Topic: Trouble recovering Multibit Classic Keys (Read 15220 times)

What speed do you get? There are GPU versions to decrypt Multibit keys that are 1000x faster than using python scripts, one of them is the newer version of btcrecover

You can find it here: https://github.com/gurnec/btcrecover

Good Luck!
/KX

Hi all - I just want to share my experience.  I set up MultiBit v0.15.16 on Linux back in Dec 2013 and upgraded to v0.15.18 Apr 2014.  Prior to upgrading I added a second receiving address to my wallet, encrypted it, and I added some funds.  I then have been pretty much hands off for the last 10 years.  I did upgrade my system a couple times but just copied the MultiBit folders over and made sure it still started and showed the wallet info.  Then a few days ago I decided I wanted to switch to a completely offline version and needed the private key.  This is where my adventures started.

I was positive I knew the password.  Ten years ago I didn't use a password manager and only had a handful of passwords that I'd use with just some variety.  When I ran the openssl command it presented no errors but it was just gibberish.  I thought for sure I was facing a MultiBit bug mentioned in this thread and I had a corrupt key.  Also, when I ran the decrypt_multibit_classic_keys.py from https://github.com/HardCorePawn/multibit_recovery I also saw the same gibberish.

The fact that my password was sort of working and one that I was positive I would have used 10 years ago, really prolonged my adventure.  It turns out it there is a really good change a bad password will still successful decrypt--just not correctly.

I also did start trying to use btcrecover.py only to realize it will take years to decrypt a password.  Fortunately, for me when I realize that the password might just incorrect, I was able to rack my brain enough to figure out what password I used.  

Also in my case, I had the main wallet file, 3 key backups, 3 wallet backups, and a wallet.cipher file.  My 'bad' password 'incorrectly' worked on one of the files.  What are the odds that seven files are really corrupts and one file mostly corrupt.  Once I figured out the right password, I ran all of HardCorePawn awesome scripts on all 8 files and got the expected results.

So moral of the story is if you think you have a corrupt file, try all of HardCorePawn scripts on all the different backup files that MultiBit creates and see if you can get any of them to work.

it works

I have checked out any possibility between 0 and 4 characters
Now it is counting the 14.025.517.307 combinations for 5 characters, and then it will check them, therefore in 36-48 of mid-work for dont force it, i will get the result

next step?
i will try it with 6 characters, how much time will it get? about 15-20 days

after that i will reconsider any other possiblities  

You can't put the "space" in the [...]'s... If you do that, it thinks that is the "end" of your token (and why you get the error).

So, if you think that you might have used a space in your password... you'll need to make a slightly more complex token file... something like this:


This file basically tells btcrecover to create a password created from 9 tokens as follows

Token 1 = Nothing OR 1 of the chars in [] OR space
Token 2 = Nothing OR 1 of the chars in [] OR space
...
Token 9 = Nothing OR 1 of the chars in [] OR space

So, it *should* create all combinations of 0-9 character passwords, where each char can be any of the ones you have specified OR space

Also, you can make it a little more tidy by using: the "a-z" and "0-9" notations...

thanks a lot for your quality responses
with those changes it works but the final character was a spacebar...

yes if i can't find a solution i could try with any btc recovering services...
But I prefer to try it first

Yes, you only specify %% when you a creating a "single" char token... when you're specifying chars in [...] format... you just use a single %. I've just tested it... and created the following token file:

And then tested using:

It output:

In addition to that... there is a weird character just before your final "]" which is actually what is causing your error... you need to delete that and the extra %... so your token file should looks something like this:


Yes... a 9 character password, with that many special chars will take a LONG time to test... With 104 possible characters, it's something ridiculous like 1,423,311,812,421,484,500 possible combinations just for the 9 character passwords... then you have the 8 char passwords, 7 chars, 6 chars etc etc. All up, (with my bad maths) it is something like 1,437,130,373,707,129,900 combinations

If you can check 1,000,000,000 passwords/second... You would need: ~1437130373.73 seconds to check them all...
= ~23952172.9 minutes
= ~399202.9 hours
= ~16633.5 days
= ~45.6 years

You might be better off trying to exclude some characters which you're fairly sure you would not have used to reduce the total search space to a more reasonable amount.

You can also try and do it using Amazon Web Services, but the costs can get prohibitive... so unless you have a significant amount of money in this wallet, that might not be the most cost effective way of doing it. Again, talking to wallet recovery experts who already have the equipment and code setup and ready to go might be a better option.

I had actually read it. But I made the same mistake that last time % instead of %%, sorry...

Right now, I decided to specify all of my keyboard characters with the token below:
%0,9[aAbBcCdDeEfFgGhHiIjJkKlLmMnNñÑoOpPqQrRsStTuUvVwWxXyYzZ0123456789ºª\!|"@·#$~%%€&¬/()=¿?'¡`+^*[´¨{}Çç,;.:-_ ]
Because I must not have more than 9 characters... but i got this error
Starting btcrecover 0.17.10 on Python 2.7.17 64-bit, 16-bit unicodes, 32-bit ints
btcrecover.py: notice: use --android-pin to recover the spending PIN of
    a Bitcoin Wallet for Android/BlackBerry backup (instead of the backup password)
btcrecover.py: error: on line 1: invalid wildcard (%) syntax (use %% to escape a %)

i saved the file as utf-8 and included --utf8 on comand

The next problen will be when i would solved the error, it could take weeks, months, years¿? for %0,9 characters
it is crazy, i have read about doing it on amazon web services, although I have to research about it, I think it could be more complicated than download python and following tutorials...

What do you think?

Ok... so I think you need to read the "Unicode Support" part of the btcrecover docs (if you haven't already): https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#unicode-support

You will need the --utf8 commandline argument... and to make sure that your token file is saved in UTF-8 format.

thanks for your supporting HCP  

According to the tutorial if i want to look for a password between 0 and 10 characters ASCII. i have to spcify in tokens file...:
0,10%p

But if i need to include: "ñÑ". How i have to do it? I tried it with
0,10%p[ñÑ]
but i return an error message

If i specify the all characters including "ñ" I return an error message too
0,10[.....ñÑ....]

 File "C:...\btcrpass.py", line 2828, in open_or_use
    file = open(filename, mode)
IOError: [Errno 2] No such file or directory: 'tokensname.txt'

Looks like you're on the right track... at least btcrecover seems to be working ok!

As for the error, if you look at this page: https://theasciicode.com.ar/extended-ascii-code/acute-accent-ascii-code-239.html Do any of the characters you think might be in your password show up as having a code in the "Extended ASCII characters" section? ie. it has a "code" that is 128 to 255?

No... all those files are either encrypted (or not useful)... even the "unencrypted" wallet backups in the "wallet-unenc-backup" folder... you can tell because it has the .CIPHER extension... this is what happens when you add a password to a wallet file that WAS unencrypted:

To use the char % in your password... you specify it in token file as: %%

as per the tutorial:

thanks for your advice!
I have good and bad news. I ran python and btcrecover without succeed yet. I have just suggested more than 300 passwords even with different typos combinations although after uncountable possibilities it didn't match and I received a 'password search exhausted' message

------\btcrecover------->----------\python  btcrecover.py --tokenlist tokensname.txt --max-tokens 1 --typos 5 --wallet walletname.key
Starting btcrecover 0.17.10 on Python 2.7.17 64-bit, 16-bit unicodes, 32-bit ints
btcrecover.py: notice: use --android-pin to recover the spending PIN of
    a Bitcoin Wallet for Android/BlackBerry backup (instead of the backup password)
Wallet difficulty: 3 MD5 iterations
Using 4 worker threads
12472 of 12472 [########################################################] 0:00:00,
Password search exhausted

In this moment I have 3 questions:
1. If i don't remember password and i don't have enough luck with the matching, are there any posibility to unlock it with files that I showed in my last post
2. I am going to try it again with extra info like typos count...
3. I have problems with passwords with the character "%" how have I to specified it?
I'm trying to resolve it with brute-force, I am creating different tokens files to specify different lengths such %1p because I saw it in this topic: https://bitcointalk.org/index.php?topic=3049316.0;all
but I get this error
error: btcrecover.py: error: token on line 1 has character with code point 239 > max (127 / ASCII)
edit: I think I found the solve: save the .txt file as ANSI - code
let's se..

It looks like you still have all the necessary files... so that's a good start. Now, it's really just a matter of finding the correct password.

Does the MultiBit install still work? As in, you can actually load up MultiBit and see the wallets etc? If so, that would suggest the files are hopefully not corrupt. Then, it's just a matter of getting the password.


Getting Python and btcrecover working can be a bit daunting if you're not experienced with commandline applications... but it's not impossible. You just need to make sure you use Python 2.7.x and follow the instructions as outlined on the btcrecover github: https://github.com/gurnec/btcrecover/blob/master/docs/INSTALL.md

If you're unable to get btcrecover working, then you're basically left with the option of engaging a 3rd party to try and recover things for you... my recommendation would be: https://walletrecoveryservices.com/


Also, in case it wasn't obvious, there are a lot of scammers here on Bitcointalk... so be VERY cautious if anyone offers to help via PM or Telegram etc and asks you to send your wallet files/passwords etc!

i'm not sure but I have just found this topic and it looks like my case
https://bitcointalk.org/index.php?topic=1922317.0;all

the difference between us is that I think that I have a password and he didn't

but you can show below my wallet directory files and structure:

https://imgur.com/IrH3HAi
https://imgur.com/fYCKYBp
https://imgur.com/WEwSG5K
https://imgur.com/nLdZa8m
https://imgur.com/Mrklk9X
https://imgur.com/nyRj7DV
https://imgur.com/elVOf2G

I tried to use btc recover but it doesn't work...
I need to install two or three things before to start but the compilation have not one of them...

First, I am so grateful to have a response with this topic, thank you a lot

I am pretty sure that the password has to be one of them which I have in a piece of paper, but I think that the problem is the known multibit password issue.
I don't usually use special characters, there is only one possibility with "%"

It's true, that I am not a technical user, in fact, I have business studies although I can build simple database queries for data analysis but I can't resolve more complicated things. (to understand my tech knowledge)

By the way, my multibit installation is composed for the followings files and folders

• multibit (info)
• multibit (properties)
• multibit (wallet)
• multibit (spvchain)
• multibit (csv)
• multibit (checkpoints)
• multibit (log)
• multibit-data (folder)

and inside multibit-data (folder) there are:
      key-buckup (folder)
            multibit  YYYYMMDDHHMM (key)
      rolling-backup (folder)
            multibit  YYYYMMDDHHMM (wallet)
            multibit  YYYYMMDDHHMM (wallet)
      wallet-backup (folder)
            multibit  YYYYMMDDHHMM (info)
            multibit  YYYYMMDDHHMM (wallet)
      wallet-unenc-backup(folder)
            multibit  YYYYMMDDHHMM/ (info)
            multibit  YYYYMMDDHHMM.wallet (cipher)


So, with this information and knowing that:
I have my multibit wallet log in
I lost my private key and my seed words
I could have the multibit password issue


what do you think could be better?

Given the length of time passed... (6 years! ) I'd say that the chances are fairly high that you do indeed have the wrong password(s)

Having said that, did you tend to use any "non english" characters in your passwords? perhaps ones with accents like à á â ä ç Ø etc? or maybe "special" characters like |/\'?


Your options are essentially:

1. Continue trying to bruteforce the password using a script like "btcrecover"... may not be easy given you say you're not a "techuser"

or

2. Get someone else to try bruteforcing it for you... (NOTE: not sure I'd trust the one linked above... they claim MultiBit had a seed phrase that was hidden, when in reality it didn't... Multibit Classic was NOT an HD wallet, it just generated random private keys)... but there are other services that have a fairly good rep like Dave at https://walletrecoveryservices.com/

They've been in business a LONG time and have successfully helped a few people.


If you still have access to the computer and the .wallet and possibly .wallet.cipher files (any .key files? ) then it's possible that you *might* be able to decrypt the wallet file in other ways.

Hi everyone
Firstly I want to give you a little background about me (mid understand of english · no techuser)
having said that I'd like to explain my situation:

• In 2013 I installed multibit 0.5.14 and until nowdays I forgot about multibit
• Months ago I have tried to recover btc's to send to another wallet, but I lost my passphrases when I moved on from my parents home where I let my computer with multibit installed
• If I try to export private keys from multibit I receive the below message: "The wallet password is incorrect" (I have tried many passwords and I am pretty sure that one of them is correct)
  
• Looking on multibit repository I can see diferent files:
  multibit.info/wallet/properties/spvchain/checkpoints
  multibit-data/keybackup/rollingbackup/walletbackup/wallet-unenc-backup/
  

Considering the info above, which could be the best sollution?

I have looked at the source code and found some interesting things, would need a real file to look at.

How much is stuck in your wallet btw?

Hey vamosrafa.  Had a TON of luck.  Recovered all of my Bitcoin plus BCH and BSV.  I was on bitcointalk and all over the internet looking for help last summer and finally got everything back.  Check out https://multibitwalletrecoveryservice.com .

Yeah... I've tried helping a few people with MultiBit issues since they shutdown... and have conducted a bit of experimenting and there is definitely something a bit broken with the way they implemented the encryption. I'm not sure if it was a library they used, or a specific version of MultiBit that caused the issue, or if maybe OpenSSL is broken?

But I've had instances where I can create an encrypted file from MultiBit... which supposedly should be able to be unencrypted using OpenSSL... however, it won't decrypt properly. It'll either claim the key is wrong or just decrypt garbage. Yet the same key would reliably decrypt the file using MultiBit!!?!

Then there are the instances of people being able to decrypt the files... but getting private keys with like 90 characters in them etc.

So, it is quite possible that you have a "corrupted" file

Has anyone had any luck? Autoband?

I was digging into it a little today after forgetting about it. It looks like when I encrypted/ added a password to the wallet it created two separate wallet files. The strange thing is from the .info files both state there are three receiving addresses. The first wallet file has 2 of the 3 receiving addresses, the other has the other 2 of the 3.

Pretty strange, still think mine might be a corrupted file...