Help me to recover 33.54 BTC from a corrupt wallet.dat, I'll pay you a Reward! - page 3.

stevewig

newbie

Activity: 15

Merit: 0

think I may be able to help you.

youll need a Linux box & a blank usb stick

tomasooz

newbie

Activity: 4

Merit: 0

Did you find a solution for issue?

Thanks!

CntryBoy

sr. member

Activity: 1008

Merit: 251

I have a similar issue with a wallet.dat file, although not nearly as many BTC as OP. Tagging this post to keep an eye out for a possible solution. GL OP to recover it, that is a ton of cash just hanging out there.

KicKfrBcn

newbie

Activity: 4

Merit: 0

Jackg/ketubi..

FYI.. Almost similar issue in reddit Wink

https://www.reddit.com/r/Bitcoin/comments/1crbne/corrupted_walletdat_with_18_btc_possible_to/

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

Quote from: KicKfrBcn on December 16, 2017, 04:23:58 PM

Hi ketubi,

Give this a try..!!!

Make sure you have a extra backup

first take the wallet.dat file and split into two wallet.dat files(likely one with 80/90% data and the other with remaining)...

once you are ready with two files.. try placing the first wallet.dat file you have made and start bitcoin-qt...

if it works.. you will get to the point where you have 33.54 BTC

if you still get the error then try to remove more lines present at the last... and again start bitcoin-qt with new file

Hope this works..!! Revert BACK ..!!

Thanks,
KicKforBcn

Afaik, it doesn't append linearly new data at the end.

Quote from: ?? on ??

If I help you, what reward could I have?

Help to help the community, don't consider a monetary reward of a reason to help. Next we'll get someone asking him to sign the address with the 34btc in it. Grin

@KicKfrBcn good find, it was from four years ago but mainly the same suggestions as what is on this thread, with extra info too!

KicKfrBcn

newbie

Activity: 4

Merit: 0

Hi ketubi,

Give this a try..!!!

Make sure you have a extra backup

first take the wallet.dat file and split into two wallet.dat files(likely one with 80/90% data and the other with remaining)...

once you are ready with two files.. try placing the first wallet.dat file you have made and start bitcoin-qt...

if it works.. you will get to the point where you have 33.54 BTC

if you still get the error then try to remove more lines present at the last... and again start bitcoin-qt with new file

Hope this works..!! Revert BACK ..!!

Thanks,
KicKforBcn

CryptoMamma

newbie

Activity: 13

Merit: 0

Geesh! I thought I had problems. I hope you manage to recover. I'm praying for you! Sending you good vibes.

SopaXT

full member

Activity: 157

Merit: 113

If reading the database using the script above doesn't succeed, you can also try searching your wallet file for the hex string: "0201010420'.
It's the common value of a private key data field, and a 32 byte (64 hex characters) private key will follow.

EDIT: According to this: http://www.radjaidjah.org/index.php?post/2014/09/07/Sauver-ses-bitcoins-de-la-corruption, the full hex prefix is "fd1701308201130201010420".

kahc

member

Activity: 350

Merit: 13

Your unencrypted wallet.dat sounds pretty messed up if not even one 'key' related entry was found.

Take a look at this https://github.com/bitcoin/bitcoin/blob/48b5b84ee511d5ccd0d47bb0018c1b3c9ddebeff/src/wallet/walletdb.cpp
There should be plenty of entries starting or ending with 'key'.

Guess you have to resort to: https://walletrecoveryservices.com/ afterall.

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

Quote from: ketubi on December 16, 2017, 02:36:09 AM

Thanks for the response, i tried to dump my wallet and i get "error un dump page". See the image

You can't dump a corrupt wallet to json as it won't have the correct format.

Quote from: SopaXT on December 16, 2017, 09:50:28 AM

I quickly wrote a small Python script for parsing a wallet and dumping the private keys from it (run with Python 2):

Code:

import sys
import struct
from bsddb.db import *
from hashlib import sha256

# Dumps the private keys from a wallet.dat file.
# Inspired by pywallet.
# Credits: https://bitcoin.stackexchange.com/questions/13681/opening-wallet-dat-in-python-using-bsddb3

B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"

if not len(sys.argv) == 2:
    print("Usage: %s " % sys.argv[2])
    sys.exit(1)

def read_size(buffer, offset):
    size = ord(buffer[offset])
    offset += 1

    if size == 0xfd:
        size = struct.unpack_from("        offset += 2
    if size == 0xfe:
        size = struct.unpack_from("        offset += 4
    if size == 0xff:
        size = struct.unpack_from("        offset += 8

    return offset, size

def read_string(buffer, offset):
    offset, string_len = read_size(buffer, offset)
    return offset + string_len, buffer[offset: offset + string_len]

def b58_encode(d):
    out = ""
    p = 0
    x = 0

    while ord(d[0]) == 0:
        out += "1"
        d = d[1:]

    for i, v in enumerate(d[::-1]):
        x += ord(v)*(256**i)

    while x > 58**(p+1):
        p += 1

    while p >= 0:
        a, x = divmod(x, 58**p)
        out += B58[a]
        p -= 1

    return out

def b58check_encode(d):
    checksum = sha256(sha256(d).digest()).digest()[:4]
    return b58_encode(d + checksum)


db = DB()
db.open(sys.argv[1], "main", DB_BTREE, DB_RDONLY)

items = db.items()

for item in items:
    k, v = item
    koff, voff = 0, 0
    koff, item_type = read_string(k, koff)

    if item_type == "key":
        koff, pubkey = read_string(k, koff)
        voff, privkey = read_string(v, voff)

        if len(privkey) == 279:
            secret = privkey[9:9+32]
        else:
            secret = privkey[8:8+32]

        if pubkey[0] != "\x04":
            secret += "\x01"

        print(b58check_encode("\x80" + secret))
db.close()

It's very simple, and outputs a bunch of WIF private keys (you can paste them into Electrum's Sweep dialog for example, but if there's many of them, it's going to take a while to check their balances, so be patient.
NOTE: the method of working with the database used here is different from pywallet's. It may work better on corrupted wallets.

A pip install of the bsddb may be required.

You might also be able to get bitcointools to turn a private key from one of the mentioned scripts and convert it to an address to scan for a balance on blockchain.info's API.

Quote from: ketubi on December 16, 2017, 02:44:37 AM

Quote from: jackg on December 15, 2017, 08:23:21 PM

The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?

Thanks for the response, my client doesn't have the original drive where the wallet was not corrupted.

How do you know this is your exact wallet.dat? Do you just think it's for bitcoin or had you put it on a specific drive to back it up which it got corrupted on. Do you have any backups of the corrupted wallet also as in if you did a full system backup at the time that you still have a copy of?

SopaXT

full member

Activity: 157

Merit: 113

I quickly wrote a small Python script for parsing a wallet and dumping the private keys from it (run with Python 2):

Code:

import sys
import struct
from bsddb.db import *
from hashlib import sha256

# Dumps the private keys from a wallet.dat file.
# Inspired by pywallet.
# Credits: https://bitcoin.stackexchange.com/questions/13681/opening-wallet-dat-in-python-using-bsddb3

B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"

if not len(sys.argv) == 2:
    print("Usage: %s " % sys.argv[2])
    sys.exit(1)

def read_size(buffer, offset):
    size = ord(buffer[offset])
    offset += 1

    if size == 0xfd:
        size = struct.unpack_from("        offset += 2
    if size == 0xfe:
        size = struct.unpack_from("        offset += 4
    if size == 0xff:
        size = struct.unpack_from("        offset += 8

    return offset, size

def read_string(buffer, offset):
    offset, string_len = read_size(buffer, offset)
    return offset + string_len, buffer[offset: offset + string_len]

def b58_encode(d):
    out = ""
    p = 0
    x = 0

    while ord(d[0]) == 0:
        out += "1"
        d = d[1:]

    for i, v in enumerate(d[::-1]):
        x += ord(v)*(256**i)

    while x > 58**(p+1):
        p += 1

    while p >= 0:
        a, x = divmod(x, 58**p)
        out += B58[a]
        p -= 1

    return out

def b58check_encode(d):
    checksum = sha256(sha256(d).digest()).digest()[:4]
    return b58_encode(d + checksum)


db = DB()
db.open(sys.argv[1], "main", DB_BTREE, DB_RDONLY)

items = db.items()

for item in items:
    k, v = item
    koff, voff = 0, 0
    koff, item_type = read_string(k, koff)

    if item_type == "key":
        koff, pubkey = read_string(k, koff)
        voff, privkey = read_string(v, voff)

        if len(privkey) == 279:
            secret = privkey[9:9+32]
        else:
            secret = privkey[8:8+32]

        if pubkey[0] != "\x04":
            secret += "\x01"

        print(b58check_encode("\x80" + secret))
db.close()

It's very simple, and outputs a bunch of WIF private keys (you can paste them into Electrum's Sweep dialog for example, but if there's many of them, it's going to take a while to check their balances, so be patient.
NOTE: the method of working with the database used here is different from pywallet's. It may work better on corrupted wallets.

NOTE:

Code:

pip install bsddb

may be required, as noted by jackg below.

racquemis

full member

Activity: 174

Merit: 100

Quote from: PaulSasquatch on December 16, 2017, 06:16:19 AM

I don't understand. Why not use Bitcoin Core for this? I had an old wallet.dat from 2013 that worked well when I put it back in place from a stick this year.

The file is corrupted... Read ops post.

PaulSasquatch

newbie

Activity: 12

Merit: 0

I don't understand. Why not use Bitcoin Core for this? I had an old wallet.dat from 2013 that worked well when I put it back in place from a stick this year.

Bitsky

hero member

Activity: 576

Merit: 514

You might want to ask these guys: https://walletrecoveryservices.com/ after you exhausted everything you can try yourself.
They seem to have a good reputation.

ketubi

newbie

Activity: 4

Merit: 0

Quote from: jackg on December 15, 2017, 08:23:21 PM

The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?

Thanks for the response, my client doesn't have the original drive where the wallet was not corrupted.

ketubi

newbie

Activity: 4

Merit: 0

Thanks for the response, i tried to dump my wallet and i get "error un dump page". See the image

https://drive.google.com/file/d/1VriRG4hyGxcqBNRL5QL7x7Wzl4QR185X/view?usp=sharing

ccie38216

newbie

Activity: 9

Merit: 0

Hopefully you have an orginal backup copy of your wallet.dat prior to trying to "recover" it.

Download pywallet and launch it, the web interface is pretty straight forward.

You can dump the wallet to JSON format which would include the private key which you could import into electrum.

Hopefully this wallet.dat was before encryption in which case you won't need a passphrase Wink

HCP

legendary

Activity: 2086

Merit: 4361

I hope you have the original copy of the wallet... and have not been attempting to recover after you used "salvagewallet". Salvagewallet can make things worse.

But yes... give pywallet a try: https://bitcointalksearch.org/topic/pywallet-22-manage-your-wallet-update-required-34028

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?

ketubi

newbie

Activity: 4

Merit: 0

Hi folks! I have a Old corrupt wallet.dat from a client. I tried some things to recover those 33.54 BTC, since July 16. This is the wallet:

https://blockchain.info/address/1KYYVUwWSMrNkje41jzvubSRsjABu3EUt6

Next, a short summary of the history of this wallet:

*) This wallet comes from a old version of bitcoin-qt (2011), my client said "0.3.24 Beta version", but that is not sure. He remember, he could mining with that client of bitcoin-qt. In fact, he did a "copy & paste" of the wallet.dat when the client was mining and updating. Then, he put that file in a USB drive, and stored for years. When he tried to recover the wallet.dat with a new client of bitcoin-qt, bit he never had success.

*) He said, "the wallet is not encrypted with a password".

*) The size of the wallet.dat file is 112kb

What i tried, with no success :

1) I downloaded the bitcoin-qt client 0.3.24beta, and i tried to open the client with the wallet.dat loadded. i had this messagge:

https://drive.google.com/file/d/1feAvAHdS8t7e2bY3pGVRPZOtMcUgkasj/view?usp=sharing

2) I downloaded the new version of bitcoin-qt client 0.12.1 (i did in July 16), and i tried to open with the same method above.

3) I tried commands from the bitcoin-qt client 0.12.1, like "salvagewallet" and "upgradewallet".

4) I tried bitcointools.

5) Then i started to open the wallet with a HEX editor and looking for a pattern like "KeyA", "key!" or any other kind.

6) Also i tried this script: https://gist.github.com/msm595/7595164. I got 0 privkey.

7)I modified the script above, changing the line 17, with other kinds of REGEX patterns. I tried:

What i need:

*)Any Kind of help, I don't rule out that I could have tried badly some previously mentioned method.

*)Don't Waste your time, requesting the wallet.dat file. I'll not pass it on.

*)You can pass me, open source scripts writed for you, with the following steps to make it work.

*)I am a Python Developer, so i'll prefer scripts writed in that lenguage.

If your recover method, helps me to recover the wallet.dat i'll pay you a reward (We can negociate it)

Topic: Help me to recover 33.54 BTC from a corrupt wallet.dat, I'll pay you a Reward! - page 3. (Read 3329 times)