Author

Topic: Possible to use brute force to re-gain access to a wallet? All but 1 char known (Read 3420 times)

legendary
Activity: 3682
Merit: 1580
I was referring to your 3 posts in this thread. Numbers 1, 9, 37
legendary
Activity: 1106
Merit: 1016
090930
I had already sent it before I made that post.  Wink

Great, thanks Smiley
full member
Activity: 208
Merit: 100
I had already sent it before I made that post.  Wink
legendary
Activity: 1106
Merit: 1016
090930
Is there no such thing as a free bitcoin transaction? I'd also like to propose knol.pw invites as a tip. Ebook website with an amazing selection, extraordinary discounts on all books (most books are under one dollar).



I'd rather go for the regular btc tip - perhaps you can just make it 0.0001 less, to account for the required fee...
Thanks Smiley
full member
Activity: 208
Merit: 100
I thought the OP was a spammer. He's been dropping website URLs since his first post. 3 so far now.

What a bunch of nonsense. If you look at the history of my posts, you'll see that all of my original posts are typical newcomer questions with no links to outside sites. The only website I can recall mentioning (and sometimes I don't even link to it as I exclude the http) is the one mentioned in my last post in this thread, which is actually a good quality website and you'll find people on the web asking for invites for it (http://www.reddit.com/r/Invites/comments/1y794m/w_ebookoidcomknolpw_invite/). And I made a thread on bitcointalk specifically asking if it was OK to promote this website (Against the rules?) before I ever even posted it! I'd also like to point out that when I first made a thread about this website, it wasn't even invite-only, it was open to everyone, and I was simple generously passing it along. And the only deal I ever made was asking someone to send me a dollar because I needed at least one dollar to keep my account -- and the site went back into invite-only mode which means I wouldn't be able to simply re-register -- and in exchange for the dollar I would give an invite. And once again, when I initially promoted the website, invitation was completely open and I was totally unaware that it was subject to close and become exclusive; my initial motivation was nothing more than passing a long an incredibly valuable website that takes bitcoins. Anyway, I eventually got someone to give me a dollar, which enabled me to keep my account. You're obviously not keeping track of things too well and your accusation is ridiculous.
legendary
Activity: 3682
Merit: 1580
I thought the OP was a spammer. He's been dropping website URLs since his first post. 3 so far now.
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
Bitcoin's become so popular that it's hard to get a free transaction processed now.
full member
Activity: 208
Merit: 100
Is there no such thing as a free bitcoin transaction? I'd also like to propose knol.pw invites as a tip. Ebook website with an amazing selection, extraordinary discounts on all books (most books are under one dollar).

legendary
Activity: 1106
Merit: 1016
090930
Glad to hear that you recovered access. I for one wouldn't mind a little tip - always motivating!  My address is in my signature.
full member
Activity: 208
Merit: 100
After reviewing the thread, it seems like flatfly, cp1, and OnkelPaul are tip-worthy (not to sound condescending). Multiple people combined with the fact that I only have $100 bitcoins and $150 in the bank, I'll tip those who specifically ask me for a tip.

and/or post the script that you used, so it can be helpful to others in the future...

It was already referenced on the first page.
full member
Activity: 209
Merit: 148
Great news!  Would be nice to tip the people that helped, and/or post the script that you used, so it can be helpful to others in the future...
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
full member
Activity: 208
Merit: 100
Guess what guys? I re-gained access to my wallet.  Smiley
legendary
Activity: 1039
Merit: 1005
Open another console window and do whatever you need to do in that window.
It looks as if the bitcoind isn't really backgrounding when started in a Windows console.

Onkel Paul
full member
Activity: 208
Merit: 100
Every fifteen minutes or so a new one of these pops up.

Unable to type anything.


legendary
Activity: 1106
Merit: 1016
090930
I tried what flatfly reccommended. It revealed a process that just kept building text (one thing I caught was that it kept trying connections). I eventually accidentally unplugged my computer.

That's probably just your daemon trying to catch up with the blockchain. Anyway, we don't need this to bruteforce the wallet, so add '-maxconnections=0' to the command line to disable connections:

Code:
bitcoind.exe -daemon -printtoconsole -maxconnections=0
full member
Activity: 208
Merit: 100
I tried what flatfly reccommended. It revealed a process that just kept building text (one thing I caught was that it kept trying connections). I eventually accidentally unplugged my computer.
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
Maybe it just does that on windows.  You can open a second cmd.exe and try bitcoind getinfo and see if it's responding.
legendary
Activity: 1106
Merit: 1016
090930
Same fuckin' thing. It just deadens the cursor.



Add "-printtoconsole" so you can see what it's actually doing:

Code:
bitcoind.exe -daemon -printtoconsole

Once the daemon has finished initializing and is actually in listening mode, start your Ruby script.
full member
Activity: 208
Merit: 100
Same fuckin' thing. It just deadens the cursor.

cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
full member
Activity: 208
Merit: 100
When I type in bitcoind -daemon (Revalin's instructions have one dash, not two as you indicated) in the command prompt, it puts it into a state where I'm unable to type anything. The cursor or whatever just remains there, blinking, and there's nothing I can do but close the program.

Bitcoin Roaming folder, bitcoin.conf file, and what is described above ->





NOTE: I don't use the armory, but I ran it once.


cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
Download notepad++
Make a new file, enter:

rpcuser=krkfifeioefwk
rpcpassword=34kjjrkjr4kljfu9vf9uvfu98vdskj34kjfsadup9gfi9gtr0u89t484thu

save as bitcoin.conf in C:\Users\username\AppData\Roaming\Bitcoin\ (change username to your windows username)
full member
Activity: 208
Merit: 100
Basically you need to create a textfile named bitcoin.conf in C:\Users\username\AppData\Roaming\Bitcoin\ (change username to your username)

In the textfile you probably only need:

rpcuser=somename
rpcpassword=somepassword

Make the password a long gibberish thing

This part confuses me.

Thanks a lot for your help!
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
You need to allow command line access to bitcoind because the program needs to automatically check whether the password works.  See here:

https://en.bitcoin.it/wiki/Running_Bitcoin#Bitcoin.conf_Configuration_File

Basically you need to create a textfile named bitcoin.conf in C:\Users\username\AppData\Roaming\Bitcoin\ (change username to your username)

In the textfile you probably only need:

rpcuser=somename
rpcpassword=somepassword

Make the password a long gibberish thing

Once you have that file, open a command window (start, type cmd in the box, and select cmd.exe)
then type:
cd C:\Users\username\AppData\Roaming\Bitcoin\  (replacing username)
bitcoind --daemon

Count to 10 and type
bitcoind getinfo

If it gives you some information (current block, etc) that means you're connected and you can then run the ruby script
If it says not connected then count to 10 and try again.
full member
Activity: 208
Merit: 100
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
Don't trust that recoinvery website.

First, what OS are you using?
sr. member
Activity: 531
Merit: 260
Vires in Numeris
Also, I have no idea what this means:

--
edit: This also requires a running bitcoind.
1. set "rpcpassword=somerandomcrap" in .bitcoin/bitcoin.conf
2. run "./bitcoind -daemon"
3. run "./bitcoind getinfo" until it starts returning data instead of errors
4. then run the script above.
--

At least on Linux, where the wallet.dat is stored is normally also a bitcoin.conf with configure options as a text file. If it doesn't exist, above is suggesting create that with at least a line that is rpcpassword=randompassword; then run the daemon rather than the GUI QT by running ./bitcoind -daemon; the ./bitcoind getinfo is just a check that it's completed scanning the blockchain and is ready to reply to requests from the script. ".bitcoin/bitcoin.conf" is normally in the user's home directory on Linux as a hidden directory which is the . before bitcoin. So == ~/.bitcoin/bitcoin.conf - on other OS, look to where ever your wallet is for similar.


Be very careful if you download that other application.. paranoid careful. At least disconnect the internet and reboot before reconnecting in case it's a trap.
full member
Activity: 208
Merit: 100
Look at this thread:  https://bitcointalk.org/index.php?topic=85495.0

You will find a whole lot of brute-forcing scripts by revalin. They rescued many, many coins...

There you go, check post #26.  You just need to install ruby.  You can delete the parts you don't need, since you just want to insert a character.

#26

I imagine I just copy his code into a text document and rename it .rb or .rbw or something (the two file types the installer mentioned)?

Also, I have no idea what this means:

--
edit: This also requires a running bitcoind.
1. set "rpcpassword=somerandomcrap" in .bitcoin/bitcoin.conf
2. run "./bitcoind -daemon"
3. run "./bitcoind getinfo" until it starts returning data instead of errors
4. then run the script above.
--

Also, in his post below that one he presents an alternative code that will try "double substitutions." What does he mean by that?



I was about to download it, but it wouldn't let me download it without giving my email address, which I see as very poor etiquette.
sr. member
Activity: 531
Merit: 260
Vires in Numeris
Perhaps you misread two of the characters or missed one such as : at the start. If there might have been '' mistaken for " or ^; ] for l or | etc; or a duplicate character; etc, then those might be worth looking at. I'd expect it's just one error, so limited number of those to check.

Since you have the wallet, you could post the password here and see if there are obvious typo errors that can be suggested for that.
legendary
Activity: 1218
Merit: 1003
We are the champions of the night
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
Look at this thread:  https://bitcointalk.org/index.php?topic=85495.0

You will find a whole lot of brute-forcing scripts by revalin. They rescued many, many coins...

There you go, check post #26.  You just need to install ruby.  You can delete the parts you don't need, since you just want to insert a character.
legendary
Activity: 1039
Merit: 1005
Be very careful with external services offering to crack your password. They might have hidden agendas...

Onkel Paul
legendary
Activity: 1106
Merit: 1016
090930
Look at this thread:  https://bitcointalk.org/index.php?topic=85495.0

You will find a whole lot of brute-forcing scripts by revalin. They rescued many, many coins...
full member
Activity: 208
Merit: 100
I'd appreciate it.

Was planning on taking an online class in programming, even before this happened.

SkilledUp is a great website that reviews all different educational entities.
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
It's a pretty simple program.  If you can install python I can probably whip something up tonight, or somebody else might beat me.
administrator
Activity: 3962
Merit: 3184
If you're interested to learn, https://codecademy.com is a great resource with interactive lessons, including Python.
legendary
Activity: 1039
Merit: 1005
Unfortunately I can't code. Would it be feasible to learn how within a week's time?

Probably yes, it depends on how fast you learn and how valuable your own time is.
The programming task is pretty simple (listing all the passwords takes just 5-6 lines of code, checking them against bitcoind would probably be somewhat similar, and since this is a one-shot task, you don't have to go through all the tedious error-handling and GUI stuff).

If you've got some free time and not much money to spend on someone else who does it for you, you should definitely go for it. Programming is a valuable skill, and being able to write small pieces of code (or even just understanding how some code works) is pretty useful.

Search for a python tutorial on the web, and try to work through it, then you should be able to write a bruteforce tool for your wallet Smiley

Onkel Paul
full member
Activity: 208
Merit: 100
Unfortunately I can't code. Would it be feasible to learn how within a week's time?
legendary
Activity: 1039
Merit: 1005
If you can code you could write such a program, for example in python (best choice would probably be to use the bitcoind walletpassphrase command over JSON-RPC).
I don't have time at the moment, otherwise I'd offer to code it for a small fee Smiley

Onkel Paul
full member
Activity: 208
Merit: 100
Awesome! I hope there's a brute force program that can be applied to Bitcoin-Qt.
legendary
Activity: 1039
Merit: 1005
That should be absolutely possible.
If you consider the 15 possible positions of the missing character, and about 60-90 possible characters (depends on whether the password generator used only letters and digits or other characters, too), that would be about 900-1350 different passwords to try - if it wasn't so tedious you could even do this semi-manually (generate the passwords using a very simple program, and enter them into the wallet program using copy-and-paste) within 3 or four hours.
A program that can check wallet passwords from a given list automatically would do it in 1-2 seconds.

Onkel Paul
full member
Activity: 208
Merit: 100
I created a password for my Bitcoin wallet using passwordsgenerator.net, set to 15 characters of all types. I wrote the password down, but when I tested it I was surprised to see it didn't work. I counted the amount of characters I had written down and there were only 14 characters. Obviously, I missed a character. Since I know all but one character in this 15 character password, I was wondering if it would be possible to successfully brute force my way back into my wallet.
Jump to: