Thanks for the link now i understanding it better
Sure. There is a lot of information here and online, many times it is difficult to know where to start to find an answer.
:-)
Topic: Need help extracting keys from wallet.dat (Read 2594 times)
Sure. There is a lot of information here and online, many times it is difficult to know where to start to find an answer.
:-)
Thanks for the link now i understanding it better
Wait if you can get the private key from a wallet.dat where is the security then 
Encrypted wallet, making sure your machine is not infected by malware - or better, not connected to the network.
See:
https://en.bitcoin.it/wiki/Wallet
Wait if you can get the private key from a wallet.dat where is the security then
How you did that? can you write me please at this email adresse [email protected] . Please help
Unless there's a good reason to keep things private, discussing them publicly is preferred because it can help out people later on with the same problems.
Can you describe the problems you're having? Which wallet software are you using? Have you added a password to the wallet?
Got my private key using the following script:
https://gist.github.com/msm595/7595164
ctrl+f on the output to find my address and corresponding private key(unencrypted), then use the import/export function on blockchain.info to sweep my coins to a new address.
https://gist.github.com/msm595/7595164
ctrl+f on the output to find my address and corresponding private key(unencrypted), then use the import/export function on blockchain.info to sweep my coins to a new address.
Thanks to these two helpful articles:
https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses
https://en.bitcoin.it/wiki/ECDSA
I have determined that my public keys are compressed, and that uncompressed keys starting with 0x04 are a thing of the past.
These are my next possible steps:
1. Determine how to decompress my public keys and continue which what I was doing before using the decompressed keys.
2. Extract all possible 32 byte private keys and generate public keys and hashes of those public keys until one of these hashes matches the hash for my address.
It occurs to me that if the runtime for going from 32 byte private key to hash of public address is small, as long as someone has the correct address, they should be able to essentially brute force an entire hard drive to find the private key that is associated with the address. That would be a cool recovery tool to have, it would be slow but sure to work. Also if the runtime is too long, you could start with byte sequences that have higher entropy, because byte sequences with low entropy are unlikely to be private keys.
Any recommendations are appreciated.
https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses
https://en.bitcoin.it/wiki/ECDSA
I have determined that my public keys are compressed, and that uncompressed keys starting with 0x04 are a thing of the past.
These are my next possible steps:
1. Determine how to decompress my public keys and continue which what I was doing before using the decompressed keys.
2. Extract all possible 32 byte private keys and generate public keys and hashes of those public keys until one of these hashes matches the hash for my address.
It occurs to me that if the runtime for going from 32 byte private key to hash of public address is small, as long as someone has the correct address, they should be able to essentially brute force an entire hard drive to find the private key that is associated with the address. That would be a cool recovery tool to have, it would be slow but sure to work. Also if the runtime is too long, you could start with byte sequences that have higher entropy, because byte sequences with low entropy are unlikely to be private keys.
Any recommendations are appreciated.
I am trying to recover a few coins from a wallet on a hard drive with a corrupt filesystem.(Yeah I know backups and all, this is from a while ago and I had planned to spend the balance on this wallet) The standard bitcointools such as dbdump.py will not read any wallet.dat that I construct with found hex bytes from my old wallet. So I moved on to a recovery method described by John Tobey as follows:
https://bitcointalksearch.org/topic/m.126698
Basically his Perl script searches for the regular expression: (/keyA(.{65})/sg) with the 65 characters representing public keys, and uses these public keys to find keypairs elsewhere in the file. If you know the address of your coins(which I do) you can use http://blockexplorer.com/q/addresstohash and http://blockexplorer.com/q/hashpubkey/ to determine which of the public keys you found correspond to the address. You can run your address through addresstohash, and then run hashpubkey on all the public keys you found in the file until a hashpubkey result matches the addresstohash result for your address.
My problem is that the file format has changed since John Tobey figured this stuff out. I don't see any instances of "keyA", instead I see "key!". Simple modifications didn't work and I started testing the methods with a fresh wallet.dat which seems to be in the same format as the wallet I need to recover. When I do this I can never find a public key that corresponds to my address. I have read that the public keys always start with "0x04" so I went as far as to make a python script that returns hashes for all instances of 65 bytes starting with 0x04. Not a single one of these hashes matches the result of addresstohash even for a fresh wallet.
This is where I realize I am stuck, it looks like either public keys are no longer 65 bytes starting with 0x04, the public key corresponding to my address is not even contained in the file, or I am missing something important.
Here is the python script I wrote to generate hashes for all possible public keys:
I have confirmed that instances of 65 bytes starting with 0x04 are returned and hashed correctly. Help would be appreciated, thanks!
https://bitcointalksearch.org/topic/m.126698
Basically his Perl script searches for the regular expression: (/keyA(.{65})/sg) with the 65 characters representing public keys, and uses these public keys to find keypairs elsewhere in the file. If you know the address of your coins(which I do) you can use http://blockexplorer.com/q/addresstohash and http://blockexplorer.com/q/hashpubkey/ to determine which of the public keys you found correspond to the address. You can run your address through addresstohash, and then run hashpubkey on all the public keys you found in the file until a hashpubkey result matches the addresstohash result for your address.
My problem is that the file format has changed since John Tobey figured this stuff out. I don't see any instances of "keyA", instead I see "key!". Simple modifications didn't work and I started testing the methods with a fresh wallet.dat which seems to be in the same format as the wallet I need to recover. When I do this I can never find a public key that corresponds to my address. I have read that the public keys always start with "0x04" so I went as far as to make a python script that returns hashes for all instances of 65 bytes starting with 0x04. Not a single one of these hashes matches the result of addresstohash even for a fresh wallet.
This is where I realize I am stuck, it looks like either public keys are no longer 65 bytes starting with 0x04, the public key corresponding to my address is not even contained in the file, or I am missing something important.
Here is the python script I wrote to generate hashes for all possible public keys:
Quote
import hashlib
import array
import binascii
import re
f=open("C:\Users\user1\AppData\Roaming\Bitcoin\wallet.dat", "rb");
A=f.read()
hexstr=binascii.hexlify(A)
ms=re.findall('04.{128}',hexstr);
#ms=re.findall('key!(.{65})',A);
hlist=[];
pklist=[];
print len(ms)
for m in ms:
pklist.append(m)
mraw=binascii.unhexlify(m)
dSHA2=hashlib.sha256(mraw).digest()
h = hashlib.new('ripemd160')
h.update(dSHA2)
dR160=h.hexdigest()
hlist.append(dR160)
refhash='60c3ce5d7343f66d2fabea37dcf749828facc7ca'
for h in hlist:
print h
import array
import binascii
import re
f=open("C:\Users\user1\AppData\Roaming\Bitcoin\wallet.dat", "rb");
A=f.read()
hexstr=binascii.hexlify(A)
ms=re.findall('04.{128}',hexstr);
#ms=re.findall('key!(.{65})',A);
hlist=[];
pklist=[];
print len(ms)
for m in ms:
pklist.append(m)
mraw=binascii.unhexlify(m)
dSHA2=hashlib.sha256(mraw).digest()
h = hashlib.new('ripemd160')
h.update(dSHA2)
dR160=h.hexdigest()
hlist.append(dR160)
refhash='60c3ce5d7343f66d2fabea37dcf749828facc7ca'
for h in hlist:
print h
I have confirmed that instances of 65 bytes starting with 0x04 are returned and hashed correctly. Help would be appreciated, thanks!
Jump to: