Author

Topic: Multibit Classic 0.5.19 lost password (or bug) (Read 947 times)

newbie
Activity: 5
Merit: 0


How can i restore my wallet and get access to my funds?

Can i try any more tools (or check for any bugs) or should i start bruteforcing it and pray for luck?




To try to brute force it you should check hashcat. There are some pretty useful rules
newbie
Activity: 5
Merit: 0
Hello.

I need help.

I created my Multibit Classic wallet in late 2013, made everything just as it recommended (password encrypted my wallets), tested it (received, sent, again received some BTC)... and moved it to the cloud storage for years.

I never used it since then and yesterday i decided to send some funds.

1. I found my wallet backups + Multibit 0.5.15 executables, installed the wallet and waited until blockchain sync. It took quite some time.
2. I successfully opened my wallets, it showed how much funds do i have etc.
3. I have 2 wallets. 1 has small amount of BTC (test one) and 2nd is my main wallet with a large sum. Both are password protected. 2 passwords are different.
4. I sent a small portion of BTC from test wallet successfully (entered password).
5. I tried to send BTC from my main wallet and got error "The wallet password Incorrect".
I am 90% sure I remember my password (i have it written on the paper along with test wallet password which works).
I tried all passwords and combinations i can imagine - same result.

I tried to research for a bug and found out many posts about similar problems.

I tried to use this library
https://github.com/HardCorePawn/multibit_recovery

My result is :
incorrect password.

Then I tried to get the private key from my test wallet. And i got the key as a result (password worked).

How can i restore my wallet and get access to my funds?

Can i try any more tools (or check for any bugs) or should i start bruteforcing it and pray for luck?




Do u still have the issue? I can handle it https://docs.google.com/document/d/1KNeCINN9EAgzGX9z0jlFZg6CTCicOmfYfemzNfdZe4Q/edit?usp=sharing
newbie
Activity: 12
Merit: 0
It took me 4 months trying out 3 different methods and the one that ended up working is now scalable and easy now for me to deploy.
Any chance you can document this solution somewhere to help the community out? Or are you looking to "sell" your knowledge? Huh

Given:
- the time, efforts and resources I had to put into this
- the value for people to get back access to thousands of euros or dollars (that's mostly bonus since I guess few people buy BTC at $45,000 to get locked a few days later... it's rather people that have been locked for years and have generated profits as long as we're at an ATH)
- my need for honest, hard-earned revenue (I'm not a philantropist billionnaire)
- how much other people like Dave @WRS charge

...it wouldn't make sense for me to give it all away for free right now. Don't get me wrong, it's "just" software and hardware and if I was in a very different financial situation myself, I would consider uploading my scripts and instructions to a github repo and let everybody use these tools to help themselves.

But the way I see it, I'd need to crack a few valuable wallets before this happens. Also, some people will never put together the software and hardware required to run it because they don't want the trouble.

I know there are other last resort options when it comes to unlocking wallets and people are welcome to try them out.
But I do believe there are niche situations where my service can be more appropriate.

FWIW, my friend was so happy he gave me 33% of his wallet and thanked me with a nice wine bottle. I didn't expect so much but we're both very happy with the outcome. He told me: "The way I see it, it was either 0 BTC / 0 € forever or some BTC / some € to share with a friend."
HCP
legendary
Activity: 2086
Merit: 4361
It took me 4 months trying out 3 different methods and the one that ended up working is now scalable and easy now for me to deploy.
Any chance you can document this solution somewhere to help the community out? Or are you looking to "sell" your knowledge? Huh
newbie
Activity: 12
Merit: 0
Any luck? or ideas?  Roll Eyes

For what it's worth, I firmly believe that Multibit's way of storing passwords is corrupt. Once I recovered my friend's password, he told me it was based on the password he had used but had some unreadable characters in it (the kind you can't type on your keyboard). Even when pasting the password from my software into Multibit's GUI, it kept saying it was the wrong password. I had to do it a whole different way through scripts, openssl, CUDA...

Anyways, you'll see me posting here and there about this topic. I do hope people can save time at the very least not trying to input the password in the GUI until their fingers are bleeding. It took me 4 months trying out 3 different methods and the one that ended up working is now scalable and easy now for me to deploy.

If anyone here is based in France or wants to chat about this, I'm open. Those like me based in France: we can even have a call.
It's not my job but I did it once and think I can do it twice, at least with this specific version. Good luck otherwise Smiley

EDIT: if you don't want to get technical and you don't need too much help, you can first try by following Multibit's own (deprecated) suggestions here https://github.com/Multibit-Legacy/multibit

Cheers!
newbie
Activity: 61
Merit: 0
Honestly it only occurs to me to try different multibit installations. Even maybe older versions with different OS and replace all in appdata folder.
HCP
legendary
Activity: 2086
Merit: 4361
Any luck? or ideas?  Roll Eyes
Honestly? No.

At this point, about all I could suggest is using something like BTCRecover (I'd recommend this version: https://github.com/3rdIteration/btcrecover/) and trying the "typos" functionality (https://github.com/3rdIteration/btcrecover/blob/master/docs/TUTORIAL.md#typos).

As, in the event that the files were corrupted, then the chances of being able to recover the keys a probably relatively low. There is basically no error correction in AES256-CBC, so if the file has become corrupted/modified in any way, being able to restore it to a "correct" state would be nearly impossible without some prior knowledge of the previous state.
newbie
Activity: 4
Merit: 0
Any luck? or ideas?  Roll Eyes
newbie
Activity: 4
Merit: 0
Thank you for your reply  Smiley

The password for one of the wallets contains a '. This password is extremely long, almost 40 characters, but its basically words, no random lettters, so more difficult to get wrong.

The password for other two wallets only contains letters and numbers.

So three wallets, all passwords wrong, seems unlikely to me, and more likely that there was something wrong with the encoding of the backup key file? But like you mentioned, it doesnt seem corrupt, since its not giving any weird messages using your script, just the incorrect password message. I've tried all three scripts for the .key .wallet and .cipher file, all the same problem.

I can't see any reason why the computer would of been in a language other than English, but i was in China for that period whilst I was using the wallet. I don't speak chinese and the computer was not bought from China, it was a Macbook.

Spencer
HCP
legendary
Activity: 2086
Merit: 4361
Out of curiosity... do your passwords contain any "special" characters or are they all just alphanumeric (ie. letters and numbers only)? Huh

Also, were the wallets created on computers where English was not the default language setting? Huh
newbie
Activity: 4
Merit: 0
This is the out put of the parsed wallet file, I blanked some readings out just in cae im exposing sensitive data..


network_identifier: "org.bitcoi[Suspicious link removed]oduction"
last_seen_block_hash: "\000\000\000\000\000\000\000\000Q\037\204s)\035\037\372bv\323Q\217RS\031ke\241a\242,\021\215"
key {
  type: ENCRYPTED_SCRYPT_AES
  public_key: "\0035l\332\025\277G\3... blanked out"
  creation_timestamp: 1402303888000
  encrypted_data {
    initialisation_vector: "&\322DY\227_\217\347prk\241\317~Q\000"
    encrypted_private_key: --blanked out
  }
}
encryption_type: ENCRYPTED_SCRYPT_AES
encryption_parameters {
  salt: "E\007\313H.\200}\350"
}
version: 2
extension {
  id: "org.multibit.walletProtect.2"
  data: "\000"
  mandatory: true
}
description: "Savings"
last_seen_block_height: 304923
key_rotation_time: 0
last_seen_block_time_secs: 140230507
newbie
Activity: 4
Merit: 0
Basically, at this point you are down to "brute force"... btcrecover (https://github.com/gurnec/btcrecover) is probably your best option...

If the password was correct, but the file was corrupt, you'd probably get weird output from my multibit_recovery scripts... But you're getting password is incorrect, which tends to indicate exactly what it says... the password is incorrect. Undecided

I have the exact same problem. Three seperate wallets, three seperate passwords, all giving the "password is incorrect"" when running your script on the .wallet .key and .cipher files. It CANNOT be that all three passwords are incorrect, they are independantly written down and just not working.

I know these passwords have worked before in 2014 because I used them to make payments. I actually gave up back then, but I''m now picking this up again, with the hope of recovering the coins.

My only other thought, maybe the multibit classic wallet corrupted the password??

Finally, maybe in an upside, I still have a running version of the Multibit Classic wallet on an old cloned drive, could this help? I can see the wallets, and the balances, just can't export the keys or send any bitcoin, because it is saying password incorrect.

Would greatly appreciate this help!
newbie
Activity: 1
Merit: 0
Still need help? I own a company specialized in retrieving lost pw
HCP
legendary
Activity: 2086
Merit: 4361
Basically, at this point you are down to "brute force"... btcrecover (https://github.com/gurnec/btcrecover) is probably your best option...

If the password was correct, but the file was corrupt, you'd probably get weird output from my multibit_recovery scripts... But you're getting password is incorrect, which tends to indicate exactly what it says... the password is incorrect. Undecided
member
Activity: 200
Merit: 10
STEM - football token exchange market!
Hello.

I need help.

I created my Multibit Classic wallet in late 2013, made everything just as it recommended (password encrypted my wallets), tested it (received, sent, again received some BTC)... and moved it to the cloud storage for years.

I never used it since then and yesterday i decided to send some funds.

1. I found my wallet backups + Multibit 0.5.15 executables, installed the wallet and waited until blockchain sync. It took quite some time.
2. I successfully opened my wallets, it showed how much funds do i have etc.
3. I have 2 wallets. 1 has small amount of BTC (test one) and 2nd is my main wallet with a large sum. Both are password protected. 2 passwords are different.
4. I sent a small portion of BTC from test wallet successfully (entered password).
5. I tried to send BTC from my main wallet and got error "The wallet password Incorrect".
I am 90% sure I remember my password (i have it written on the paper along with test wallet password which works).
I tried all passwords and combinations i can imagine - same result.

I tried to research for a bug and found out many posts about similar problems.

I tried to use this library
https://github.com/HardCorePawn/multibit_recovery

My result is :
incorrect password.

Then I tried to get the private key from my test wallet. And i got the key as a result (password worked).

How can i restore my wallet and get access to my funds?

Can i try any more tools (or check for any bugs) or should i start bruteforcing it and pray for luck?


Jump to: