Pages:
Author

Topic: Has anyone here been able to decode the backup of bitcoin wallet (schildbatch)? (Read 4653 times)

newbie
Activity: 21
Merit: 1
The second one - openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted . Using the Gitbash terminal on Windows, this command just returns nothing. No error, but nothing happens it just sits on the next line and there is no output file created in the directory. Am I doing something wrong here?
I am not overly familiar with "git bash", but I don't think you can use "general" Linux commands with it... it seems to be a "git" specific terminal emulator, ie. it's really only designed for working with "git" and not with general unix/linux shell commands. Huh

You'd either need to setup something like Cygwin and use openssl with that, refer: https://www.ssl.com/how-to/install-openssl-on-windows-with-cygwin/
or
Install/Setup the Windows Subsystem for Linux (WSL) and install a linux distro like Ubuntu, refer: https://ubuntu.com/wsl


Also, I downloaded the oldest Bitcoin Wallet APK that I could find from the app github (version v3.11). I installed it on the Bluestacks Android Emulator and then created an encrypted "wallet-keys" export file... after mucking around in Ubuntu (in WSL) trying to decrypt this export with "openssl", I found a stackexchange comment that indicated that "old versions of OpenSSL" used a different hash function when generating the encrypt/decrypt key from the user entered passphrase... essentially, they moved from MD5 to SHA-256 by default:
Why do I get errors when trying to decrypt 1.0.2 data with 1.1.0?

A message digest is used to create the encrypt/decrypt key from a human-entered passphrase. In OpenSSL 1.1.0 we changed from MD5 to SHA-256. We did this as part of an overall change to move away from the now-insecure and broken MD5 algorithm. If you have old files, use the "-md md5" flag to decrypt them.
(NOTE: I suspect this is also why newer versions of the app cannot read older backup files!)


So, by adding the "-md md5" flag to the command, the decrypt (of "old" files) works:
Code:
openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted -md md5




For reference, here is my "test" data...

Contents of my bitcoin-wallet-keys file:
Code: (bitcoin-wallet-keys-2020-11-17)
U2FsdGVkX19z6mv24j7b4xi3wJz77mt7uYVNdyh4OwBTuQ0dESxIAW58AfW+4Ik9asXc3SV1X3lM
6R1uHe/ulIjYv5Bkylv4ZtWPYnM5Jl6TMRWX1Q+7cCFBt3BKMdVLNCV8OcGofEs23XhWLT/j/YoH
C+0PfcS21mNjF0u42PVa9BJYBx4JfHSvwx0R3GjubszONRp+XRZZoJnU0Re7BzT+OELp8VLJfobO
HQ1sfwg=
Can be downloaded here: https://keybase.pub/hcp/bitcoin-wallet-keys-2020-11-17


commandline:
Code:
openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-2020-11-17 -out bitcoin-wallet-keys-2020-11-17-decrypted -md md5


Contents of the generated "out" file
Code: (bitcoin-wallet-keys-2020-11-17-decrypted)
# KEEP YOUR PRIVATE KEYS SAFE! Anyone who can read this can spend your Bitcoins.
L4oyNUNUhDPx5Vd3eShN8Q3fc7MeMxcGQA4WseU8Ys6Ebs7y8FKx 2020-11-17T05:08:03Z

Installed Ubuntu on a VirtualBox and followed your instructions down to the letter. It worked.

Thank you so much HCP - you went above and beyond here. Legend.

Really appreciated.
HCP
legendary
Activity: 2086
Merit: 4363
Installed Ubuntu on a VirtualBox and followed your instructions down to the letter. It worked.

Thank you so much HCP - you went above and beyond here. Legend.

Really appreciated.
Awesome, glad you got it sorted...

I wish I had know about this "-md md5" business a couple of years ago when the whole multibit shutting down thing kicked off. There were a lot of people struggling with various multibit backup files and "incorrect password" issues... I now suspect that this might also be the reason why the openssl method did not work for a lot of people back then. Undecided
HCP
legendary
Activity: 2086
Merit: 4363
The second one - openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted . Using the Gitbash terminal on Windows, this command just returns nothing. No error, but nothing happens it just sits on the next line and there is no output file created in the directory. Am I doing something wrong here?
I am not overly familiar with "git bash", but I don't think you can use "general" Linux commands with it... it seems to be a "git" specific terminal emulator, ie. it's really only designed for working with "git" and not with general unix/linux shell commands. Huh

You'd either need to setup something like Cygwin and use openssl with that, refer: https://www.ssl.com/how-to/install-openssl-on-windows-with-cygwin/
or
Install/Setup the Windows Subsystem for Linux (WSL) and install a linux distro like Ubuntu, refer: https://ubuntu.com/wsl


Also, I downloaded the oldest Bitcoin Wallet APK that I could find from the app github (version v3.11). I installed it on the Bluestacks Android Emulator and then created an encrypted "wallet-keys" export file... after mucking around in Ubuntu (in WSL) trying to decrypt this export with "openssl", I found a stackexchange comment that indicated that "old versions of OpenSSL" used a different hash function when generating the encrypt/decrypt key from the user entered passphrase... essentially, they moved from MD5 to SHA-256 by default:
Why do I get errors when trying to decrypt 1.0.2 data with 1.1.0?

A message digest is used to create the encrypt/decrypt key from a human-entered passphrase. In OpenSSL 1.1.0 we changed from MD5 to SHA-256. We did this as part of an overall change to move away from the now-insecure and broken MD5 algorithm. If you have old files, use the "-md md5" flag to decrypt them.
(NOTE: I suspect this is also why newer versions of the app cannot read older backup files!)


So, by adding the "-md md5" flag to the command, the decrypt (of "old" files) works:
Code:
openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted -md md5




For reference, here is my "test" data...

Contents of my bitcoin-wallet-keys file:
Code: (bitcoin-wallet-keys-2020-11-17)
U2FsdGVkX19z6mv24j7b4xi3wJz77mt7uYVNdyh4OwBTuQ0dESxIAW58AfW+4Ik9asXc3SV1X3lM
6R1uHe/ulIjYv5Bkylv4ZtWPYnM5Jl6TMRWX1Q+7cCFBt3BKMdVLNCV8OcGofEs23XhWLT/j/YoH
C+0PfcS21mNjF0u42PVa9BJYBx4JfHSvwx0R3GjubszONRp+XRZZoJnU0Re7BzT+OELp8VLJfobO
HQ1sfwg=
Can be downloaded here: https://keybase.pub/hcp/bitcoin-wallet-keys-2020-11-17


commandline:
Code:
openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-2020-11-17 -out bitcoin-wallet-keys-2020-11-17-decrypted -md md5


Contents of the generated "out" file
Code: (bitcoin-wallet-keys-2020-11-17-decrypted)
# KEEP YOUR PRIVATE KEYS SAFE! Anyone who can read this can spend your Bitcoins.
L4oyNUNUhDPx5Vd3eShN8Q3fc7MeMxcGQA4WseU8Ys6Ebs7y8FKx 2020-11-17T05:08:03Z
newbie
Activity: 21
Merit: 1
I believe that is likely to be the same encryption method, just it's private keys instead of the "protobuf" formatted wallet file.

Have you tried using a more recent version of the wallet application (ie. Bitcoin Wallet for Android) and importing the "bitcoin-wallet-keys-YYYY-MM-DD" file?

If that doesn't work, you might be able to decrypt the file using the openssl command with your bitcoin-wallet-keys-YYYY-MM-DD file:
Code:
openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted

Assuming that works without error, if you open the "decrypted" file in a text editor... do you see the keys listed? Huh

Thank you for the reply HCP.

I have tried installing the latest version of the schildbatch wallet as you suggested, and attempted to import the keys using the restore wallet function but unfortunately it just returns the error "Wallet could not be restored - unreadable wallet".

The second one - openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted . Using the Gitbash terminal on Windows, this command just returns nothing. No error, but nothing happens it just sits on the next line and there is no output file created in the directory. Am I doing something wrong here?
HCP
legendary
Activity: 2086
Merit: 4363
I believe that is likely to be the same encryption method, just it's private keys instead of the "protobuf" formatted wallet file.

Have you tried using a more recent version of the wallet application (ie. Bitcoin Wallet for Android) and importing the "bitcoin-wallet-keys-YYYY-MM-DD" file?

If that doesn't work, you might be able to decrypt the file using the openssl command with your bitcoin-wallet-keys-YYYY-MM-DD file:
Code:
openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted

Assuming that works without error, if you open the "decrypted" file in a text editor... do you see the keys listed? Huh
newbie
Activity: 21
Merit: 1
HCP
legendary
Activity: 2086
Merit: 4363
I tried using your programme, but I get an error saying "hardly not in wordlist, did you mean barely?" I clearly don't mean "barely" - is "hardly" a word you can add to your list? Thanks! Smiley Smiley Smiley
No. The full wordlist is here: https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt

As you can see, hardly is not there... "hard" is... maybe try that. If it doesn't work, you'll probably need to try the "seed recovery" script included as part of "btcrecover" to try and figure out what the correct word is supposed to be: https://github.com/gurnec/btcrecover/blob/master/docs/Seedrecover_Quick_Start_Guide.md

newbie
Activity: 1
Merit: 0
I tried using your programme, but I get an error saying "hardly not in wordlist, did you mean barely?" I clearly don't mean "barely" - is "hardly" a word you can add to your list? Thanks! Smiley Smiley Smiley



I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0
https://i.imgur.com/WuGrlZW.png

All your addresses/keys will be displayed at the bottom.
https://i.imgur.com/uSffCRl.png


NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!
https://i.imgur.com/fC22trW.png
newbie
Activity: 1
Merit: 0
I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data!
...

I have decrypted the wallet backup file from the android app (same as the one mentioned in first post) using this command

Code:
openssl enc -d -aes-256-cbc -a -in bcw -out bcw_decrypted
I have found my 12 word Mnemonic, I put it in the tool with suggested settings. I have received addresses, four that I recognize, however my first ever used address is not listed. Note that it is a very old address since 2013, maybe some configuration has changed?

See in the screenshot my first address 1JunK8dbYKp1pJEeTqmdWq3aburcHuRgAT and also my current generated address that matches the second screenshot from the tool. Any advice would be appreciated. Thanks!

http://soubori.qry.me/cryptowallet_1.png
http://soubori.qry.me/cryptowallet_2.jpg
newbie
Activity: 37
Merit: 0
I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

@HCP
Unfortunately if the wallet has spending PIN or password (not backup password) decrypt_bitcoinj_seed still wants to enter it Sad
The program first prompt for backup password (or not if the file is decrypted) and then prompts "This wallet's seed is encrypted with a PIN or password, please enter it:"
If I enter the correct password it shows the seed.
Is there a way to recover the seed or private keys from encrypted android wallet??
(well btcrecover can do it but has speed 10 passwords/sec not so efficient)
I am able to dump encrypted seed and private keys with bitcoinj:
./wallet-tool raw-dump --dump-privkeys --password=XXX --wallet=backpassremoved > backpassremoved_dmp

this is example empty wallet, I get this:
...
key {
  type: DETERMINISTIC_MNEMONIC
  creation_timestamp: 1506101580000
  encrypted_data {
    initialisation_vector: "|A\274\361c\214\2121\220\203%\3247\r}\357"
    encrypted_private_key: "K\264=\256D\255\"\235\340\336\001R\310A\276\377\203 -\017?\353\251\353Y\340\310\356Y5(
\217<\221\243\253\326\370\376\026lr1D\006\203\300k\v\004q\356\313\377\243\361>\037hI\b\365\213w\326\340\320\344[\2
04\021\314\275\242\222\333I\332S"
  }
  encrypted_deterministic_seed {
    initialisation_vector: "\210\365\345\004J\357\323\376\243\344\227G\323\243\220K"
    encrypted_private_key: "\222\256N\365P8Nk\2750\n\377 \215\366\fO1dzP\221\274S\377m]R\021Qa\262\201{\004\024[uO
]\"\034\300x\201I\343\017m\fQ\214l\030\274\262\371\335\314\334*\242\034}\350\336\023\356\t\340\336q(\027\256\320a\
275\226"
  }
}
key {
  type: DETERMINISTIC_KEY
  public_key: "\003gN6\'\353\322\347\034\320\026\032\217+^\275\034\242\233\234t\022\"\277\227\356\335\030\353\377\
270\374\356"
  creation_timestamp: 1506101580000
  encrypted_data {
    initialisation_vector: "\022\223{\312@q\350\217wy\373\246\331q\316\363"
    encrypted_private_key: "y\367,\361i\223m\315\364\360\225^\362\v7G\032A\262\250i(\005je)\250\2630p\347\346`\241
t\000\272\256\210u\212?\377\304\313\201@\360"
  }
...
and so on...
is there a way to covert it for John The Ripper or hashcat readable hash format???

newbie
Activity: 1
Merit: 0
I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0
https://i.imgur.com/WuGrlZW.png

All your addresses/keys will be displayed at the bottom.
https://i.imgur.com/uSffCRl.png


NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!
https://i.imgur.com/fC22trW.png

Hi HCP, I was happy to see you create a script so I can claim my BCC, unfortunally I receive the same seed or psw is incorrect (which it is not)

Can you please help me I buy you more than a one beer.

Many thanks in advance!
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I use multibit to take the private key but this one is also good

I'd advise you stop using multibit and start using electrum instead. As multibit is no longer being developed on as the developers gave up on it so it is no longer reieving any fixes.

Thanks for advise. Its just an old account and no longer use wallet. I like use it several years ago, when "light" wallet still not many.

Yes. I don't recall there being many light wallets when i started either (though that wasn't so long ago as it was 2015 when I started). I resorted to using an exchange to store my coins which is also now considered a bad idea (possibly worse than using multibit).
hero member
Activity: 854
Merit: 502
I use multibit to take the private key but this one is also good

I'd advise you stop using multibit and start using electrum instead. As multibit is no longer being developed on as the developers gave up on it so it is no longer reieving any fixes.

Thanks for advise. Its just an old account and no longer use wallet. I like use it several years ago, when "light" wallet still not many.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I use multibit to take the private key but this one is also good

I'd advise you stop using multibit and start using electrum instead. As multibit is no longer being developed on as the developers gave up on it so it is no longer reieving any fixes.
hero member
Activity: 854
Merit: 502
I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0


All your addresses/keys will be displayed at the bottom.



NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!


I use multibit to take the private key but this one is also good
hero member
Activity: 1120
Merit: 540
Duelbits - Play for Free | Win for Real
Hi, I am a complete noob to the whole thing and have been racking my brain trying to figure this stuff out for a week or so. I got through the part where the first decrypt_bitcoinj_seed  spit out the words and I copied it into an offline copy of the page. However following the instructions I get as many keys at the bottom as I select. If I say to view 20 I get 20 if I say `180 it is 180 I have only used the wallet for a half a dozen transactions. I am not sure what I am doing wrong. I am trying to get the keys so I can get the Bit Coin Cash but so far it looks like it is just going to be stuck there. Can you shed some light on what I might be doing wrong?
 Also- I thought I would mention, none of the public addresses shown match any of the ones I can see in the wallet.
You can also import this bitcoin wallet seed to Electrum, bitcoin wallet is compatible with multibit HD because it has the same bitcoin wallet seed generation scheme. See it:
Code:
https://www.youtube.com/watch?v=E-KcY6KUVnY

Are you sure it can be done with electrum?

ThomasV cancelled support in the BIP39 seed types in the most recent version of electrum.

(P.S, if you can't find the previous versions, I have copies of 2.8.3 and 2.6.3 if neccessary but there should be a mirror of the different types somewhere - maybe on their site).

EDIT: Here's the previous releases as a list - you're looking for anything before about 2.9: https://download.electrum.org/
Did you watch the video?
Quote
hero member
Activity: 1120
Merit: 540
Duelbits - Play for Free | Win for Real
Hi, I am a complete noob to the whole thing and have been racking my brain trying to figure this stuff out for a week or so. I got through the part where the first decrypt_bitcoinj_seed  spit out the words and I copied it into an offline copy of the page. However following the instructions I get as many keys at the bottom as I select. If I say to view 20 I get 20 if I say `180 it is 180 I have only used the wallet for a half a dozen transactions. I am not sure what I am doing wrong. I am trying to get the keys so I can get the Bit Coin Cash but so far it looks like it is just going to be stuck there. Can you shed some light on what I might be doing wrong?
 Also- I thought I would mention, none of the public addresses shown match any of the ones I can see in the wallet.
You can also import this bitcoin wallet seed to Electrum, bitcoin wallet is compatible with multibit HD because it has the same bitcoin wallet seed generation scheme. See it:
Code:
https://www.youtube.com/watch?v=E-KcY6KUVnY
HCP
legendary
Activity: 2086
Merit: 4363
If the addresses do not match, then the "Derivation Path" you are using is most likely incorrect. Double check that you have used:

m/0'/0

and

m/0'/1

The ' (apostrophe) characters are important!
newbie
Activity: 1
Merit: 0
Hi, I am a complete noob to the whole thing and have been racking my brain trying to figure this stuff out for a week or so. I got through the part where the first decrypt_bitcoinj_seed  spit out the words and I copied it into an offline copy of the page. However following the instructions I get as many keys at the bottom as I select. If I say to view 20 I get 20 if I say `180 it is 180 I have only used the wallet for a half a dozen transactions. I am not sure what I am doing wrong. I am trying to get the keys so I can get the Bit Coin Cash but so far it looks like it is just going to be stuck there. Can you shed some light on what I might be doing wrong?
 Also- I thought I would mention, none of the public addresses shown match any of the ones I can see in the wallet.
hero member
Activity: 1120
Merit: 540
Duelbits - Play for Free | Win for Real
Pages:
Jump to: