Topic: lost password on blockchain.info wallet - page 2. (Read 26697 times)

that's easy, because blockchain is a online wallet and owned by blockchain, you only need to prove that the wallet is really belong to yours , and then they will help you deal with it.

Wait, you're not a native English speaker?? Your English is much better than many (most?) native speakers I've seen on this board...


Sorry, I actually don't know that much about JtR... but I think that the --wordlist option just takes the input file and uses each line as a single password, so nothing at all like btcrecover's token file. JtR can make all sorts of alterations to each line, but I don't know much about making JtR construct whole passwords the way btcrecover does.

You can however use both programs together: you can run btcrecover with the --listpass option (and with no --wallet), and it will generate and output whole passwords to test, one per line, and then you can use JtR (with it's better cracking speed) to actually try the passwords. I imagine there's a way for JtR to accept passwords directly from it's stdin, so you could pipe the output of btcrecover directly to JtR, e.g.



Oops, my mistake, thanks.

Well, I should have read better! Since english is not my native language and there was a lot of text I did not read everything (yet)
Also due to the fact I could not wait to begin testing

I'm trying to use a wordlist with JtR but I can't really get it to work.
My hash file looks good, I extracted the hash from a blockchain.info wallet with the tool called blockchain2john.
The password is something like house1tree2
I made a wordlist.txt

But when I run john with:

I get:

Then I do:

and get:

What's wrong? All the words are in the wordslist.

By the way, there is a small error in the code you gave earlier.

should be:
(wallet extension changed from json.aes to aes.json)

Sure, here's a token file:


That third token becomes all combinations of numeric digits, between 2 and 5 digits long, and can appear in the beginning, end, or between the other two tokens. It's described here in the tutorial: https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#expanding-wildcards

If you'd like to restrict that wildcard token to the end, you'd use this:


That "$" forces it to be at the end (if present at all, it doesn't make the token required in every try). That feature is described here: https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#anchors

Yes, it's already bruteforcing a "wallet.aes.json" file without wordlist. It seems to work, no success with the password yet (just testing on a slow laptop)

It seems that no special effort should be done to compile for OpenCL or Cuda. Am I right?
The install file says:


Well, I mean if you know that the password contains "house" and "tree" and 2 or 5 other characters/numbers. Is it still possible to bruteforce through all these options?
Like
housetree11111
housetree11112
housetree11113

Yup, that's the one. I don't know if you've finished compiling the bleeding version yet, but it might be worth getting an OpenCL or Cuda version compiled and working, it runs around 8ish times faster than the CPU-only version (and FYI CPU-only JtR runs about 6 times faster than btcrecover with Python 2.7.8+).


What do you mean by "bruteforce any unknown characters"?

So I got this up and running and was able to crack a zip file which I encrypted with a simple password.
I was amazed to see how quick the password was cracked.
First I had to extract the password hash from the encrypted zip file and then I had to do "./john zip.hash"

But how do I extract the password hash from the "wallet.aes.json"?
edit: now downloading bleeding version, I saw something about blockchain2john, might be it.
edit2: definitely it! I'm now trying to bruteforce his wallet I might try it first with my own test wallet and some tokens to see if it is really succesful

I also managed to have this tool up and running. I made myself a new blockchain wallet with a password like "house23tree1"
It took 30 seconds to crack the wallet. I made a token file with about 7 words and numbers.
Very nice tool if you know all contents of a password, but not exactly what came first and last.
As far as I can see I was not able to bruteforce any unknown characters. You really should put everything into the token file

Great find!
I might consider using this service when I'm not able to bruteforce it myself.

Thanks.

I happened to come across this thread about an hour ago randomly and I think it might be perfect timing for you and your friend to get some help in a safe & secure way by a trusted member. Good luck to you guys I hope you are able to regain access to your wallet.

Thank you very much! This is very helpful


I will go for John the Ripper first. I'm on linux as well as windows.
I don't have much compilation experience but I did it a few times in the past. Last time I had to do it with vanitygen which worked out well.
Otherwise I will try the btcrecover method.

Thank you very much for your help, I hope I'm able to recover the wallet.
I asked my friend if there is a bounty, if so, you'll get 50% of my bounty if I'm successful

I thought I might be able to help out a little bit here...

To download the (encrypted) wallet from blockchain.info, run this from the command line (Linux or Windows, but for Windows you need to install Python 2.x first).


(Obviously you'll need to change the UUID to match yours first.)

For brute-forcing the password, I'd recommend one of two options.

If the downloaded file doesn't start with these two characters: {" , and if you've created or modified (e.g. added new receiving addresses) to it at sometime after March, 2012 (when the wallet format changed again), and if you're on (or have easy access to) Linux and are comfortable compiling software, then I'd recommend John the Ripper ("bleeding-jumbo" version). It's faster than the alternative (and much faster with a GPU).

Otherwise, I'd recommend btcrecover (course I'm biased since I'm the dev of that one...). It supports some blockchain.info wallet formats that JtR doesn't, and it's easier to set up (no compilation necessary), especially on Windows. The Quick Start is available here: https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#btcrecover-tutorial. Let me know if you have any questions about it...

The wallet is probably somewhere hidden in these lines of code

Do you happen to know the encryption method used to encrypt the wallet?
edit: it is aes, just found out.


So I fill in the identifier and look in my browser cache?
edit: if I save the page, I see a lot of stuff, but not a file called "wallet.aes.json"

Thanks for the detailed answer btw.

This is not good.  The wallet cannot be accessed without discovering the correct password.


This helps. As long as the password is "easy" enough, you may be able to brute-force it.


As long as you are certain that you have the correct identifier, you shouldn't need a backup of the wallet.  If you don't have the correct identifier, you'll either need a backup or you'll need to figure out what the correct identifier is.


No.  The identifier is a unique identifier created by blockchain.info.  It is a reference into their database indicating where the encrypted wallet is stored on their system.


To brute-force the password, you'll need to know as much as possible about what the password is likely to be.  Then you'll need to use the identifier to get a copy of the encrypted wallet.  Then you can attempt to decrypt the wallet with the various possible passwords until you find one that successfully decrypts it.


Correct.  The private keys are all encrypted with the password.  blockchain.info does not store the password.  Therefore, if you don't have the password, you cannot decrypt the private keys.


Correct.  The identifier is just information for blockchain.info telling them where on their system they have stored the encrypted wallet.


Correct.


I'm not sure if they store a copy of the wallet on the phone.  Regardless, as long as you have the identifier you should be able to get the wallet from blockchain.info


blockchain.info stores it in their database.  They send a copy to your browser when you supply the identifier.

He has got an iphone.
Where could the wallet be stored in an iphone?
Where is the wallet stored when accessing the wallet through a browser in windows?

I know blockchain can't reset the password. I'm looking for the wallet file.

The identifier is the filename of your wallet, your identifier do not change when you change your wallet password. The wallet file is encrypted with your password. You forget your password, you loose your coins. Blockchain.info can't reset it for you.

The website says that when you forget your password, you'll lose all your stored bitcoins.

Edit: I don't think that the identifier represents the encrypted private key.
If that was the case, anyone who knew the identifier could bruteforce it.

Edit 2: I don't think that the public key has anything to do with the blockchain password.

a friend of mine can't access his wallet anymore.
The passwords are not accepted. He probably forgot his password.
He probably used an easy password as well.
But he hasn't got a backup of the wallet, but he does have the identifier.

Does the identifier represent the encrypted private key?
If so, knowing the public key as well, I can try to brute force the password or am I missing something?
The wallet contains 0.22 BTC