GPU brute forcing an encrypted wallet - page 5.

yourstruly

sr. member

Activity: 308

Merit: 250

thrasher.

Quote from: DannyHamilton on March 03, 2013, 09:52:36 PM

Quote from: yourstruly on March 03, 2013, 12:21:37 AM

This is going terribly slow though, but that is because I'm using CPU to try to crack this and I should take a lesson from the mining community and try to use my GPU through CUDA or OpenCL. I was wondering if anyone could help me adapt this script to python or a ruby OpenCL/CUDA library so that I can harness my GPU power to try to crack my password to recover it.

Mining involves generating hashes, which apparently GPU hashes are good at. I'm not sure what algorithm is used for encrypting your private keys, but I guess the first thing to figure out is if a GPU would be any good at that algorithm anyhow.

Then assuming that it is, I would think you could pull an encrypted private key from the wallet and repeatedly attempt to decrypt it, looking to see if the result is a valid private key without having to go back to bitcoind every time.

I will look into this, who knows if bitcoins keeps going up cracking wallets with lost passwords will be worth greater and greater investment. I was considering writing a short story about it.

DannyHamilton

legendary

Activity: 3472

Merit: 4801

Quote from: yourstruly on March 03, 2013, 12:21:37 AM

This is going terribly slow though, but that is because I'm using CPU to try to crack this and I should take a lesson from the mining community and try to use my GPU through CUDA or OpenCL. I was wondering if anyone could help me adapt this script to python or a ruby OpenCL/CUDA library so that I can harness my GPU power to try to crack my password to recover it.

Mining involves generating hashes, which apparently GPU shaders are good at. I'm not sure what algorithm is used for encrypting your private keys, but I guess the first thing to figure out is if a GPU would be any good at that algorithm anyhow.

Then assuming that it is, I would think you could pull an encrypted private key from the wallet and repeatedly attempt to decrypt it, looking to see if the result is a valid private key without having to go back to bitcoind every time.

yourstruly

sr. member

Activity: 308

Merit: 250

thrasher.

Quote from: kokjo on March 03, 2013, 04:59:36 AM

system("sudo bitcoind", "bruteforce", "basepassword" + phrase, "20")

WTF!! seriously how far up your butt are your head?
have you even tried cracking a password before, on your own?

SUDO Really?
the method you are using have way too much overhead to be anywhere possible even to crack a 4-char password.
1. you are comminucating with bitcoind over jsonrpc over http over tcp.
2. bitcoind are using berkeley DB, to check if the password s correct.

RLY? U CRAZY?

solution:
extract enough information from from wallet.dat, to be able to verify a password, look in berkeleyDB manuels, bitcoin source, and determent what is needed.
implement algoritm in some sort of GPU code(cuda, opencl,...) that do this efficient.

Yeah that line was bad, I fixed it.

I have no cracked before, you raise a great point that I had been noticing myself. My biggest bottleneck is the bitcoind client itself which is running on my CPU. The only way I could increase the speed is by running more bitcoind clients.

I will try to read more about your proposed solution, I think that is the right direction.

Quote from: alig23 on March 03, 2013, 05:18:47 AM

It would not work

Could you please elaborate?

alig23

newbie

Activity: 14

Merit: 0

Quote from: kokjo on March 03, 2013, 04:59:36 AM

system("sudo bitcoind", "bruteforce", "basepassword" + phrase, "20")

WTF!! seriously how far up your butt are your head?
have you even tried cracking a password before, on your own?

SUDO Really?
the method you are using have way too much overhead to be anywhere possible even to crack a 4-char password.
1. you are comminucating with bitcoind over jsonrpc over http over tcp.
2. bitcoind are using berkeley DB, to check if the password s correct.

RLY? U CRAZY?

solution:
extract enough information from from wallet.dat, to be able to verify a password, look in berkeleyDB manuels, bitcoin source, and determent what is needed.
implement algoritm in some sort of GPU code(cuda, opencl,...) that do this efficient.

It would not work

kokjo

legendary

Activity: 1050

Merit: 1000

You are WRONG!

system("sudo bitcoind", "bruteforce", "basepassword" + phrase, "20")

WTF!! seriously how far up your butt are your head?
have you even tried cracking a password before, on your own?

SUDO Really?
the method you are using have way too much overhead to be anywhere possible even to crack a 4-char password.
1. you are comminucating with bitcoind over jsonrpc over http over tcp.
2. bitcoind are using berkeley DB, to check if the password s correct.

RLY? U CRAZY?

solution:
extract enough information from from wallet.dat, to be able to verify a password, look in berkeleyDB manuels, bitcoin source, and determent what is needed.
implement algoritm in some sort of GPU code(cuda, opencl,...) that do this efficient.

peewee

newbie

Activity: 41

Merit: 0

An ambitious project...curious to see the outcome...and thanks for the reminder not to lose my wallet info Angry

yourstruly

sr. member

Activity: 308

Merit: 250

thrasher.

I lost my password to a wallet that had 20 bitcoins in it, its now worth my effort to retrieve it. I tried using Revalins script found here https://bitcointalksearch.org/topic/m.942171 without any luck.

So I have modified it to brute force based off a base password that I know is correct, so I'm only have to brute force between 6-8 characters which is feasible.

Code:

#!/usr/bin/ruby -w
class Cracker
  def initialize(char_array, password_range)
    @char_array = char_array
    @password_range = password_range
  end

  def password_correct?(phrase)
    print "basepassword" + phrase, "\t"
    system("./bitcoind walletpassphrase basepassword#{phrase} 20")
    case $?.exitstatus
    when 0
      puts "Found it!  basepassword#{phrase}"
      exit 0
    end
    return false
  end

  def generate_password( perm_number, password_length )
    password=""
    (1..password_length).each do |char_number| # loop through characters
      char_reference = (perm_number / @char_array.length**(char_number-1)).floor % @char_array.length
      character = @char_array[char_reference]
      password << character
    end
    password
  end

  def do_combination( num_combinations, password_length )
    (0..num_combinations-1).each do |perm_number| # loop through combinations for a given length
      password = generate_password( perm_number, password_length )
      return password, perm_number if password_correct?(password)
    end
  end

  def crack()
    (@password_range).each do |password_length|  # loop to gradually increase password length
      num_combinations=@char_array.length**password_length
      password, perm_number = do_combination(num_combinations, password_length)
      if password
        puts "#{password} | Access Granted | #{perm_number} / #{num_combinations}"
        return password
      end
    end
  end
end

# I removed characters I was sure I didn't use
characters = "!$@01235@ABCDEFGIKLMNOSTWYZabcdefgiklmnopqrstuwyz".split(//)

cracker = Cracker.new( characters, (6..8) )
password = cracker.crack()

puts "No luck."
exit 1

This is going terribly slow though, but that is because I'm using CPU to try to crack this and I should take a lesson from the mining community and try to use my GPU through CUDA or OpenCL. I was wondering if anyone could help me adapt this script to python or a ruby OpenCL/CUDA library so that I can harness my GPU power to try to crack my password to recover it.

If not perhaps this will help someone else who ends up losing their wallet password and needs to brute force it. At 3-5 characters this would work find with a Quadcore.

Topic: GPU brute forcing an encrypted wallet - page 5. (Read 16597 times)