Pywallet 2.2: manage your wallet [Update required] - page 7.

ldb68

newbie

Activity: 20

Merit: 0

Quote from: etotheipi on January 01, 2012, 12:47:45 PM

So I think I will help everyone with this wallet-extraction thing. I was the one that found unencrypted keys in the 0.4.0 encrypted wallet, so I'm pretty sure I can find the encrypted keys

And Armory uses a very similar technique for encryption, so I'm basically already set up for this. A few things I hope someone will be able to answer for me.

(1) I need to find nDeriveIterations. Is there an easy way to find it for a hex-diver like me, or do I actually have to open the DB file with a BDB library to get to it?
(2) I wish I'd thought of using the public key as the IV... that's pretty smart. I assume it is the 65-byte private key that you double-sha256, correct? Then, is it the first 16 bytes that are used for the IV? AES256 IVs are only 16 bytes...
(3) Is there any modification to the passphrase before applying X sha512 operations to it? Is there any PBKDF2 calls somewhere? (if there is, I'm not as well-prepared as I thought)

If anyone wants to simply use the work I've already done and split any appropriate bounties, I would be up for that

I have a python script which currently goes through the wallet.dat file pulls out every single public key, and then grabs any plaintext private keys nearby. Of course, they private keys are not plaintext in this situation, but I can spit out the data where I expect the keys to be. Then using CLI input params, I can actually apply the X sha512 operations and AES256-CBC decryption, provided with X and the passphrase.

I wouldn't mind doing this anyway, because I had planned on creating a wallet-conversion/import tool for Armory, but figured it was too much of a hassle. Maybe now is a good time to deal with it

Hi! I saw your this post on the bitcontalk. I have a question, do not tell me how to find nDeriveIterations in the wallet.dat file?

HCP

legendary

Activity: 2086

Merit: 4314

the _db files are just files that pywallet will create as it is attempting to recover keys etc... I'm not 100% sure if they are bitcoin/wallet specific as such, or if they're just temp data. In any case, what you're looking for after the recover is a "recovered_wallet_xxxxxxxxxx.dat" (where xxxxxxxxxx will be a unix epoch timestamp)

That file will contain any private keys if it finds any... note that it will still create the recovered wallet.dat even if it doesn't find any and it will be able to be read/used by Bitcoin Core, it just won't contain anything.

SheriffBass

member

Activity: 77

Merit: 11

Quote from: morbius55 on September 01, 2017, 10:05:26 AM

Quote from: Osten on September 01, 2017, 09:55:36 AM

Hi, I just found an old wallet from August 2011. I've tried using this tool to recover it and it creates the following files:

_db.001 24k
_db.002 64k
_db.003 264k
_db.004 96k
_db.005 512k
_db.006 48k
wallet.txt 0k

I couldn't find any information as to why it comes out as empty nor did I find any fix to this problem. I also tried using Bitcoin Core to recover it but it didn't work, and also tried bitcoin-qt 0.7.0 but it didn't work either. These are both newer than my wallet but I couldn't find any older clients anywhere.

Does this mean it's completely corrupt? Thankful for any help trying to recover this as I haven't found anyone else with this particular problem.

How did you install this for windows 10 if you don't mind me asking?, Thanks. I really really need to run it on a corrupt wallet.dat that I have.

Did u recover it?
Any luck, ideas or advice?
Do u know if the _db files r Bitcoin/ wallet specific??

malevolent

legendary

Activity: 3472

Merit: 1721

Quote from: SheriffBass on August 23, 2019, 02:15:11 AM

Quote from: malevolent on August 23, 2019, 12:45:57 AM

The instructions are for Bitcoin Core, of course, long ago it didn't have this command so people opted for pywallet. I edited my post because it was incomplete.

If I download and run bitcoin core, does it have a tool to scan through my hard drive for possible wallets??

No, there are other tools for that, the rescanning I referred to scans the blockchain you would have downloaded with Bitcoin Core so that the wallet will know your balance and transaction info.

SheriffBass

member

Activity: 77

Merit: 11

Quote from: malevolent on August 23, 2019, 12:45:57 AM

The instructions are for Bitcoin Core, of course, long ago it didn't have this command so people opted for pywallet. I edited my post because it was incomplete.

If I download and run bitcoin core, does it have a tool to scan through my hard drive for possible wallets??

malevolent

legendary

Activity: 3472

Merit: 1721

The instructions are for Bitcoin Core, of course, long ago it didn't have this command so people opted for pywallet. I edited my post because it was incomplete.

SheriffBass

member

Activity: 77

Merit: 11

Quote from: malevolent on August 22, 2019, 09:17:33 PM

Quote from: SheriffBass on August 22, 2019, 07:54:13 PM

is this a windows command, python command or a CMD command??
how do you use it??

"Help" -> "Debug window" -> "Console" -> importprivkey "yourlabel" false

If you're importing only one private key, or importing the last one, do the rescan and omit the 'false' parameter.

Thanks for the quick response, easy said than done, sorry not a familiar with that but guessing it's through a java editor of some sort!
I'm not as stupid as I appear here however when a .,/(-'";/,. Makes a difference in a command line I'm helpless!
See for refrence: https://bitcointalksearch.org/topic/i-need-help-finding-or-recovering-bitcoins-off-an-old-hard-drive-5161349

Thanks again,

malevolent

legendary

Activity: 3472

Merit: 1721

Quote from: SheriffBass on August 22, 2019, 07:54:13 PM

is this a windows command, python command or a CMD command??
how do you use it??

"Help" -> "Debug window" -> "Console" -> importprivkey "your_private_key" "your label" false

If you're importing only one private key, or importing the last one, do the rescan and omit the 'false' parameter.

edited due to missed quotes

SheriffBass

member

Activity: 77

Merit: 11

Quote from: Muhammed Zakir on July 16, 2014, 06:53:11 AM

Quote from: riclas on July 02, 2014, 01:14:44 PM

Hi, i'm having trouble importing my backup keys to my main wallet. I get the following output: http://pastebin.com/ii6SfsWr

Can someone help me please?

Why don't you import using below command which is used commonly instead of using pywallet?

Code:

importprivkey bitcoinaddressprivatekey

You can only import 1 key at a time.

kindly,
MZ

is this a windows command, python command or a CMD command??
how do you use it??

Lexiko

sr. member

Activity: 503

Merit: 283

Quote from: SheriffBass on August 17, 2019, 02:04:41 PM

Quote from: slush on December 18, 2011, 07:34:32 PM

My today's success story: Computer of friend of mine crashed two days ago. He went to some IT guy, asking for repair. That guy recommended "format & reinstall" (wow, are all issues with Windows still solving this way?) and asked, if backup of office document and some other stuff is enough for him. Today, friend called me that he has reformatted harddisk and fresh install of Windows and he completely forgot to his bitcoin wallet with 80 BTC, asking me if there is any way how to recover them. I played with pywallet some time ago and I barely noticed such cool feature of finding private keys on raw device, so I told him I'll try the recovery.

It went smooth (except that issue with corrupted blocks - which btw means that "format & reinstall" didn't fix previous issues with Windows) and his wallet has been fully recovered. Thank you jackjack for so cool application, small donation is going your way.

what steps/ commands did you use to recover deleted wallet.dat.....?
Thank you,

This pywallet options will help you:

--recover recover your deleted keys, use with recov_size and
   recov_device
  --recov_device=RECOV_DEVICE
   device to read (e.g. /dev/sda1 or E: or a file)
  --recov_size=RECOV_SIZE
   number of bytes to read (e.g. 20Mo or 50Gio)
  --recov_outputdir=RECOV_OUTPUTDIR
   output directory where the recovered wallet will be
   put

For example: pywallet.py --recover --recov_device=c:\ -recov_size=150Gio --recov_outputdir=f:\

But I don't recommend to use the drive with deleted wallet file (not install tools like python etc). It's better to boot live from CD/Flash Drive or boot from another disk and try to recover wallet.

Steps:
1). Download pywallet (pywallet.py or exe file) from https://bitcointalksearch.org/topic/m.424586
2). Run: pywallet.py (PWI_0.0.3.exe) --recover --recov_device=c:\ -recov_size=150Gio --recov_outputdir=f:\

SheriffBass

member

Activity: 77

Merit: 11

Quote from: slush on December 18, 2011, 07:34:32 PM

My today's success story: Computer of friend of mine crashed two days ago. He went to some IT guy, asking for repair. That guy recommended "format & reinstall" (wow, are all issues with Windows still solving this way?) and asked, if backup of office document and some other stuff is enough for him. Today, friend called me that he has reformatted harddisk and fresh install of Windows and he completely forgot to his bitcoin wallet with 80 BTC, asking me if there is any way how to recover them. I played with pywallet some time ago and I barely noticed such cool feature of finding private keys on raw device, so I told him I'll try the recovery.

It went smooth (except that issue with corrupted blocks - which btw means that "format & reinstall" didn't fix previous issues with Windows) and his wallet has been fully recovered. Thank you jackjack for so cool application, small donation is going your way.

what steps/ commands did you use to recover deleted wallet.dat.....?
Thank you,

SheriffBass

member

Activity: 77

Merit: 11

Quote from: ctoon6 on August 10, 2011, 06:15:24 PM

http://www.youtube.com/watch?v=oF52V6xxCy8

Youtube video to show how to install.

I know it's been a while but "This video is unavailable"!!
any updated video/ audio tutorials??
Thanks,

Lexiko

sr. member

Activity: 503

Merit: 283

Quote from: HCP on June 03, 2019, 05:47:01 PM

Thanks for the update...

It should also be pointed out that these mods are likely to only work properly for dumping the wallet... I would advise that users do not attempt to use any of the other wallet "modification" features as it will most likely corrupt the wallet.

Simply reading/dumping the wallet should be fine. But as always... work on a copy of your wallet.dat! Wink

True! I don't recommend to use pywallet in case different from dump private keys! It's very old (last commit was 5 years ago). But, anyway, it's the best script to dump private keys from a binary wallet.

P.S. dumping BCH keys, it's not need to set otherversion flag. Use standard options, it's ok for dumping private keys from BCH wallets.

HCP

legendary

Activity: 2086

Merit: 4314

Thanks for the update...

It should also be pointed out that these mods are likely to only work properly for dumping the wallet... I would advise that users do not attempt to use any of the other wallet "modification" features as it will most likely corrupt the wallet.

Simply reading/dumping the wallet should be fine. But as always... work on a copy of your wallet.dat! Wink

Lexiko

sr. member

Activity: 503

Merit: 283

I've made some changes according to https://bitcointalksearch.org/topic/m.30435668 post.

But my changelog is:

Change Line #2111 from:

Code:

				d.update(parse_BlockLocator(vds))

to:

Code:

				#d.update(parse_BlockLocator(vds))

Change line: #2502 from

Code:

json_db['bestblock'] = d['hashes'][0][::-1].encode('hex_codec')

to

Code:

                elif type == "bestblock":
                        pass
                elif type == "hdchain":
                        pass
                elif type == "bestblock_nomerkle":
                        pass
                elif type == "keymeta":
                        pass
                elif type == "purpose":
                        pass

Both BCH and BTC wallets were dumped ok!

Lexiko

sr. member

Activity: 503

Merit: 283

Does any new version or fork for pywallet ? Has anybody succeeded to dump Bitcoin Cash wallet with pywallet?
Maybe somebody advise any other tools to extract private keys/addreses from my broken wallet from command line.

HCP

legendary

Activity: 2086

Merit: 4314

That look like it might just be an unfortunate coding error: https://github.com/jackjack-jj/pywallet/blob/master/pywallet.py#L4739

The "2.2" version seems to be used elsewhere in the code: https://github.com/jackjack-jj/pywallet/blob/master/pywallet.py#L3

*shrug*

In any case, if it isn't finding keys in your "wallet.dat", then something else is going wrong... are you getting any errors displayed? is the wallet.dat encrypted?

rossen

hero member

Activity: 567

Merit: 500

In gold I trust - Aurumcoin www.cointech.net

Quote from: HCP on January 07, 2019, 04:55:47 PM

Quote from: rossen on January 07, 2019, 01:47:10 AM

Is there any released 2.2 version? I can not found any link.
I want to dump wallet file from 0.12 version, but pywallet from github by jackjack-jj doesn't found any key

what did you download exactly? And which OS are you wanting to run on?

I've used the .exe listed in the OP (https://github.com/downloads/jackjack-jj/pywallet/PWI_0.0.3.exe) to install and run PyWallet (and necessary libs) on Windows 10... and also used the pywallet.py file from the github (https://github.com/jackjack-jj/pywallet) under Linux.

> python2 pywallet.py --version
pywallet.py 1.1

This is the latest version from github. GNU/Linux OS

HCP

legendary

Activity: 2086

Merit: 4314

Quote from: rossen on January 07, 2019, 01:47:10 AM

Is there any released 2.2 version? I can not found any link.
I want to dump wallet file from 0.12 version, but pywallet from github by jackjack-jj doesn't found any key

what did you download exactly? And which OS are you wanting to run on?

I've used the .exe listed in the OP (https://github.com/downloads/jackjack-jj/pywallet/PWI_0.0.3.exe) to install and run PyWallet (and necessary libs) on Windows 10... and also used the pywallet.py file from the github (https://github.com/jackjack-jj/pywallet) under Linux.

rossen

hero member

Activity: 567

Merit: 500

In gold I trust - Aurumcoin www.cointech.net

Is there any released 2.2 version? I can not found any link.

I want to dump wallet file from 0.12 version, but pywallet from github by jackjack-jj doesn't found any key

Topic: Pywallet 2.2: manage your wallet [Update required] - page 7. (Read 207931 times)