I'll help you all out.
It was somewhere between 128 and 190 bits long.
It was somewhere between 128 and 190 bits long.
That's about as useful as the United States Congress.
It's all I know based on how much entropy that box drains.
Topic: I have pasted my wallet.dat base64-encoded, crack it and the contents are yours (Read 3434 times)
September 02, 2011, 05:15:45 AM
That's about as useful as the United States Congress.
It's all I know based on how much entropy that box drains.
September 02, 2011, 01:37:31 AM
I'll help you all out.
It was somewhere between 128 and 190 bits long.
It was somewhere between 128 and 190 bits long.
That's about as useful as the United States Congress.
September 01, 2011, 09:17:27 PM
I'll help you all out.
It was somewhere between 128 and 190 bits long.
It was somewhere between 128 and 190 bits long.
September 01, 2011, 09:15:12 PM
I am sitting here thinking what would he use for the seed value... his bitcoin address? his username?
There must be a clue I am not thinking of in his posts. To sit here and try to brute force it does not
seem like a valid plan of action.
There must be a clue I am not thinking of in his posts. To sit here and try to brute force it does not
seem like a valid plan of action.
What would I use?
I use whatever the hell last went into the kernel entropy pool - and trust me, it's cycled a lot
September 01, 2011, 09:11:29 PM
I am sitting here thinking what would he use for the seed value... his bitcoin address? his username?
There must be a clue I am not thinking of in his posts. To sit here and try to brute force it does not
seem like a valid plan of action.
There must be a clue I am not thinking of in his posts. To sit here and try to brute force it does not
seem like a valid plan of action.
September 01, 2011, 08:59:22 PM
Well... If urandom was used, it's certainly possible to crack (especially since the header of the file is the same between wallets). That'd give you some possibilities of where the seed started. However, it seems that different versions of Unix/Linux/BSD have different implementations of pseudo-random number generation. We could go through them all, I guess...
To win the bounty you must present an algorithm.
The kernel version: 2.6.32-5
And when someone earns the bounty, everyone with the base64-decoded version tries spending the bounty first.
For this one, i'll send the 1BTC when the winner agrees - they can then pay it out themselves to ensure it doesn't get stolen - plus it'll be fun to watch that bit anyway
September 01, 2011, 08:56:48 PM
Well... If urandom was used, it's certainly possible to crack (especially since the header of the file is the same between wallets). That'd give you some possibilities of where the seed started. However, it seems that different versions of Unix/Linux/BSD have different implementations of pseudo-random number generation. We could go through them all, I guess...
To win the bounty you must present an algorithm.
The kernel version: 2.6.32-5
And when someone earns the bounty, everyone with the base64-decoded version tries spending the bounty first.
September 01, 2011, 08:56:38 PM
By the way, after this one is cracked the next bounty will be 10BTC for one encrypted using the REAL entropy source.
September 01, 2011, 08:54:04 PM
Well... If urandom was used, it's certainly possible to crack (especially since the header of the file is the same between wallets). That'd give you some possibilities of where the seed started. However, it seems that different versions of Unix/Linux/BSD have different implementations of pseudo-random number generation. We could go through them all, I guess...
To win the bounty you must present an algorithm.
The kernel version: 2.6.32-5
September 01, 2011, 08:53:25 PM
Well... If urandom was used, it's certainly possible to crack (especially since the header of the file is the same between wallets). That'd give you some possibilities of where the seed started. However, it seems that different versions of Unix/Linux/BSD have different implementations of pseudo-random number generation. We could go through them all, I guess...
I was thinking that also. Freebsd does not even have urandom.. it just:
> ls -al /dev/ | grep ran
crw-rw-rw- 1 root wheel 0, 11 Sep 8 2009 random
lrwxr-xr-x 1 root wheel 6 Sep 8 2009 urandom -> random
September 01, 2011, 08:51:17 PM
Well... If urandom was used, it's certainly possible to crack (especially since the header of the file is the same between wallets). That'd give you some possibilities of where the seed started. However, it seems that different versions of Unix/Linux/BSD have different implementations of pseudo-random number generation. We could go through them all, I guess...
September 01, 2011, 08:50:39 PM
I think I am a bit confused now.
The first was simply based64 encoded. The person who won decoded it and earned the btc.
Now you have a second file which when decoded is obviously not a wallet.dat file straight away.
Is this the same wallet.dat file but encrypted with a one time pad using urandom?
The first was simply based64 encoded. The person who won decoded it and earned the btc.
Now you have a second file which when decoded is obviously not a wallet.dat file straight away.
Is this the same wallet.dat file but encrypted with a one time pad using urandom?
September 01, 2011, 08:47:57 PM
Oh, if you crack the correct one i'll send 1BTC to the address in the wallet
Are they two separate wallets, then?No, hence my request that you not do the obvious to crack it.
Tell me how to crack it without having the plaintext and i'll send you 1BTC.
September 01, 2011, 08:47:16 PM
Oh, if you crack the correct one i'll send 1BTC to the address in the wallet
Are they two separate wallets, then? September 01, 2011, 08:46:38 PM
*That* looks better. Now let's take a look... 
You have the plaintext, don't do the obvious to crack it
September 01, 2011, 08:45:06 PM
Oh, if you crack the correct one i'll send 1BTC to the address in the wallet
September 01, 2011, 08:44:29 PM
*That* looks better. Now let's take a look...
You have the plaintext, don't do the obvious to crack it
September 01, 2011, 08:43:51 PM
*That* looks better. Now let's take a look...
September 01, 2011, 08:42:18 PM
I see it as well. Maybe I'll give it a go tonight if nobody else gets around to it.
Nevermind... found 0.10 coins. Your urandom is certainly broken. It wasn't XOR'd at all...LOL
Well done, for the record here's the correct one:
http://sprunge.us/PcLi
September 01, 2011, 08:41:44 PM
I guess the only thing i can think of is that urandom is not as good as random.
As in it might just use a seed number. Also he appears to have limited his characters to printable stuff?
As in it might just use a seed number. Also he appears to have limited his characters to printable stuff?
It's base64 encoded silly.
Clue:
wallet.dat has structure and urandom is not truely random
yea.. i was hoping to correct my post before someone quoted me..
and b64decode seems to have trouble with it on fbsd. no begin line. i will google.
ah.. -r fixed that issue.. but it seems i am too late.
But I am very curious what the solution was.
Jump to: