Author

Topic: Help me to recover 33.54 BTC from a corrupt wallet.dat, I'll pay you a Reward! (Read 3329 times)

newbie
Activity: 28
Merit: 9
I have a lot of encrypted wallet files, if you want to exchange, you can contact me.
newbie
Activity: 11
Merit: 0

Hi folks! I have a Old corrupt wallet.dat from a client. I tried some things to recover those 33.54 BTC, since July 16. This is the wallet:

https://blockchain.info/address/1KYYVUwWSMrNkje41jzvubSRsjABu3EUt6

Next, a short summary of the history of this wallet:

*) This wallet comes from a old version of bitcoin-qt (2011), my client said "0.3.24 Beta version", but that is not sure. He remember, he could mining with that client of bitcoin-qt. In fact, he did a "copy & paste" of the wallet.dat when the client was mining and updating. Then, he put that file in a USB drive, and stored for years. When he tried to recover the wallet.dat with a new client of bitcoin-qt, bit he never had success.

*) He said, "the wallet is not encrypted with a password".

*) The size of the wallet.dat file is 112kb

What i tried, with no success :

1) I downloaded the bitcoin-qt client 0.3.24beta, and i tried to open the client with the wallet.dat loadded. i had this messagge:

https://drive.google.com/file/d/1feAvAHdS8t7e2bY3pGVRPZOtMcUgkasj/view?usp=sharing

2) I downloaded the new version of bitcoin-qt client 0.12.1 (i did in July 16), and i tried to open with the same method above.

3) I tried commands from the bitcoin-qt client 0.12.1, like "salvagewallet" and "upgradewallet".

4) I tried bitcointools.

5) Then i started to open the wallet with a HEX editor and looking for a pattern like "KeyA", "key!" or any other kind.

6) Also i tried this script: https://gist.github.com/msm595/7595164. I got 0 privkey.

7)I modified the script above, changing the line 17, with other kinds of REGEX patterns. I tried:

What i need:

*)Any Kind of help, I don't rule out that I could have tried badly some previously mentioned method.

*)Don't Waste your time, requesting the wallet.dat file. I'll not pass it on.

*)You can pass me, open source scripts writed for you, with the following steps to make it work.

*)I am a Python Developer, so i'll prefer scripts writed in that lenguage.

If your recover method, helps me to recover the wallet.dat i'll pay you a reward (We can negociate it)


Still trying to recover the wallet?
jr. member
Activity: 61
Merit: 4
or
sorry, that mean actually all is scam?

topicstarter is too greedy

he will be deceived by the same people


people who want to get everything themselves and do not trust anyone will become victims of scammers, as usual

why will he be greedy, when how actually knew that there are some people here that will help him recover the Bitcoin.
Beside he made it clear that there will be reward for the person ( i guess he's not coming to a good terms and clear negotiations with them)

I offered to help him, he did not respond, but instead opened the topic and began to wait for prompts from users.
he writes that he went to study as a programmer and wants to be given ready-made python code, which he will run himself. I offered to sell him an algorithm on how to get coins - he did not answer.
newbie
Activity: 12
Merit: 0
or
sorry, that mean actually all is scam?

topicstarter is too greedy

he will be deceived by the same people


people who want to get everything themselves and do not trust anyone will become victims of scammers, as usual

why will he be greedy, when how actually knew that there are some people here that will help him recover the Bitcoin.
Beside he made it clear that there will be reward for the person ( i guess he's not coming to a good terms and clear negotiations with them)
jr. member
Activity: 61
Merit: 4
or
sorry, that mean actually all is scam?

topicstarter is too greedy

he will be deceived by the same people


people who want to get everything themselves and do not trust anyone will become victims of scammers, as usual
member
Activity: 406
Merit: 47
or
sorry, that mean actually all is scam?
member
Activity: 406
Merit: 47
from OP at December 16, 2017 until to now (4 year)
not yet success recover this bitcoin?
newbie
Activity: 14
Merit: 0
I'm ready to bet with anyone that I'll come here in another 3 years and the coins will still not be touched by the author of some muddy
jr. member
Activity: 61
Merit: 4
Are you able to extract the hash from the wallet.dat file?
This can be done online or in Hashcat.
Need my help, send me a message.

Never send Wallet.dat to anyone, ever. No reason to do so.
wallet 0.4 version have no encryption
newbie
Activity: 11
Merit: 2
If your wallet is password protected and damaged I am not sure how you will solve this problem!

It says in the OP the wallet isn't encrypted according to his client, and last transaction is from August 2011, Bitcoin-Qt 0.4.0 with encryption wasn't released until a month later.

Or the client got it wrong and encrypted it on his own, or it was some sort of watch-only wallet.

Even if they upgraded, 0.4 clients (encrypted or not) often left private keys able to be extracted in plaintext, it was a known bug.  In my case 50% of the private keys were left in the encrypted wallet in plaintext and there are other places to look for traces as well.  We wrote our own stuff but there is code floating around.
legendary
Activity: 3472
Merit: 1722
If your wallet is password protected and damaged I am not sure how you will solve this problem!

It says in the OP the wallet isn't encrypted according to his client, and last transaction is from August 2011, Bitcoin-Qt 0.4.0 with encryption wasn't released until a month later.

Or the client got it wrong and encrypted it on his own, or it was some sort of watch-only wallet.
jr. member
Activity: 61
Merit: 4
On the one hand, it is logical that you do not need to send a file to just anyone without a password,

on the other hand, man himself cannot extract the coins.

I wrote earlier that I can get coins, and so I told a Ketubi for a certain amount to tell how to do it.

he didn't answer me at all. then he probably wants to get a free method, and does not want to reward anyone.

so I think we're wasting our time here.

if the topicstarter wants - we can always agree on the rewards. this is better than the situation when the BTC rate rises so much that a person will be afraid for coins much more than now.
newbie
Activity: 3
Merit: 0
Don't worry, at least
i have no reason to steal someone's money just because i don't want to share the program with anyone, and i will tell him to delete it after using it


in the end, don't make yourself (Detective Conan -,-) to judge others without evidence
because your words this affected me.

There's no good reason not to make the code public, we need to verify that the recovery program doesn't do anything unsafe and leave private keys and sensitive data lying around in temporary files (at best) or sends the whole wallet file and/or private keys across the network (at worst).

And also by open-sourcing your recovery tool you enable people to improve it for edge-cases (seed phrases, multisig, extended words, BIP38 etc etc). If you look at pywallet or btcrecover for example you see there are a dozen or so people improving them.
the tool is programmed to fetch all the private keys with their addresses from uncrypted wallet.dat
that's all there is to it and it's good to get the privkey and use it in another wallet by easy way
but the bad thing is for someone to use it to steal someone's money after obtaining their wallet file
and this doesn't make me want to share with anyone as easy as that
but i might ask for proof to make sure the person in need of help is correct.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Don't worry, at least
i have no reason to steal someone's money just because i don't want to share the program with anyone, and i will tell him to delete it after using it


in the end, don't make yourself (Detective Conan -,-) to judge others without evidence
because your words this affected me.

There's no good reason not to make the code public, we need to verify that the recovery program doesn't do anything unsafe and leave private keys and sensitive data lying around in temporary files (at best) or sends the whole wallet file and/or private keys across the network (at worst).

And also by open-sourcing your recovery tool you enable people to improve it for edge-cases (seed phrases, multisig, extended words, BIP38 etc etc). If you look at pywallet or btcrecover for example you see there are a dozen or so people improving them.
newbie
Activity: 3
Merit: 0
Exactly these are the scammers we warn everyone of:

are you sure the file is not encrypted?, if yes
then call me at this mail ([email protected])
i have a program that extracting privkey from uncrypted wallet.dat
i wouldn't ask you for the file of course Roll Eyes
but i will show you instructions to make sure if the file is encrypted or not
then i will give you the program with instructions for use.

Never trust a newbie. Never download a file sent by a newbie.
Never give away your wallet file or private keys.

If you see people "offering help" like in the quote, just ignore them.

Don't worry, at least
i have no reason to steal someone's money just because i don't want to share the program with anyone, and i will tell him to delete it after using it


in the end, don't make yourself (Detective Conan -,-) to judge others without evidence
because your words this affected me.
legendary
Activity: 1624
Merit: 2481
Exactly these are the scammers we warn everyone of:

are you sure the file is not encrypted?, if yes
then call me at this mail ([email protected])
i have a program that extracting privkey from uncrypted wallet.dat
i wouldn't ask you for the file of course Roll Eyes
but i will show you instructions to make sure if the file is encrypted or not
then i will give you the program with instructions for use.

Never trust a newbie. Never download a file sent by a newbie.
Never give away your wallet file or private keys.

If you see people "offering help" like in the quote, just ignore them.
newbie
Activity: 3
Merit: 0

Hi folks! I have a Old corrupt wallet.dat from a client. I tried some things to recover those 33.54 BTC, since July 16. This is the wallet:

https://blockchain.info/address/1KYYVUwWSMrNkje41jzvubSRsjABu3EUt6

Next, a short summary of the history of this wallet:

*) This wallet comes from a old version of bitcoin-qt (2011), my client said "0.3.24 Beta version", but that is not sure. He remember, he could mining with that client of bitcoin-qt. In fact, he did a "copy & paste" of the wallet.dat when the client was mining and updating. Then, he put that file in a USB drive, and stored for years. When he tried to recover the wallet.dat with a new client of bitcoin-qt, bit he never had success.

*) He said, "the wallet is not encrypted with a password".

*) The size of the wallet.dat file is 112kb

What i tried, with no success :

1) I downloaded the bitcoin-qt client 0.3.24beta, and i tried to open the client with the wallet.dat loadded. i had this messagge:

https://drive.google.com/file/d/1feAvAHdS8t7e2bY3pGVRPZOtMcUgkasj/view?usp=sharing

2) I downloaded the new version of bitcoin-qt client 0.12.1 (i did in July 16), and i tried to open with the same method above.

3) I tried commands from the bitcoin-qt client 0.12.1, like "salvagewallet" and "upgradewallet".

4) I tried bitcointools.

5) Then i started to open the wallet with a HEX editor and looking for a pattern like "KeyA", "key!" or any other kind.

6) Also i tried this script: https://gist.github.com/msm595/7595164. I got 0 privkey.

7)I modified the script above, changing the line 17, with other kinds of REGEX patterns. I tried:

What i need:

*)Any Kind of help, I don't rule out that I could have tried badly some previously mentioned method.

*)Don't Waste your time, requesting the wallet.dat file. I'll not pass it on.

*)You can pass me, open source scripts writed for you, with the following steps to make it work.

*)I am a Python Developer, so i'll prefer scripts writed in that lenguage.

If your recover method, helps me to recover the wallet.dat i'll pay you a reward (We can negociate it)
are you sure the file is not encrypted?, if yes
then call me at this mail ([email protected])
i have a program that extracting privkey from uncrypted wallet.dat
i wouldn't ask you for the file of course Roll Eyes
but i will show you instructions to make sure if the file is encrypted or not
then i will give you the program with instructions for use.
legendary
Activity: 1624
Merit: 2481
You should contact some pros, maybe https://keychainx.io opened a wallet for me

Some of his statement let me doubt whether he is a "pro".

If contacting someone to help with recovery, i'd only recommend dave's recovery service.
He is already quite some time in the business and is the most trusted recovery service here. I personally wouldn't go with others.
jr. member
Activity: 61
Merit: 4
I presented the ketubi with a ready-made solution, wrote in a personal messages, he did not answer me anything.

It's a strange man.

really in 3 years to get coins you didn’t make an effort to get them?

I, for example, learned a bunch of things and learned how to extract coins from damaged wallets.

He was not on the forum for several years, and after I wrote that I could help him, he opened the topic.

He not discuss about reward and did not discuss about the terms of assistance.

I wrote to him that I have the tools and the ability to extract coins from the wallet, but he does not answer

I can help him to extract coins (he will get the result in 1 day)


p.s.
want to get coins - write to PM

moderators was delete some my post. this is funny

member
Activity: 95
Merit: 10
H guys! I'm getting back with this post. I was kinda frustrated because I tried so many things.

Now, I became a software engineer with Sr level python experience. So, if you have any Python script that maybe help I'll try it. Or, if you have any procedure I'll listen to you and try it. But, I'll not give you the .dat file. Also, I'll try only the source code provided, for security reasons.




Thanks for the response, i tried to dump my wallet and i get "error un dump page". See the image



You can't dump a corrupt wallet to json as it won't have the correct format.
I quickly wrote a small Python script for parsing a wallet and dumping the private keys from it (run with Python 2):

Code:
import sys
import struct
from bsddb.db import *
from hashlib import sha256

# Dumps the private keys from a wallet.dat file.
# Inspired by pywallet.
# Credits: https://bitcoin.stackexchange.com/questions/13681/opening-wallet-dat-in-python-using-bsddb3

B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"

if not len(sys.argv) == 2:
    print("Usage: %s " % sys.argv[2])
    sys.exit(1)

def read_size(buffer, offset):
    size = ord(buffer[offset])
    offset += 1

    if size == 0xfd:
        size = struct.unpack_from("        offset += 2
    if size == 0xfe:
        size = struct.unpack_from("        offset += 4
    if size == 0xff:
        size = struct.unpack_from("        offset += 8

    return offset, size

def read_string(buffer, offset):
    offset, string_len = read_size(buffer, offset)
    return offset + string_len, buffer[offset: offset + string_len]

def b58_encode(d):
    out = ""
    p = 0
    x = 0

    while ord(d[0]) == 0:
        out += "1"
        d = d[1:]

    for i, v in enumerate(d[::-1]):
        x += ord(v)*(256**i)

    while x > 58**(p+1):
        p += 1

    while p >= 0:
        a, x = divmod(x, 58**p)
        out += B58[a]
        p -= 1

    return out

def b58check_encode(d):
    checksum = sha256(sha256(d).digest()).digest()[:4]
    return b58_encode(d + checksum)


db = DB()
db.open(sys.argv[1], "main", DB_BTREE, DB_RDONLY)

items = db.items()

for item in items:
    k, v = item
    koff, voff = 0, 0
    koff, item_type = read_string(k, koff)

    if item_type == "key":
        koff, pubkey = read_string(k, koff)
        voff, privkey = read_string(v, voff)

        if len(privkey) == 279:
            secret = privkey[9:9+32]
        else:
            secret = privkey[8:8+32]

        if pubkey[0] != "\x04":
            secret += "\x01"

        print(b58check_encode("\x80" + secret))
db.close()

It's very simple, and outputs a bunch of WIF private keys (you can paste them into Electrum's Sweep dialog for example, but if there's many of them, it's going to take a while to check their balances, so be patient.
NOTE: the method of working with the database used here is different from pywallet's. It may work better on corrupted wallets.
A pip install of the bsddb may be required.

You might also be able to get bitcointools to turn a private key from one of the mentioned scripts and convert it to an address to scan for a balance on blockchain.info's API.
The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?

Thanks for the response, my client doesn't have the original drive where the wallet was not corrupted.
How do you know this is your exact wallet.dat? Do you just think it's for bitcoin or had you put it on a specific drive to back it up which it got corrupted on. Do you have any backups of the corrupted wallet also as in if you did a full system backup at the time that you still have a copy of?

You should contact some pros, maybe https://keychainx.io opened a wallet for me
newbie
Activity: 4
Merit: 0
H guys! I'm getting back with this post. I was kinda frustrated because I tried so many things.

Now, I became a software engineer with Sr level python experience. So, if you have any Python script that maybe help I'll try it. Or, if you have any procedure I'll listen to you and try it. But, I'll not give you the .dat file. Also, I'll try only the source code provided, for security reasons.




Thanks for the response, i tried to dump my wallet and i get "error un dump page". See the image

https://drive.google.com/file/d/1VriRG4hyGxcqBNRL5QL7x7Wzl4QR185X/view?usp=sharing

You can't dump a corrupt wallet to json as it won't have the correct format.
I quickly wrote a small Python script for parsing a wallet and dumping the private keys from it (run with Python 2):

Code:
import sys
import struct
from bsddb.db import *
from hashlib import sha256

# Dumps the private keys from a wallet.dat file.
# Inspired by pywallet.
# Credits: https://bitcoin.stackexchange.com/questions/13681/opening-wallet-dat-in-python-using-bsddb3

B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"

if not len(sys.argv) == 2:
    print("Usage: %s " % sys.argv[2])
    sys.exit(1)

def read_size(buffer, offset):
    size = ord(buffer[offset])
    offset += 1

    if size == 0xfd:
        size = struct.unpack_from("        offset += 2
    if size == 0xfe:
        size = struct.unpack_from("        offset += 4
    if size == 0xff:
        size = struct.unpack_from("        offset += 8

    return offset, size

def read_string(buffer, offset):
    offset, string_len = read_size(buffer, offset)
    return offset + string_len, buffer[offset: offset + string_len]

def b58_encode(d):
    out = ""
    p = 0
    x = 0

    while ord(d[0]) == 0:
        out += "1"
        d = d[1:]

    for i, v in enumerate(d[::-1]):
        x += ord(v)*(256**i)

    while x > 58**(p+1):
        p += 1

    while p >= 0:
        a, x = divmod(x, 58**p)
        out += B58[a]
        p -= 1

    return out

def b58check_encode(d):
    checksum = sha256(sha256(d).digest()).digest()[:4]
    return b58_encode(d + checksum)


db = DB()
db.open(sys.argv[1], "main", DB_BTREE, DB_RDONLY)

items = db.items()

for item in items:
    k, v = item
    koff, voff = 0, 0
    koff, item_type = read_string(k, koff)

    if item_type == "key":
        koff, pubkey = read_string(k, koff)
        voff, privkey = read_string(v, voff)

        if len(privkey) == 279:
            secret = privkey[9:9+32]
        else:
            secret = privkey[8:8+32]

        if pubkey[0] != "\x04":
            secret += "\x01"

        print(b58check_encode("\x80" + secret))
db.close()

It's very simple, and outputs a bunch of WIF private keys (you can paste them into Electrum's Sweep dialog for example, but if there's many of them, it's going to take a while to check their balances, so be patient.
NOTE: the method of working with the database used here is different from pywallet's. It may work better on corrupted wallets.
A pip install of the bsddb may be required.

You might also be able to get bitcointools to turn a private key from one of the mentioned scripts and convert it to an address to scan for a balance on blockchain.info's API.
The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?

Thanks for the response, my client doesn't have the original drive where the wallet was not corrupted.
How do you know this is your exact wallet.dat? Do you just think it's for bitcoin or had you put it on a specific drive to back it up which it got corrupted on. Do you have any backups of the corrupted wallet also as in if you did a full system backup at the time that you still have a copy of?
staff
Activity: 3458
Merit: 6793
Just writing some code
Seems like this has gotten a bit off topic and OP hasn't responded in years. /locked

Edit: Reopened as requested by OP on 2020-11-25
newbie
Activity: 24
Merit: 0

Hi folks! I have a Old corrupt wallet.dat from a client. I tried some things to recover those 33.54 BTC, since July 16. This is the wallet:

https://blockchain.info/address/1KYYVUwWSMrNkje41jzvubSRsjABu3EUt6


As of today this address still has funds, so I presume the wallet hasn't been recovered?

Here's a simple program which looks for the byte sequence 04 20, and assumes anything following that is a raw private key (note, I don't guarantee that all privkeys will necessarily start with this sequence). Note that it outputs hex rather than WIF format, and it will probably output some false positive values which are not actually wallet keys. You'll need to convert the raw keys to WIF and import to a new wallet determine which keys work.

Code:
#include 

int main() {
  int c, i;

/* assume that the 32 bytes following the sequence 0420 are a private key */

  while ((c = getchar()) != EOF) {
    if (c == 0x04) {
      if ((c = getchar()) == 0x20) {
        for (i = 0; i < 32; i++)
          printf("%02x", getchar());
        printf("\n");
        fflush(stdout);
      } else {
        ungetc(c, stdin);  /* push back in case it's 0x04 */
      }
    }
  }
}

On a *nix box:

cc -O3 findkey.c -o findkey
cat wallet.dat | ./findkey > recoveredkeys.txt


Then using something like https://github.com/matja/bitcoin-tool ...

bitcoin-tool --input-type private-key --input-format hex --output-type private-key-wif --output-format base58check --batch --input-file recoveredkeys.txt > wifimport.txt

If you are still stuck, I do know of some other methods, which will find any valid keys without needing to look for byte sequences, but as the process is more involved I will require a copy of the wallet. I'm currently doing a deep key recovery of digitalcoin and other coin keys from a 40GB drive image backed up in 2014.

Let me know if the above program works for you (or anyone else reading this).

Thanks for your tool along with instruction..

I have try as per your instruction & recover hex key & also recovery compressed key. Note that i have encrypted wallet.dat & lost password as follow BTC address: 1F654t1HxrZtg7uhcXyZeFvRsyB8HCnBXJ also positive Balance: 1.08 BTC. Unfortunately it was not found my at actual key; i have check with the electrum that address was not match to my encrypted wallet address. I don't know i am right way or anything wrong...

Please advice any solution to recover wallet...
member
Activity: 180
Merit: 38
I'll take a look, it's not looking good for me, such as why I posted in a old thread instead of a new one.. thanks for the real replies I appreciate your response and time.. I guess I am wondering if there is any way to get the master key from the source code using my information as it's a version of Bitcoin from beginning of 2012 🤔
?  Oh and no thanks to the one asking for my wallet haha 🤨🙄

Start by making a one on one backup, mount the drive in read-only to preserve the data.

Then you can mount the backup file and examine it on the raw binary level.

If you still have the wallet it you can dump it with dbutils.

Code:
$ db_dump -d a wallet.dat > wallet_dump.txt

newbie
Activity: 3
Merit: 0
I'll take a look, it's not looking good for me, such as why I posted in a old thread instead of a new one.. thanks for the real replies I appreciate your response and time.. I guess I am wondering if there is any way to get the master key from the source code using my information as it's a version of Bitcoin from beginning of 2012 🤔
?  Oh and no thanks to the one asking for my wallet haha 🤨🙄
legendary
Activity: 952
Merit: 1385

 I saved a bunch of files from the bitcoin core directory knowing the file I needed to save was in %APPDATA%\bitcoin ...I copy/pasted the files all together on a notepad..

Let me understand - you copied all the files from the directory into one file in notepad, right? So now you have one file and you cannot extract from it the 'part' of the original wallet?
Could you open the file in notepad and look for sequence: (in text it looks like "           b1 ")
00 00 00 00 01 00 00 00 00 00 00 00 62 31 05 00
it should be the beginning of your wallet.
legendary
Activity: 1624
Merit: 2481
~snip~

Your post and situation is very confusing.

The best probably would be to create a new thread in the technical support section and including all relevant information (e.g. what happend, what you tried, what results you got and obviously what kind of files you have now).

Continuing in such an old thread will result in absolutely non-attentive people finding the thread having a new reply, and replying to the 2,5 year old OP.
For example this inattentive user which mostly makes "meh" quality replies which in most cases don't help at all:

~quoting 2 year old post~
Did you try to dump the wallet or read the db manually with python? There are several scripts for this
member
Activity: 180
Merit: 38

Hi

 provide me with wallet.dat file


Hahahahahahahahahahahahah  Grin Grin Grin Grin
Nice one  Wink
member
Activity: 378
Merit: 53
Telegram @keychainX

Hi folks! I have a Old corrupt wallet.dat from a client. I tried some things to recover those 33.54 BTC, since July 16. This is the wallet:

https://blockchain.info/address/1KYYVUwWSMrNkje41jzvubSRsjABu3EUt6

Next, a short summary of the history of this wallet:

*) This wallet comes from a old version of bitcoin-qt (2011), my client said "0.3.24 Beta version", but that is not sure. He remember, he could mining with that client of bitcoin-qt. In fact, he did a "copy & paste" of the wallet.dat when the client was mining and updating. Then, he put that file in a USB drive, and stored for years. When he tried to recover the wallet.dat with a new client of bitcoin-qt, bit he never had success.

*) He said, "the wallet is not encrypted with a password".

*) The size of the wallet.dat file is 112kb

What i tried, with no success :

1) I downloaded the bitcoin-qt client 0.3.24beta, and i tried to open the client with the wallet.dat loadded. i had this messagge:



2) I downloaded the new version of bitcoin-qt client 0.12.1 (i did in July 16), and i tried to open with the same method above.

3) I tried commands from the bitcoin-qt client 0.12.1, like "salvagewallet" and "upgradewallet".

4) I tried bitcointools.

5) Then i started to open the wallet with a HEX editor and looking for a pattern like "KeyA", "key!" or any other kind.

6) Also i tried this script: https://gist.github.com/msm595/7595164. I got 0 privkey.

7)I modified the script above, changing the line 17, with other kinds of REGEX patterns. I tried:

What i need:

*)Any Kind of help, I don't rule out that I could have tried badly some previously mentioned method.

*)Don't Waste your time, requesting the wallet.dat file. I'll not pass it on.

*)You can pass me, open source scripts writed for you, with the following steps to make it work.

*)I am a Python Developer, so i'll prefer scripts writed in that lenguage.

If your recover method, helps me to recover the wallet.dat i'll pay you a reward (We can negociate it)

Did you try to dump the wallet or read the db manually with python? There are several scripts for this
legendary
Activity: 2730
Merit: 7065
Do not contact or send any personal/private/wallet information to Btcspot. Take a look at his trust ratings to understand who you are dealing with:
https://bitcointalk.org/index.php?action=trust;u=904227

He shouldn't be trusted!
jr. member
Activity: 189
Merit: 1
 Hi, i can help with this, send me a message, my email [email protected].
HCP
legendary
Activity: 2086
Merit: 4361
I copy/pasted the files all together on a notepad..
What exactly do you mean by this? Did you open a bunch of different files in the Bitcoin Core datadir in a text editor... and then copy/paste all that data together into one file? Huh

If so, then you're probably S.O.L... the wallet.dat is a "binary" data file... it's not meant to be opened/manipulated in a text editor.
newbie
Activity: 3
Merit: 0
I have that same type of file (a little different/but same just older) and have been reading about going through the source code to retrieve the "redeem script" or the "derivation method" but first I wanted to ask .. what is that src/wallet/walletdb.cpp specifically? as I don't see any strings but I do see key all over..
It sounds like you have become very confused... I'm not sure what you hope to find by looking in the Bitcoin Core source... A wallet.dat is simply a "BerkeleyDB" database format file. You are NOT going to find any "redeem script" or "derivation method" for a wallet file that is as old as you claim by looking at C++ source code for Bitcoin Core. Undecided


Quote
my python said "cannot import name 'generator_secp256k1' from 'pycoin.ecdsa" when trying to install bitwalletrecover.
This means that you have not installed the appropriate Python library... specifically, this one: https://github.com/richardkiss/pycoin


In any case, I would suggest that you take a few steps backwards as you seem to be heading down the wrong path. Have you attempted to dump the contents of your wallet.dat using something like PyWallet (https://bitcointalk.org/index.php?topic=34028.0)? Huh

One last tip... make a couple of copies of your wallet.dat and work on the copies, don't try and run scripts etc on the original version of your wallet.dat file.

very confused indeed, either way.. what does the berkleydb wallet look like as I have that file..

I hope.. long story short
even though I saved also the c++ code files,
I saved the berkleydb file as well which should be the wallet.dat, thankyou for your reply and yes... unfortunately I am mentally disabled to the max! so maybe i didnt save the wallet.dat but I believe I did.. I also did something (stupid) thinking i was being clever (which I was not) incase a hacker got ahold of my files and would open it and see nothing useful (I had no clue what a hack even consisted of) so I saved a bunch of files from the bitcoin core directory knowing the file I needed to save was in %APPDATA%\bitcoin ...I copy/pasted the files all together on a notepad.. which being I knew the only file I needed was the wallet.dat from %APPDATA%\bitcoin I feel like I must have it, clearly how i saved it, it would come up corrupt.. not knowing that then, anyway unless I stupidly forgot to include the only file i was trying to save(which I just dont think happened but guessing its possible) so I'm trying to say that the redeem script or dirivitation method or masterprivatekey should be there, some place and i possibly just need to follow script .. do math or try things idk, something's gotta give!! maybe? possibly? hopefully? or i could just be s.o.l i dont know
HCP
legendary
Activity: 2086
Merit: 4361
I have that same type of file (a little different/but same just older) and have been reading about going through the source code to retrieve the "redeem script" or the "derivation method" but first I wanted to ask .. what is that src/wallet/walletdb.cpp specifically? as I don't see any strings but I do see key all over..
It sounds like you have become very confused... I'm not sure what you hope to find by looking in the Bitcoin Core source... A wallet.dat is simply a "BerkeleyDB" database format file. You are NOT going to find any "redeem script" or "derivation method" for a wallet file that is as old as you claim by looking at C++ source code for Bitcoin Core. Undecided


Quote
my python said "cannot import name 'generator_secp256k1' from 'pycoin.ecdsa" when trying to install bitwalletrecover.
This means that you have not installed the appropriate Python library... specifically, this one: https://github.com/richardkiss/pycoin


In any case, I would suggest that you take a few steps backwards as you seem to be heading down the wrong path. Have you attempted to dump the contents of your wallet.dat using something like PyWallet (https://bitcointalk.org/index.php?topic=34028.0)? Huh

One last tip... make a couple of copies of your wallet.dat and work on the copies, don't try and run scripts etc on the original version of your wallet.dat file.
newbie
Activity: 3
Merit: 0
I might need to start a new thread in that case if I do.. sorry my friends! I saw this post and am in a similar situation and I am trying every option exhaustingly as I have a similar (more) balance.. with a corrupt wallet from 2012... I too offer a reward for successful results, I am of course trying to learn everything on my own and am not trying to send my wallet (obviously) which makes things as tough as can be of course, anyway i wanted to quote the post concerning the link that took me to (https://github.com/bitcoin/bitcoin/blob/48b5b84ee511d5ccd0d47bb0018c1b3c9ddebeff/src/wallet/walletdb.cpp)
which is the src/wallet/walletdb.cpp source code.. I have that same type of file (a little different/but same just older) and have been reading about going through the source code to retrieve the "redeem script" or the "derivation method" but first I wanted to ask .. what is that src/wallet/walletdb.cpp specifically? as I don't see any strings but I do see key all over.. and I also read the db can leave bits of unencrypted private keys in the db slack space, I just don't follow direction too well but I will try to follow the mentioned directions to get my wallet back, also wanted to ask (off subject mind racing) my python said "cannot import name 'generator_secp256k1' from 'pycoin.ecdsa" when trying to install bitwalletrecover. anyway hoping to get help with this as I have not asked for help on a forum before but been trying for years to figure it out, guess i finally reached my breaking point for my need to get help with this!!! thankyou for reading and I understand walletrecoveryservices is not trying to help me as I have already tried.. did I not save the right file? did I corrupt it and lose the info I need when I saved it possibly by saving it wrong?
  hoping I am not S.O.L!! thankyou for reading I appreciate all and any help, and as I said a successful return of my only hope in the world to not restart my broke ass from scratch will be compensated. CHEERS!
Your unencrypted wallet.dat sounds pretty messed up if not even one 'key' related entry was found.

Take a look at this https://github.com/bitcoin/bitcoin/blob/48b5b84ee511d5ccd0d47bb0018c1b3c9ddebeff/src/wallet/walletdb.cpp
There should be plenty of entries starting or ending with 'key'.

Guess you have to resort to: https://walletrecoveryservices.com/  afterall.
legendary
Activity: 2268
Merit: 1092

Hi folks! I have a Old corrupt wallet.dat from a client. I tried some things to recover those 33.54 BTC, since July 16. This is the wallet:

https://blockchain.info/address/1KYYVUwWSMrNkje41jzvubSRsjABu3EUt6


As of today this address still has funds, so I presume the wallet hasn't been recovered?

Here's a simple program which looks for the byte sequence 04 20, and assumes anything following that is a raw private key (note, I don't guarantee that all privkeys will necessarily start with this sequence). Note that it outputs hex rather than WIF format, and it will probably output some false positive values which are not actually wallet keys. You'll need to convert the raw keys to WIF and import to a new wallet determine which keys work.

Code:
#include 

int main() {
  int c, i;

/* assume that the 32 bytes following the sequence 0420 are a private key */

  while ((c = getchar()) != EOF) {
    if (c == 0x04) {
      if ((c = getchar()) == 0x20) {
        for (i = 0; i < 32; i++)
          printf("%02x", getchar());
        printf("\n");
        fflush(stdout);
      } else {
        ungetc(c, stdin);  /* push back in case it's 0x04 */
      }
    }
  }
}

On a *nix box:

cc -O3 findkey.c -o findkey
cat wallet.dat | ./findkey > recoveredkeys.txt


Then using something like https://github.com/matja/bitcoin-tool ...

bitcoin-tool --input-type private-key --input-format hex --output-type private-key-wif --output-format base58check --batch --input-file recoveredkeys.txt > wifimport.txt

If you are still stuck, I do know of some other methods, which will find any valid keys without needing to look for byte sequences, but as the process is more involved I will require a copy of the wallet. I'm currently doing a deep key recovery of digitalcoin and other coin keys from a 40GB drive image backed up in 2014.

Let me know if the above program works for you (or anyone else reading this).
copper member
Activity: 2268
Merit: 539
LuckyDiamond.io - FLAT 50% Deposit Bonus!
well as you says client saved into USB and saved it somewhere i suggest you to try from different point have you checked your USB drive health maybe there is some MBR or header corrupted that why system is unable to read wallet.dat .

you can try to recover USB drive hopefully its not over written . but now days softwares available which even can recover data from 35 passes
newbie
Activity: 1
Merit: 0
In case this one hasn't been solved yet.

I wrote a Python (2.7) script recently after getting a corrupt wallet for an altcoin. It should work for most coins based on Bitcoin, including Bitcoin itself. It has a GUI to make it a bit easier to use. It may find some "junk" keys, but it should definitely find the real keys too if they are present. It directly searches the binary data for keys and then generates the address for each key, so it could be slow on huge wallet files.

You can choose to dump all possible keys or you can specify which addresses to get the keys for in a search box. For Bitcoin you do not need to edit the config file, it's set to Bitcoin by default.

GitHub can be found here, download ZIP of repository.
member
Activity: 176
Merit: 43
I hope you are able to recover your bitcoins, that is a big amount.  Smiley
newbie
Activity: 15
Merit: 0
think I may be able to help you.

youll need a Linux box & a blank usb stick
newbie
Activity: 4
Merit: 0
Did you find a solution for issue?

Thanks!
sr. member
Activity: 1008
Merit: 251
I have a similar issue with a wallet.dat file, although not nearly as many BTC as OP.  Tagging this post to keep an eye out for a possible solution.  GL OP to recover it, that is a ton of cash just hanging out there.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
Hi ketubi,


Give this a try..!!!

Make sure you have a extra backup  Smiley

first take the wallet.dat file and split into two wallet.dat files(likely one with 80/90% data and the other with remaining)...

once you are ready with two files.. try placing the first wallet.dat file you have made and start bitcoin-qt...

if it works.. you will get to the point where you have 33.54 BTC  Smiley
if you still get the error then try to remove more lines present at the last... and again start bitcoin-qt with new file

Hope this works..!! Revert BACK ..!!

Thanks,
KicKforBcn







Afaik, it doesn't append linearly new data at the end.
If I help you, what reward could I have?

Help to help the community, don't consider a monetary reward of a reason to help. Next we'll get someone asking him to sign the address with the 34btc in it.  Grin



@KicKfrBcn good find, it was from four years ago but mainly the same suggestions as what is on this thread, with extra info too!
newbie
Activity: 4
Merit: 0
Hi ketubi,


Give this a try..!!!

Make sure you have a extra backup  Smiley

first take the wallet.dat file and split into two wallet.dat files(likely one with 80/90% data and the other with remaining)...

once you are ready with two files.. try placing the first wallet.dat file you have made and start bitcoin-qt...

if it works.. you will get to the point where you have 33.54 BTC  Smiley
if you still get the error then try to remove more lines present at the last... and again start bitcoin-qt with new file

Hope this works..!! Revert BACK ..!!

Thanks,
KicKforBcn





newbie
Activity: 13
Merit: 0
Geesh! I thought I had problems. I hope you manage to recover. I'm praying for you! Sending you good vibes.
full member
Activity: 157
Merit: 113
If reading the database using the script above doesn't succeed, you can also try searching your wallet file for the hex string: "0201010420'.
It's the common value of a private key data field, and a 32 byte (64 hex characters) private key will follow.

EDIT: According to this: http://www.radjaidjah.org/index.php?post/2014/09/07/Sauver-ses-bitcoins-de-la-corruption, the full hex prefix is "fd1701308201130201010420".
member
Activity: 350
Merit: 13
Your unencrypted wallet.dat sounds pretty messed up if not even one 'key' related entry was found.

Take a look at this https://github.com/bitcoin/bitcoin/blob/48b5b84ee511d5ccd0d47bb0018c1b3c9ddebeff/src/wallet/walletdb.cpp
There should be plenty of entries starting or ending with 'key'.

Guess you have to resort to: https://walletrecoveryservices.com/  afterall.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
Thanks for the response, i tried to dump my wallet and i get "error un dump page". See the image



You can't dump a corrupt wallet to json as it won't have the correct format.
I quickly wrote a small Python script for parsing a wallet and dumping the private keys from it (run with Python 2):

Code:
import sys
import struct
from bsddb.db import *
from hashlib import sha256

# Dumps the private keys from a wallet.dat file.
# Inspired by pywallet.
# Credits: https://bitcoin.stackexchange.com/questions/13681/opening-wallet-dat-in-python-using-bsddb3

B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"

if not len(sys.argv) == 2:
    print("Usage: %s " % sys.argv[2])
    sys.exit(1)

def read_size(buffer, offset):
    size = ord(buffer[offset])
    offset += 1

    if size == 0xfd:
        size = struct.unpack_from("        offset += 2
    if size == 0xfe:
        size = struct.unpack_from("        offset += 4
    if size == 0xff:
        size = struct.unpack_from("        offset += 8

    return offset, size

def read_string(buffer, offset):
    offset, string_len = read_size(buffer, offset)
    return offset + string_len, buffer[offset: offset + string_len]

def b58_encode(d):
    out = ""
    p = 0
    x = 0

    while ord(d[0]) == 0:
        out += "1"
        d = d[1:]

    for i, v in enumerate(d[::-1]):
        x += ord(v)*(256**i)

    while x > 58**(p+1):
        p += 1

    while p >= 0:
        a, x = divmod(x, 58**p)
        out += B58[a]
        p -= 1

    return out

def b58check_encode(d):
    checksum = sha256(sha256(d).digest()).digest()[:4]
    return b58_encode(d + checksum)


db = DB()
db.open(sys.argv[1], "main", DB_BTREE, DB_RDONLY)

items = db.items()

for item in items:
    k, v = item
    koff, voff = 0, 0
    koff, item_type = read_string(k, koff)

    if item_type == "key":
        koff, pubkey = read_string(k, koff)
        voff, privkey = read_string(v, voff)

        if len(privkey) == 279:
            secret = privkey[9:9+32]
        else:
            secret = privkey[8:8+32]

        if pubkey[0] != "\x04":
            secret += "\x01"

        print(b58check_encode("\x80" + secret))
db.close()

It's very simple, and outputs a bunch of WIF private keys (you can paste them into Electrum's Sweep dialog for example, but if there's many of them, it's going to take a while to check their balances, so be patient.
NOTE: the method of working with the database used here is different from pywallet's. It may work better on corrupted wallets.
A pip install of the bsddb may be required.

You might also be able to get bitcointools to turn a private key from one of the mentioned scripts and convert it to an address to scan for a balance on blockchain.info's API.
The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?

Thanks for the response, my client doesn't have the original drive where the wallet was not corrupted.
How do you know this is your exact wallet.dat? Do you just think it's for bitcoin or had you put it on a specific drive to back it up which it got corrupted on. Do you have any backups of the corrupted wallet also as in if you did a full system backup at the time that you still have a copy of?
full member
Activity: 157
Merit: 113
I quickly wrote a small Python script for parsing a wallet and dumping the private keys from it (run with Python 2):

Code:
import sys
import struct
from bsddb.db import *
from hashlib import sha256

# Dumps the private keys from a wallet.dat file.
# Inspired by pywallet.
# Credits: https://bitcoin.stackexchange.com/questions/13681/opening-wallet-dat-in-python-using-bsddb3

B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"

if not len(sys.argv) == 2:
    print("Usage: %s " % sys.argv[2])
    sys.exit(1)

def read_size(buffer, offset):
    size = ord(buffer[offset])
    offset += 1

    if size == 0xfd:
        size = struct.unpack_from("        offset += 2
    if size == 0xfe:
        size = struct.unpack_from("        offset += 4
    if size == 0xff:
        size = struct.unpack_from("        offset += 8

    return offset, size

def read_string(buffer, offset):
    offset, string_len = read_size(buffer, offset)
    return offset + string_len, buffer[offset: offset + string_len]

def b58_encode(d):
    out = ""
    p = 0
    x = 0

    while ord(d[0]) == 0:
        out += "1"
        d = d[1:]

    for i, v in enumerate(d[::-1]):
        x += ord(v)*(256**i)

    while x > 58**(p+1):
        p += 1

    while p >= 0:
        a, x = divmod(x, 58**p)
        out += B58[a]
        p -= 1

    return out

def b58check_encode(d):
    checksum = sha256(sha256(d).digest()).digest()[:4]
    return b58_encode(d + checksum)


db = DB()
db.open(sys.argv[1], "main", DB_BTREE, DB_RDONLY)

items = db.items()

for item in items:
    k, v = item
    koff, voff = 0, 0
    koff, item_type = read_string(k, koff)

    if item_type == "key":
        koff, pubkey = read_string(k, koff)
        voff, privkey = read_string(v, voff)

        if len(privkey) == 279:
            secret = privkey[9:9+32]
        else:
            secret = privkey[8:8+32]

        if pubkey[0] != "\x04":
            secret += "\x01"

        print(b58check_encode("\x80" + secret))
db.close()

It's very simple, and outputs a bunch of WIF private keys (you can paste them into Electrum's Sweep dialog for example, but if there's many of them, it's going to take a while to check their balances, so be patient.
NOTE: the method of working with the database used here is different from pywallet's. It may work better on corrupted wallets.

NOTE:
Code:
pip install bsddb
may be required, as noted by jackg below.
full member
Activity: 174
Merit: 100
I don't understand. Why not use Bitcoin Core for this? I had an old wallet.dat from 2013 that worked well when I put it back in place from a stick this year.

The file is corrupted... Read ops post.
newbie
Activity: 12
Merit: 0
I don't understand. Why not use Bitcoin Core for this? I had an old wallet.dat from 2013 that worked well when I put it back in place from a stick this year.
hero member
Activity: 576
Merit: 514
You might want to ask these guys: https://walletrecoveryservices.com/ after you exhausted everything you can try yourself.
They seem to have a good reputation.
newbie
Activity: 4
Merit: 0
The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?

Thanks for the response, my client doesn't have the original drive where the wallet was not corrupted.
newbie
Activity: 4
Merit: 0
Thanks for the response, i tried to dump my wallet and i get "error un dump page". See the image

https://drive.google.com/file/d/1VriRG4hyGxcqBNRL5QL7x7Wzl4QR185X/view?usp=sharing
newbie
Activity: 9
Merit: 0
Hopefully you have an orginal backup copy of your wallet.dat prior to trying to "recover" it.

Download pywallet and launch it, the web interface is pretty straight forward.

You can dump the wallet to JSON format which would include the private key which you could import into electrum.

Hopefully this wallet.dat was before encryption in which case you won't need a passphrase Wink
HCP
legendary
Activity: 2086
Merit: 4361
I hope you have the original copy of the wallet... and have not been attempting to recover after you used "salvagewallet". Salvagewallet can make things worse.

But yes... give pywallet a try: https://bitcointalksearch.org/topic/pywallet-22-manage-your-wallet-update-required-34028
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
The user jackjack here wrote pywallet (you can search for it on githum and it should appear under the name jackjack-jj/pywallet).

What drive was the file on before it became corrupted? Was it in amongst other files or on its own on the drive - can you get that drive professionally recovered, have you?
newbie
Activity: 4
Merit: 0

Hi folks! I have a Old corrupt wallet.dat from a client. I tried some things to recover those 33.54 BTC, since July 16. This is the wallet:

https://blockchain.info/address/1KYYVUwWSMrNkje41jzvubSRsjABu3EUt6

Next, a short summary of the history of this wallet:

*) This wallet comes from a old version of bitcoin-qt (2011), my client said "0.3.24 Beta version", but that is not sure. He remember, he could mining with that client of bitcoin-qt. In fact, he did a "copy & paste" of the wallet.dat when the client was mining and updating. Then, he put that file in a USB drive, and stored for years. When he tried to recover the wallet.dat with a new client of bitcoin-qt, bit he never had success.

*) He said, "the wallet is not encrypted with a password".

*) The size of the wallet.dat file is 112kb

What i tried, with no success :

1) I downloaded the bitcoin-qt client 0.3.24beta, and i tried to open the client with the wallet.dat loadded. i had this messagge:

https://drive.google.com/file/d/1feAvAHdS8t7e2bY3pGVRPZOtMcUgkasj/view?usp=sharing

2) I downloaded the new version of bitcoin-qt client 0.12.1 (i did in July 16), and i tried to open with the same method above.

3) I tried commands from the bitcoin-qt client 0.12.1, like "salvagewallet" and "upgradewallet".

4) I tried bitcointools.

5) Then i started to open the wallet with a HEX editor and looking for a pattern like "KeyA", "key!" or any other kind.

6) Also i tried this script: https://gist.github.com/msm595/7595164. I got 0 privkey.

7)I modified the script above, changing the line 17, with other kinds of REGEX patterns. I tried:

What i need:

*)Any Kind of help, I don't rule out that I could have tried badly some previously mentioned method.

*)Don't Waste your time, requesting the wallet.dat file. I'll not pass it on.

*)You can pass me, open source scripts writed for you, with the following steps to make it work.

*)I am a Python Developer, so i'll prefer scripts writed in that lenguage.

If your recover method, helps me to recover the wallet.dat i'll pay you a reward (We can negociate it)
Jump to: