Pywallet 2.2: manage your wallet [Update required] - page 3.

malevolent

legendary

Activity: 3472

Merit: 1722

Quote from: atithasos on April 18, 2021, 01:33:58 AM

Hello Jack,
is it possible to send me the 0.8 version of bitcoin? i try to find executable for windows or a way to make it but nothing.
can you please help me? thanks in advance

If you want the 0.8 version specifically, it's here: https://github.com/bitcoin/bitcoin/releases/tag/v0.8.0

Just make sure you get all of the required dependencies right, as some of them are so old they might not be in your system's default repository. It would also probably be difficult to make this version sync with the current network. edit: or not, oldest node I found is 0.8.1 https://bitnodes.io/nodes/45.127.186.188-8333/

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: atithasos on April 18, 2021, 01:33:58 AM

is it possible to send me the 0.8 version of bitcoin? i try to find executable for windows or a way to make it but nothing.

Bitcoin Core 0.8.6 is available on the Bitcoin Core download repository... you just have to "hunt" for it a little bit: https://bitcoincore.org/bin/insecure/bitcoin-core-0.8.6/ Wink

Do note that this is in the "insecure" folder for a reason... there are security vulnerabilities in this old versions. Caution is advised.

atithasos

full member

Activity: 174

Merit: 100

Quote from: jackjack on January 20, 2021, 04:42:11 PM

Did you try deleting the __db.00x files?
If pywallet still won't work after deleting those then I don't know what's happening

What you can try is downloading an old Bitcoin-Qt/bitcoin-core release like 0.8, 0.9 or 0.10 from what I can see here: https://en.bitcoin.it/wiki/Bitcoin_Core or https://bitcoin.org/en/version-history
https://github.com/bitcoin/bitcoin/releases?after=v0.11.0

Hello Jack,
is it possible to send me the 0.8 version of bitcoin? i try to find executable for windows or a way to make it but nothing.
can you please help me? thanks in advance

HCP

legendary

Activity: 2086

Merit: 4361

If you mean for using the recovery feature of PyWallet, then the answer is no... you have to provide a passphrase for the script and it creates encrypted wallets.

morbius55

full member

Activity: 217

Merit: 109

Is there a way of not entering a passphrase for the recovered wallet but still entering the correct passphrase for the actual recovery, ie leaving the recovered wallet decrypted?

HCP

legendary

Activity: 2086

Merit: 4361

Bitcoin Core will likely have upgraded the wallet to the new wallet version and then refilled the keypool to have 1000 keys. By default the new versions of Bitcoin Core generate bech32 addresses. You can still get it to generate legacy or nested segwit address, but the default is native segwit (bech32) addresses.

Also, have you tried: dumpprivkey ADDRESS_YOU_WANT_THE_KEY_FOR

How did you load the wallet? All you should need to do is shutdown Bitcoin Core... copy the wallet file into the Bitcoin Core data directory and then restart Bitcoin Core. If you didn't rename the old wallet file to "wallet.dat", then once Bitcoin Core has started up, use "File -> Open Wallet ..." menu command and then select the wallet file.

If you did rename it to wallet.dat, then Bitcoin Core should have opened it up by default.

morbius55

full member

Activity: 217

Merit: 109

Quote from: HCP on April 11, 2021, 04:42:41 PM

Quote from: morbius55 on April 11, 2021, 11:49:06 AM

JackJack mentions that pywallet didn't recover compressed keys. Could that be why i'm not able to recover anything from this wallet? Does the old pywallet have trouble recovering and dumping newer wallets. Does a wallet from 2015 fall into this category? Cheers.

Not sure about "recovering"... but it certainly dumps "compressed" keys... the thing you have to remember, is that the private key itself is not "compressed" or "uncompressed"...

It is the public key (and the subsequent hash160 "address") that is "compressed" or "uncompressed". The private key is always a 256bit number.

I think the "new" fields were added when HD wallet support was introduced which was in v0.13... which was released in August 2016... so a wallet created in 2015 should be the old "non HD" wallet type. However, if it was subsequently opened in a newer version of Bitcoin Core, the wallet file was likely "upgraded" (not to HD, but to the new format) which may have added in the fields that cause issues with PyWallet.

This is why I recommend making copies of the original 2015 wallet.dat file and working on the copies.

Again, have you simply tried opening one of the copies of the wallet.dat in Bitcoin Core and using either dumpwallet or dumpprivekey from inside Bitcoin Core? It would be much much easier than trying to deal with PyWallet and it won't matter if the wallet file is old version or new version.

The wallet seemed to load okay into the latest Bitcoin Core but I don't see the address. Here is a wallet dump of it, i'm not sure if I loaded the wallet into core correctly as it seems more complicated than older versions. Why are all the addresses in the newer format? I have obviously deleted most of the private key info.
https://imgur.com/a/vQ5cpCn

morbius55

full member

Activity: 217

Merit: 109

The comment he made about compressed key recovery is in the first comment of this page.

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: morbius55 on April 11, 2021, 11:49:06 AM

JackJack mentions that pywallet didn't recover compressed keys. Could that be why i'm not able to recover anything from this wallet? Does the old pywallet have trouble recovering and dumping newer wallets. Does a wallet from 2015 fall into this category? Cheers.

Not sure about "recovering"... but it certainly dumps "compressed" keys... the thing you have to remember, is that the private key itself is not "compressed" or "uncompressed"...

It is the public key (and the subsequent hash160 "address") that is "compressed" or "uncompressed". The private key is always a 256bit number.

I think the "new" fields were added when HD wallet support was introduced which was in v0.13... which was released in August 2016... so a wallet created in 2015 should be the old "non HD" wallet type. However, if it was subsequently opened in a newer version of Bitcoin Core, the wallet file was likely "upgraded" (not to HD, but to the new format) which may have added in the fields that cause issues with PyWallet.

This is why I recommend making copies of the original 2015 wallet.dat file and working on the copies.

Again, have you simply tried opening one of the copies of the wallet.dat in Bitcoin Core and using either dumpwallet or dumpprivekey from inside Bitcoin Core? It would be much much easier than trying to deal with PyWallet and it won't matter if the wallet file is old version or new version.

morbius55

full member

Activity: 217

Merit: 109

Quote from: HCP on April 11, 2021, 05:21:23 AM

You can try those code alterations... or use my version here: https://github.com/HardCorePawn/pywallet

It essentially has the mods as shown by the commits here: https://github.com/jackjack-jj/pywallet/compare/master...HardCorePawn:master

But before messing around with PyWallet... have you just tried installing Bitcoin Core and opening a copy of the wallet.dat from 2015 that has the address you're after in it? Huh

It would be much much simpler to use dumpprivkey from within Bitcoin Core (it doesn't even need to be synced or connected to the network) and get the private key that way than trying to use PyWallet.

And of course, regardless of whether you are using Bitcoin Core or Pywallet, you'll still need to know what the wallet passphrase is to be able to access the private key.

JackJack mentions that pywallet didn't recover compressed keys. Could that be why i'm not able to recover anything from this wallet? Does the old pywallet have trouble recovering and dumping newer wallets. Does a wallet from 2015 fall into this category? Cheers.

HCP

legendary

Activity: 2086

Merit: 4361

You can try those code alterations... or use my version here: https://github.com/HardCorePawn/pywallet

It essentially has the mods as shown by the commits here: https://github.com/jackjack-jj/pywallet/compare/master...HardCorePawn:master

But before messing around with PyWallet... have you just tried installing Bitcoin Core and opening a copy of the wallet.dat from 2015 that has the address you're after in it? Huh

It would be much much simpler to use dumpprivkey from within Bitcoin Core (it doesn't even need to be synced or connected to the network) and get the private key that way than trying to use PyWallet.

And of course, regardless of whether you are using Bitcoin Core or Pywallet, you'll still need to know what the wallet passphrase is to be able to access the private key.

morbius55

full member

Activity: 217

Merit: 109

Quote from: HCP on February 16, 2018, 03:01:09 PM

Pywallet is very old and the wallet.dat file format has changed since Pywallet was last updated (2014).

It looks like the script does not handle some of the new data fields that are now included in the wallet.dat file. It should theoretically be possible to modify the script to either handle or ignore the unknown fields.

If you just want to dump the file and don't care about making a "valid" wallet.dat... you can edit the pywallet.py file:

Change Line #2111 from:

Code:

d.update(parse_BlockLocator(vds))

to:

Code:

#d.update(parse_BlockLocator(vds))

Then on Line #2502, change:

Code:

json_db['bestblock'] = d['hashes'][0][::-1].encode('hex_codec')

to:

Code:

print("ignored") #json_db['bestblock'] = d['hashes'][0][::-1].encode('hex_codec')

The script will still spit out a whole heap of garbage like this:

Quote

Wallet data not recognized: {'__type__': 'keymeta', '__value__': "\n\x00\x00\x00\xa9\xd2\x85Z\x00\x00\x00\x00\x0bm/0'/0'/28'\x0c[\xfd\xe5\xabu\xfe\xf6\x13\xfb\x98p$F\xa6\xc2\xf1\\\xba\x04", '__key__': '\x07keymeta!\x03\xe3k\x94[F\xb4HO5f
but you should get to see all the key stuff printed out:

Quote

"keys": [
   {
   "addr": "1PLXWsEWa3wrZTGo52FDjGiTP85LBbKRpg",
   "compressed": true,
   "hexsec": ".... removed ....",
   "private": "308ffffffffffffffffffffffffffffffffffffffffffffffffffffff73311b4fb36b7bffffffff ffffffffffffffffffffffffffffffffffffffffffffff48ce3d0101022100fffffffffffffffff ffffffffffffffffffffffffffffffffffffffefffffc2f30060fffffffffffffffffffffffffff fffffffffffffffffffffffffff6f81798022100fffffffffffffffffffffffffffffffebaaedce ffffffffffffffffffffffffffffffffffffffffffffffffffffff002067ddfffffffffffffffff fffffffffffffffffffffffffffffffffffff1298b98e",
   "pubkey": "02067dd94367c87da0d59c5f3b1c400239f846073b2b83b87bc15bc3201298b98e",
   "reserve": 1,
   "sec": ".... removed ....",
   "secret": ".... removed ...."
   }

The important one will be "sec"... that will be the WIF private key and should start with "5", "L" or "K"

I have reason to believe that a wallet.dat i found that is from from 2015 could contain the private key i am after. It seems that my brother in law has got his information mixed up. I opened this particular file up with a file viewer 4 and i could read the address i'm after within it. Do you think i could have any luck with either your code alterations or the newer version of pywallet. Cheers. I didn't have any luck when i ran pywallet on the whole hard drive which contains this wallet file.

HCP

legendary

Activity: 2086

Merit: 4361

You should still be able to locate the address (open the wallet.dat in a text editor and search for: name )... I don't know about the balance though. You'd probably need to look that up on a block explorer rather than relying on any information stored in the wallet.dat file (as it could be years out of date!)

Also, the public keys should not be encrypted... as they're necessary for the wallet to be able to see transaction history/balance etc... and also for watching only wallets. It's why you don't need to enter the wallet password in Bitcoin Core until you want to sign a transaction/message or dump the private keys etc... it is using unencrypted public key data to show the transaction history etc.

zenkei18

newbie

Activity: 5

Merit: 0

For an encrypted private ckey in wallet.dat,
Is the public key portion encrypted as well?

E.g. is it impossible to find the address and balance with this info alone?

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: Pi07r on February 12, 2021, 04:26:15 PM

And here I made very big mistake. I opened wallet.dat file instead of masternode.con (don't know how).

Simply opening the file in a text editor should not cause any modifications to the file... it should have been OK if you simply closed the file again. If you changed anything and then pressed "save", then it would have corrupted the wallet file.

What exactly did you do after accidentally opening the wallet.dat file? Huh

zenkei18

newbie

Activity: 5

Merit: 0

Sorry to bother again. I dont know the password to the mkey and encrypted keys and when I am running the recover function it won't place those keys into the wallet.dat file which is needed to run brute forcing algorithms on. Is there a way to make a wallet.dat that includes all the partial wallet recovery file data too?

Pi07r

newbie

Activity: 2

Merit: 0

Hi,

I have corrupted my syscoin wallet while I was trying to make masternode. I didn't made any backup, yes that was irresponsibly.

This is the instruction which I was following:

1. Open your wallet (MAKE SURE IT IS THE 4.1.3 LATEST VERSION).
2. Go to the “Settings” menu and choose “Options”. In the Main tab enable the “Show Masternodes Tab” option and press “OK”.
3. Go to Syscoin Core root directory (location of wallet.dat) and open masternode.conf file with any basic text editor. This file may already contain # as the first item in the lines. These lines are comments and can be left in the file (to open masternode.conf file on MacOS click on the file, then select the “Open file with” option and choose “TextEdit” application there).

And here I made very big mistake. I opened wallet.dat file instead of masternode.con (don't know how).

I was trying to recover priv key using pywallet, but either my skills are not enough or the wallet is so damaged that is not possible to recover the priv key.
As a pywallet result I received hundreds of keys, but any of them was the private one.

Do you know how I can try to solve this case? Or maybe is here some one who can help?

Thank you in advance
Piotr

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: SheriffBass on February 08, 2021, 10:32:24 AM

do u know off any software that decompress many large backup files as: .pbd, .bkf… to a drive, I found one but it creates a tree and I have to go through every file separately to choose one file and restore Undecided

.pbd files are EaseUS backups and .bkf are Windows Backup files. Both of these are proprietary programs and so the file formats for them are unknown. Which means only the vendor can make a decompress program for their own format. If you have these kind of files then you should restore them with their respective program to a blank hard disk, one by one, and look for your wallet file there.

I don't think these files are even compressed anyway, they are packages inside an "archive file format".

The situation is different if you are looking for decompressing/extracting programs for generic archive files such as .zip, .tar.gz and .7z. These file formats are well-known and so there exist many programs for unzipping them such as 7-zip and WinRAR (trialware).

SheriffBass

member

Activity: 77

Merit: 11

Quote from: HCP on February 07, 2021, 08:23:59 PM

Quote from: SheriffBass on February 07, 2021, 05:49:19 PM

Will this search through All types of folders and files? being compressed, zip, and BKF backup files too?

No... any form of compression will modify the actual structure of the underlying data... it has to, otherwise the data can't get "smaller". This will mean that the script will be unable to detect the wallets by inspecting the bytes for the indicators of a wallet file.

It's the same reason why you can't use the "hex string search" method on zip files etc... the data will have changed, and you can't really know how it will have changed... so the "standard" markers you're looking for won't be found...

The only way to do it would be to uncompress the files and then inspect the extracted files... which could be problematic if the archives are encrypted/password protected... and you don't have the password.

OH crap

!!!
No wonder I can't find any wallets Roll Eyes

will have a long way to find good quality programs to decompress and decipher/make backup files readable to PYwallet then.
I was using windows search looking for .dat files on a 500 GB drive yesterday and it said it needs 1.4TB disk space Shocked

do u know off any software that decompress many large backup files as: .pbd, .bkf… to a drive, I found one but it creates a tree and I have to go through every file separately to choose one file and restore Undecided

zenkei18

newbie

Activity: 5

Merit: 0

If I used pywallet 2.2 what can I do with the partial wallet or how can I use the mkey values to try to brute force the password if I don't know the passphrase? T

Topic: Pywallet 2.2: manage your wallet [Update required] - page 3. (Read 208227 times)