Author

Topic: How to bruteforce a mobile wallet backup? (Read 295 times)

legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
January 21, 2021, 05:12:32 AM
#5
Question, shall I create the guide in the Techical Support section or move it to the Development & Technical Discussion > Wallet software > Bitcoin Wallet for Android ?? What you guys think is the best place?

If the guide is only for "Bitcoin Wallet for Android", then Development & Technical Discussion > Wallet software > Bitcoin Wallet for Android is better place.

On a side note, when you create a guide, please mention your environment (Python version, version of the library, etc.)

Sure. Since btcrecover works best and it supports also a gpu bruteforce mode I think I'll make a detailed guide for newbies with step-by-step even for the non-tech people Smiley



I have a request, if someone can send me a bitcoin wallet backup made on iPhone? I do not own iPhone and I don't want to buy one only for the test.
Please make a fresh wallet, you can also put a spending pin : 1234 and password for the backup: 123456
Thank you Smiley
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
January 20, 2021, 12:47:56 AM
#4
You install a bitcoin wallet on your phone, you make a backup file with a password, and store it somewhere safe.
You should not do this. What you describe is a bad security practice. Your backups should be accessible to you and you alone, but using passwords will lead to the loss of coin because backups will potentially not be accessed for a long time after you create them.

You are also making the mistake of using only one backup. You should always have at least three copies of your wallet, in at least two mediums of storage and have at least one in an offsite location.

This is an example of what people do and how they end up with a forgotten passwords of their backup not an actual advice how to make and store their backups and passwords. Read the sentence above the one you quoted Cheesy



Question, shall I create the guide in the Techical Support section or move it to the Development & Technical Discussion > Wallet software > Bitcoin Wallet for Android ?? What you guys think is the best place?
copper member
Activity: 1652
Merit: 1901
Amazon Prime Member #7
January 20, 2021, 12:16:57 AM
#3
You install a bitcoin wallet on your phone, you make a backup file with a password, and store it somewhere safe.
You should not do this. What you describe is a bad security practice. Your backups should be accessible to you and you alone, but using passwords will lead to the loss of coin because backups will potentially not be accessed for a long time after you create them.

You are also making the mistake of using only one backup. You should always have at least three copies of your wallet, in at least two mediums of storage and have at least one in an offsite location.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
January 19, 2021, 06:32:10 PM
#2
A little update,
I has some free time lately and I managed to recover a password from a Dash mobile backup with btcrecover. So basically it's the same procedure as the bitcoin android wallet backup.

Previously I got a weird error that the file is not a legit wallet file, after a clean reinstall of python, pyCrypto and btcrecover everything worked fine.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
January 08, 2021, 04:50:41 AM
#1
This thread got me thinking and I started to research a little bit.

Here is an example scenario of what could happen.

You install a bitcoin wallet on your phone, you make a backup file with a password, and store it somewhere safe.
After a year you lose your phone, buy a new one and try to recover from that backup, but you forgot that password you use to encrypt the backup.

How in the hell you can brute force it?

I did some experiments to create a backup and try to decode it. I found no info on the internet about it and started my own approach.

The source file starts with "U2FsdGVkX1" so I presumed it was an openssl encryption. So here we go.
 

The password of the file was 1234.
Here is the result.


Of course, the wallet is empty and it's used for testing if just in case you tempt to steal my bitcoins Cheesy


I still think I'm not in the right way. People talking about that key derivation function used to encrypt the whole file instead of having a password hash in the source.
But still, I manage to get the correct password in the 32 suggested solutions out of 10000 possibilities.
I need to read more..


Some extra thoughts, looks like btcrecover was using Scrypt in order to crack the android bitcoin wallets so I assume is used Scrypt Key Derivation Function to encrypt the backup.

Quote
Wallet Installation Requirements
...
Bitcoin Wallet for Android/BlackBerry spending PIN - Python 2.7, scrypt, Google protobuf, optional: PyCrypto
...
https://github.com/gurnec/btcrecover/blob/master/docs/INSTALL.md

Quote
scrypt-kdf is a Node.js zero-dependency wrapper around the core Node.js OpenSSL implementation of scrypt, providing a kdf function and a verify function.
https://github.com/chrisveness/scrypt-kdf
-----

I made a progression in cracking the android bitcoin wallet password using btcrecover, but no success on the Dash wallet yet, working on it too Smiley




If I make a success in that experiment, I will turn this thread into a guide. Smiley

Jump to: