("localhost", 8332).request(request)
  if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
  ret = JSON.parse response.body
  if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
  return if ret["error"]["code"] == -14 # wrong passphrase
  raise "WTF? #{ret.inspect}"
end

(1..max_words).each do |n_words|
  words.permutation(n_words).each do |perm|
    [" ", ""].repeated_permutation(perm.count + 2).each do |j|
      test(["", *perm, ""].zip(j).join)
    end
  end
end

puts "No luck."

My problem is that I have a list of words, but I don't know the order. I know that I used either 3 or 4 of these words.

I also have seen people saying to use John the Ripper on this, but I can't for the life of me work it out.

Alternatively, I can offer a "pretty decent" reward if someone can get it based on the lists of possible passwords, the mkey section of the wallet and whatever else you need (short of the wallet file itself).

Any help would be much appreciated.

tjc

full member

Activity: 145

Merit: 100

After about 12 hours of working on it, I successfully ran the script and found my actual passcode for both a Bitcoin and Litecoin wallet within hours of running the script. They were 20 character random passphrases. For Bitcoin, the problem was a character deletion. For Litecoin, it was a mistyped character.

This successfully ended a 4 day stressful quest during which I learned a lot. It was very frustrating at times but ultimately rewarding in a sense of personal accomplishment. I do not have any coding experience and no Windows admin experience. With the kind help and recorded knowledge of posters to this forum thread I was able to figure it out. For those of you this comes easy, good on you. But remember there are those of us out there who have to work really hard to understand this stuff and make it work.

What follows is a laymen’s description of how to get this to work in Windows 7. Hopefully other novice users like me will find it useful if they come across this. I apologize for any errors or misinformation - hopefully it can be corrected by others who know more.

Revalin's ruby passcode cracking script workflow for Windows 7 for both Bitcoin and Litecoin wallets.

(If needed, substutue Litecoin and litcoind for Bitcoin and bitcoind in the instructions below.)

Preparation Phase:

1) Install Ruby 1.9 or newer for Windows http://rubyinstaller.org/downloads/

2) Choose one of the scripts in this thread that best fits your needs. (I chose a version recorded here http://pastebin.com/nWTBxPES - but frankly do not recall how I came across the link). Cut and paste the script into Notepad and save as "brute.rb" using the quotations. Right click on the file and open it in edit. Edit the top of the script putting your expected passphrase between the quotations in the line passphrase = "oops". Save the changes. I saved it to the desktop.

3) Drag and drop that brute.rb file into the folder C:\Program Files (x86)\Bitcoin\daemon. It will then be in a folder with the bitcoind application file.

*4) Add a config file for bitcoind at C:\Users\addyourusername\AppData\Roaming (or wherever your computer has the wallet.dat file for Bitcoin-qt). Name the config file bitcoin.conf and put the following in it:

rpcuser=bitcoinrpc
rpcpassword=anypassword (apparently any random password will work here)

Note: Other instructions call for adding the line rpcpassword=anypassword to the ruby script. This did not work for me and only worked when I did not add it to the script.

Running Phase:

1) Navigate to C:\Program Files (x86)\Bitcoin\daemon. Double click on the bitcoind application. An empty command promp will open (not even a blinking cursor) with C:\Program Files (x86)\Bitcoin\daemon\bitcoind.exe in the title bar. Leave this open and running.

2) Open the Windows start button and type Ruby in the search bar. Then select and open Start Command Prompt with Ruby. A command propt will open with some version of the following: ruby 1.9.3p484 (2013-11-22) [i386-ming32] and a blinking cursor at C:\Users\yourusername>

type ruby brute.rb

The script should start running and you will see it fill with lines of attempted and failed passphrases. If it succeeds, it stops running and prints Found it! youractualpasscode

*Note: for step 4 above, I still do not know the proper way to make a config file for windows 7. I struggled with this and finally got something to work. If anyone can give some simple and complete instructions please add them.

george51

newbie

Activity: 38

Merit: 0

Quote from: Revalin on March 07, 2013, 03:37:22 AM

Here's another version customized for a specific request. In this case he knows the start and end of his passphrase, but he forgot the number in between except that it definitely doesn't have any zeroes. Just edit in the parts you know where it says "pass" and "word".

This may be useful for anyone in a "missing number" situation. You can set the start or end to "" (empty string) if the mystery number is at the end or beginning, and you can add 0 to the list of digits if yours might have a zero.

Code:

#!/usr/bin/ruby -w

start = "pass"
finish = "word"

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

(0..20).each do |length|
  [1,2,3,4,5,6,7,8,9].repeated_permutation(length) do |digits|
    test(start + digits.join + finish)
  end
end

Any chance you could find one where I know the start and the end, but the middle contains a set of numbers, letters and symbols(of which I know most)?

amitweil

newbie

Activity: 4

Merit: 0

Hi,

im trying the 2112's script (powershell) but im getting this error and i have no idea what to do

the error "the underlying connection was closed: the connection closed unexpectidely".

anyone has a clue?

Topic: Encrypted wallet.dat, lost password, any solutions? - page 15. (Read 213600 times)