Topic: Trouble recovering Multibit Classic Keys (Read 15220 times)

What speed do you get? There are GPU versions to decrypt Multibit keys that are 1000x faster than using python scripts, one of them is the newer version of btcrecover

You can find it here: https://github.com/gurnec/btcrecover

Good Luck!
/KX

Hi all - I just want to share my experience.  I set up MultiBit v0.15.16 on Linux back in Dec 2013 and upgraded to v0.15.18 Apr 2014.  Prior to upgrading I added a second receiving address to my wallet, encrypted it, and I added some funds.  I then have been pretty much hands off for the last 10 years.  I did upgrade my system a couple times but just copied the MultiBit folders over and made sure it still started and showed the wallet info.  Then a few days ago I decided I wanted to switch to a completely offline version and needed the private key.  This is where my adventures started.

I was positive I knew the password.  Ten years ago I didn't use a password manager and only had a handful of passwords that I'd use with just some variety.  When I ran the openssl command it presented no errors but it was just gibberish.  I thought for sure I was facing a MultiBit bug mentioned in this thread and I had a corrupt key.  Also, when I ran the decrypt_multibit_classic_keys.py from https://github.com/HardCorePawn/multibit_recovery I also saw the same gibberish.

The fact that my password was sort of working and one that I was positive I would have used 10 years ago, really prolonged my adventure.  It turns out it there is a really good change a bad password will still successful decrypt--just not correctly.

I also did start trying to use btcrecover.py only to realize it will take years to decrypt a password.  Fortunately, for me when I realize that the password might just incorrect, I was able to rack my brain enough to figure out what password I used.  

Also in my case, I had the main wallet file, 3 key backups, 3 wallet backups, and a wallet.cipher file.  My 'bad' password 'incorrectly' worked on one of the files.  What are the odds that seven files are really corrupts and one file mostly corrupt.  Once I figured out the right password, I ran all of HardCorePawn awesome scripts on all 8 files and got the expected results.

So moral of the story is if you think you have a corrupt file, try all of HardCorePawn scripts on all the different backup files that MultiBit creates and see if you can get any of them to work.

it works

I have checked out any possibility between 0 and 4 characters
Now it is counting the 14.025.517.307 combinations for 5 characters, and then it will check them, therefore in 36-48 of mid-work for dont force it, i will get the result

next step?
i will try it with 6 characters, how much time will it get? about 15-20 days

after that i will reconsider any other possiblities  

You can't put the "space" in the [...]'s... If you do that, it thinks that is the "end" of your token (and why you get the error).

So, if you think that you might have used a space in your password... you'll need to make a slightly more complex token file... something like this:


This file basically tells btcrecover to create a password created from 9 tokens as follows

Token 1 = Nothing OR 1 of the chars in [] OR space
Token 2 = Nothing OR 1 of the chars in [] OR space
...
Token 9 = Nothing OR 1 of the chars in [] OR space

So, it *should* create all combinations of 0-9 character passwords, where each char can be any of the ones you have specified OR space

Also, you can make it a little more tidy by using: the "a-z" and "0-9" notations...

thanks a lot for your quality responses
with those changes it works but the final character was a spacebar...

yes if i can't find a solution i could try with any btc recovering services...
But I prefer to try it first

Yes, you only specify %% when you a creating a "single" char token... when you're specifying chars in [...] format... you just use a single %. I've just tested it... and created the following token file:

And then tested using:

It output:

In addition to that... there is a weird character just before your final "]" which is actually what is causing your error... you need to delete that and the extra %... so your token file should looks something like this:


Yes... a 9 character password, with that many special chars will take a LONG time to test... With 104 possible characters, it's something ridiculous like 1,423,311,812,421,484,500 possible combinations just for the 9 character passwords... then you have the 8 char passwords, 7 chars, 6 chars etc etc. All up, (with my bad maths) it is something like 1,437,130,373,707,129,900 combinations

If you can check 1,000,000,000 passwords/second... You would need: ~1437130373.73 seconds to check them all...
= ~23952172.9 minutes
= ~399202.9 hours
= ~16633.5 days
= ~45.6 years

You might be better off trying to exclude some characters which you're fairly sure you would not have used to reduce the total search space to a more reasonable amount.

You can also try and do it using Amazon Web Services, but the costs can get prohibitive... so unless you have a significant amount of money in this wallet, that might not be the most cost effective way of doing it. Again, talking to wallet recovery experts who already have the equipment and code setup and ready to go might be a better option.

I had actually read it. But I made the same mistake that last time % instead of %%, sorry...

Right now, I decided to specify all of my keyboard characters with the token below:
%0,9[aAbBcCdDeEfFgGhHiIjJkKlLmMnNñÑoOpPqQrRsStTuUvVwWxXyYzZ0123456789ºª\!|"@·#$~%%€&¬/()=¿?'¡`+^*[´¨{}Çç,;.:-_ ]
Because I must not have more than 9 characters... but i got this error
Starting btcrecover 0.17.10 on Python 2.7.17 64-bit, 16-bit unicodes, 32-bit ints
btcrecover.py: notice: use --android-pin to recover the spending PIN of
    a Bitcoin Wallet for Android/BlackBerry backup (instead of the backup password)
btcrecover.py: error: on line 1: invalid wildcard (%) syntax (use %% to escape a %)

i saved the file as utf-8 and included --utf8 on comand

The next problen will be when i would solved the error, it could take weeks, months, years¿? for %0,9 characters
it is crazy, i have read about doing it on amazon web services, although I have to research about it, I think it could be more complicated than download python and following tutorials...

What do you think?

Ok... so I think you need to read the "Unicode Support" part of the btcrecover docs (if you haven't already): https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#unicode-support

You will need the --utf8 commandline argument... and to make sure that your token file is saved in UTF-8 format.

thanks for your supporting HCP  

According to the tutorial if i want to look for a password between 0 and 10 characters ASCII. i have to spcify in tokens file...:
0,10%p

But if i need to include: "ñÑ". How i have to do it? I tried it with
0,10%p[ñÑ]
but i return an error message

If i specify the all characters including "ñ" I return an error message too
0,10[.....ñÑ....]

 File "C:...\btcrpass.py", line 2828, in open_or_use
    file = open(filename, mode)
IOError: [Errno 2] No such file or directory: 'tokensname.txt'

Looks like you're on the right track... at least btcrecover seems to be working ok!

As for the error, if you look at this page: https://theasciicode.com.ar/extended-ascii-code/acute-accent-ascii-code-239.html Do any of the characters you think might be in your password show up as having a code in the "Extended ASCII characters" section? ie. it has a "code" that is 128 to 255?

No... all those files are either encrypted (or not useful)... even the "unencrypted" wallet backups in the "wallet-unenc-backup" folder... you can tell because it has the .CIPHER extension... this is what happens when you add a password to a wallet file that WAS unencrypted:

To use the char % in your password... you specify it in token file as: %%

as per the tutorial:

thanks for your advice!
I have good and bad news. I ran python and btcrecover without succeed yet. I have just suggested more than 300 passwords even with different typos combinations although after uncountable possibilities it didn't match and I received a 'password search exhausted' message

------\btcrecover------->----------\python  btcrecover.py --tokenlist tokensname.txt --max-tokens 1 --typos 5 --wallet walletname.key
Starting btcrecover 0.17.10 on Python 2.7.17 64-bit, 16-bit unicodes, 32-bit ints
btcrecover.py: notice: use --android-pin to recover the spending PIN of
    a Bitcoin Wallet for Android/BlackBerry backup (instead of the backup password)
Wallet difficulty: 3 MD5 iterations
Using 4 worker threads
12472 of 12472 [########################################################] 0:00:00,
Password search exhausted

In this moment I have 3 questions:
1. If i don't remember password and i don't have enough luck with the matching, are there any posibility to unlock it with files that I showed in my last post
2. I am going to try it again with extra info like typos count...
3. I have problems with passwords with the character "%" how have I to specified it?
I'm trying to resolve it with brute-force, I am creating different tokens files to specify different lengths such %1p because I saw it in this topic: https://bitcointalk.org/index.php?topic=3049316.0;all
but I get this error
error: btcrecover.py: error: token on line 1 has character with code point 239 > max (127 / ASCII)
edit: I think I found the solve: save the .txt file as ANSI - code
let's se..

It looks like you still have all the necessary files... so that's a good start. Now, it's really just a matter of finding the correct password.

Does the MultiBit install still work? As in, you can actually load up MultiBit and see the wallets etc? If so, that would suggest the files are hopefully not corrupt. Then, it's just a matter of getting the password.


Getting Python and btcrecover working can be a bit daunting if you're not experienced with commandline applications... but it's not impossible. You just need to make sure you use Python 2.7.x and follow the instructions as outlined on the btcrecover github: https://github.com/gurnec/btcrecover/blob/master/docs/INSTALL.md

If you're unable to get btcrecover working, then you're basically left with the option of engaging a 3rd party to try and recover things for you... my recommendation would be: https://walletrecoveryservices.com/


Also, in case it wasn't obvious, there are a lot of scammers here on Bitcointalk... so be VERY cautious if anyone offers to help via PM or Telegram etc and asks you to send your wallet files/passwords etc!

i'm not sure but I have just found this topic and it looks like my case
https://bitcointalk.org/index.php?topic=1922317.0;all

the difference between us is that I think that I have a password and he didn't

but you can show below my wallet directory files and structure:

https://imgur.com/IrH3HAi
https://imgur.com/fYCKYBp
https://imgur.com/WEwSG5K
https://imgur.com/nLdZa8m
https://imgur.com/Mrklk9X
https://imgur.com/nyRj7DV
https://imgur.com/elVOf2G

I tried to use btc recover but it doesn't work...
I need to install two or three things before to start but the compilation have not one of them...

First, I am so grateful to have a response with this topic, thank you a lot

I am pretty sure that the password has to be one of them which I have in a piece of paper, but I think that the problem is the known multibit password issue.
I don't usually use special characters, there is only one possibility with "%"

It's true, that I am not a technical user, in fact, I have business studies although I can build simple database queries for data analysis but I can't resolve more complicated things. (to understand my tech knowledge)

By the way, my multibit installation is composed for the followings files and folders

• multibit (info)
• multibit (properties)
• multibit (wallet)
• multibit (spvchain)
• multibit (csv)
• multibit (checkpoints)
• multibit (log)
• multibit-data (folder)

and inside multibit-data (folder) there are:
      key-buckup (folder)
            multibit  YYYYMMDDHHMM (key)
      rolling-backup (folder)
            multibit  YYYYMMDDHHMM (wallet)
            multibit  YYYYMMDDHHMM (wallet)
      wallet-backup (folder)
            multibit  YYYYMMDDHHMM (info)
            multibit  YYYYMMDDHHMM (wallet)
      wallet-unenc-backup(folder)
            multibit  YYYYMMDDHHMM/ (info)
            multibit  YYYYMMDDHHMM.wallet (cipher)


So, with this information and knowing that:
I have my multibit wallet log in
I lost my private key and my seed words
I could have the multibit password issue


what do you think could be better?

Given the length of time passed... (6 years! ) I'd say that the chances are fairly high that you do indeed have the wrong password(s)

Having said that, did you tend to use any "non english" characters in your passwords? perhaps ones with accents like à á â ä ç Ø etc? or maybe "special" characters like |/\'?


Your options are essentially:

1. Continue trying to bruteforce the password using a script like "btcrecover"... may not be easy given you say you're not a "techuser"

or

2. Get someone else to try bruteforcing it for you... (NOTE: not sure I'd trust the one linked above... they claim MultiBit had a seed phrase that was hidden, when in reality it didn't... Multibit Classic was NOT an HD wallet, it just generated random private keys)... but there are other services that have a fairly good rep like Dave at https://walletrecoveryservices.com/

They've been in business a LONG time and have successfully helped a few people.


If you still have access to the computer and the .wallet and possibly .wallet.cipher files (any .key files? ) then it's possible that you *might* be able to decrypt the wallet file in other ways.

Hi everyone
Firstly I want to give you a little background about me (mid understand of english · no techuser)
having said that I'd like to explain my situation:

• In 2013 I installed multibit 0.5.14 and until nowdays I forgot about multibit
• Months ago I have tried to recover btc's to send to another wallet, but I lost my passphrases when I moved on from my parents home where I let my computer with multibit installed
• If I try to export private keys from multibit I receive the below message: "The wallet password is incorrect" (I have tried many passwords and I am pretty sure that one of them is correct)
  
• Looking on multibit repository I can see diferent files:
  multibit.info/wallet/properties/spvchain/checkpoints
  multibit-data/keybackup/rollingbackup/walletbackup/wallet-unenc-backup/
  

Considering the info above, which could be the best sollution?

I have looked at the source code and found some interesting things, would need a real file to look at.

How much is stuck in your wallet btw?

Hey vamosrafa.  Had a TON of luck.  Recovered all of my Bitcoin plus BCH and BSV.  I was on bitcointalk and all over the internet looking for help last summer and finally got everything back.  Check out https://multibitwalletrecoveryservice.com .

Yeah... I've tried helping a few people with MultiBit issues since they shutdown... and have conducted a bit of experimenting and there is definitely something a bit broken with the way they implemented the encryption. I'm not sure if it was a library they used, or a specific version of MultiBit that caused the issue, or if maybe OpenSSL is broken?

But I've had instances where I can create an encrypted file from MultiBit... which supposedly should be able to be unencrypted using OpenSSL... however, it won't decrypt properly. It'll either claim the key is wrong or just decrypt garbage. Yet the same key would reliably decrypt the file using MultiBit!!?!

Then there are the instances of people being able to decrypt the files... but getting private keys with like 90 characters in them etc.

So, it is quite possible that you have a "corrupted" file

Has anyone had any luck? Autoband?

I was digging into it a little today after forgetting about it. It looks like when I encrypted/ added a password to the wallet it created two separate wallet files. The strange thing is from the .info files both state there are three receiving addresses. The first wallet file has 2 of the 3 receiving addresses, the other has the other 2 of the 3.

Pretty strange, still think mine might be a corrupted file...

@vamosrafa

When I was trying different passwords, I was getting "Provided AES key is wrong" only for a specific one. No other password was giving me this same error message. I then concluded that this was the wallet password, that Multibit was working wrong and that some corruption occured.

I was wrong. gunrnec's tool helped me trying more passwords combinations to finally find the actual one, unlocking the wallet.

That's why I say that "Provided AES key is wrong" error message is not related to what I thtought was the actual wallet password. I don't know where it is coming from.

Like many others, I thougth I was remembering my password and blamed Multibit when in fact, I was not vigilant enough to write it on paper at the time.

I hope it is clear now... Good Luck !

To update anyone who care besides Autoband, I somehow was able to open a copy of a wallet that has the locked private keys in it. To my surprise there is a transaction from 2017 in June. The AES error appeared back in 2014.

I'm hoping that by some miracle I might be able to resync the wallet with the unlocked copy and restore the funds, but now I need to find out which computer it was sent from since I have opened it on several different computers and several different wallet files, with different versions of Multibit.

I think maybe one wallet backup is somehow not corrupted, but the problem was when I sent out the .005 BTC it did not display the balances with actual BTC in it.

It appears that Autoband may have updated the Multibit with the keys encrypted, (as I may have as well) resulting in the corruption??

So you had the "AES key is wrong" error or no?

If you did, are you saying that it was an incorrect password even with that (AES) error message, or did you have the cannot decrypt bytes message?

Hello,

Big news. The "Provided AES key is wrong" error message is not showing when providing the proper password, it is unrelated. Like many other users, I dig and worked hard to find the real password... And I finally did, thanks to gunrnec tool :

https://github.com/gurnec/btcrecover

Thanks to gurnec for the tool (thanks bonu$ coming your way...) and thanks to Spockrates for providing the link.

Mat008

It seems like spockrates was not getting the "AES key is wrong" error in the software, so it must have been a password issue. How this wallet was around for so long is unbelievable, with all the bugs

Well, in my case, what I thought was corruption was an incorrect password. But no other method would give me the "incorrect password" message.

This seem to be a password recovery procedure... I don't see how it can help in the case where Multibit is corrupting some files. How many people are stuck with this problem? Can the old Multibit team do something about it? This is insane!

I was finally able to open the file by using BTCRECOVER to find the password. It turns out what Multibit was implying was the right password, actually was not. BTCRECOVER allowed me to enter parts of what I knew were in there and it tried a bunch of different combinations.

https://github.com/gurnec/btcrecover

Hope this helps somebody!

I guess there are quite a number of people now experiencing the same problem. I have to mention I have been using multibit 0.5.15 on a mac. I'd like some confirmation whether others are using the same version and system?

Like one of you I base64-decoded my keyfile, which gives me a Salted__kjncisiflsjfnlkasnetcetc output. This shows me that the keyfile has not been damaged during the time I had it on my computer. And that the problem lies before multibit's base64 encoding.

The fact is, the script is trying to emulate openssl AES 256 encoding, but it might be that it doesn't do that entirely correctly. At the same time it might actually be trying to decode it correctly, which results in an error. Although I still do not get the "AES key is wrong" error.

Another interesting thing I noticed is that the 0.5.15 version is not on github. I thought it was there before, I might be mistaken.

Hello,

I'm sorry, that tread is pretty long and I'm trying to see clear... Can someone please help me wrap this thing up? I have very basic programming knowledge.

I'm having trouble with Multibit version 0.5.16 on a MacBook Pro running OS X El Capitan 10.11.6.

When trying to remove the password from the wallet using the proper password, Multibit is returning the following error message:

    "Provided AES key is wrong"

When entering any wrong password, Multibit is returning another error message :

    "Could not decrypt bytes"

There is a problem with Multibit since it will not unlock my Bitcoins when providing the right password. What is the solution to the problem ?

I've noticed that other users were experiencing the same issue.

I can't believe my coins will stay locked!?

Please help me! Thank you very much!

For reference... the code dealing with the Encryption/Decryption is here: https://github.com/Multibit-Legacy/multibit/blob/master/src/main/java/org/multibit/crypto/KeyCrypterOpenSSL.java

Interestingly, there was a commit (https://github.com/Multibit-Legacy/multibit/commit/b2dfb4b3f9a8e7305b737bf76b0176c4560aa25e#diff-479841ac9117242ee643ad7c13727b58) back in 2013, where the char[] was changed to a CharSequence... CharSequences are UTF-16, not UTF-8... I think this was in v0.5.9?

and another commit (https://github.com/Multibit-Legacy/multibit/commit/2d3f9cbcbad330920da0797ec0758fd4b0df5236#diff-479841ac9117242ee643ad7c13727b58) which fixed the padding for the encryption... which looks like it was v0.5.18

I'm not able to find a version v0.5.9 to download... so the only way to test is to download JDK and Maven and the 0.5.9 source package and compile it... which I am currently doing

EDIT: And was unsuccessful... seems it is a bit outdated and there are missing links which is breaking the maven build and I just don't have the time to try and figure out my way around it...

Considering that MBC is open source, has anyone tried to replicate it using the exact same code and password with a salt from one of these "bad" wallets? And using a key from someone who came across this issue but managed to keep an unencrypted backup?

Or maybe just running a script to keep generating keys, encrypting, and attempting to decrypt until a bad one comes up.

If you're trying to crack the password, then maybe you want to try gurnec's btcrecover scripts: https://github.com/gurnec/btcrecover

However, it appears that the issue is generally not a bad password... or bad encryption... but bad data being encrypted. It seems that MBC has somehow screwed up the data when it is being encrypted, so what is actually being written to disk is effectively useless when decrypted... ie. Garbage In, Garbage Out...

I still have absolutely no idea what these 94 character "private keys" are... or how they were generated in the first place??!?  

I've been unable to replicate this problem.

I'm helping someone with a multibit wallet that was made back in 2014 and I'm getting the same issue as Autoband86 with the hex of the private key from HCP's script spitting out 94 characters instead of 64. Are there any characters within the parsed wallet that could be indicative of a corrupt file? Or maybe the number of characters. Maybe I'm being dumb but I can't quite figure out how the strings like "}\5\027\120\334D3" translate to the alphanumerical keys. (Yes I was being dumb, answer was earlier in the thread.)

EDIT: So I've tried importing all 64 character slices of that 94 character string (all encoded as actual 52 character private keys) but none of the private keys match up to the original address. What is the likelihood that an issue with the initial encryption led to it not even being the private keys being encrypted? Would there just be no recourse in that case? From what I can gather it's mostly likely to have been an issue with the encryption header.

I get this:

Spockrates,

What error does it give you when you type in your correct password in the actual multibit software GUI?

Autoband and I both get provided AES key is wrong instead of the usual "could not decrypt bytes"

Thanks

Hey, thank you for replying!

It's a Multibit classic .key file and I don't see a "parsed_wallet.txt" key. There's no information either.

Running:

Gives me:

But a file that again is jibberish.

ANOTHER EDIT:

If I run:


Like it says to here: https://github.com/Multibit-Legacy/multibit/wiki/Export-and-limited-import-of-private-keys

It gives me this:


Though, I'm pretty sure this is the correct password as it's the only one that doesn't get the password error when I tried to unlock in Multibit classic. Instead it gives me:

And that is a MultiBit classic .key file?

Does the script generate a "parsed_wallet.txt" file? Does that file have some "encryption" information at the end like the salt and iterations and encryption type?

I'm having a similar problem and have tried everything in this thread.

Running the script on my Multibit key file generates a string of characters that I don't quite know what to do with. 72 characters long, lots of this sort of stuff:
Any ideas? Thanks!

How were you able to export your keys unencrypted after you encrypted them? Did you have the same AES key is Wrong error? Has anyone else with this error been able to recover their wallet keys?

Please don't cross-post across multiple threads... you'll get answers all over the place. It wasn't necessary to start a thread requesting help in the Dev & Tech Discussion section, a thread in the MultiBit section and then "necropost" 2 other threads with the same request

Suggest you stick with 1 thread: https://bitcointalk.org/index.php?topic=2383713.new#new

Hi I have a similar problem. And really need help....

I have Multibit classic 0.5.19 with BTC in it back form 2013. When I try to send or export the keys the password bug mean the correct on does not work.

I have tried the multibit to Keepkey utlity and i get error message no balance.
I have the .wallet .key and .wallet.cipher files but they are encrypted.

I used this script on GitHUb. But it showed me error messages when I entered my password. I worked and showed me the keys for my other no passworded Multibit classic wallets.

https://github.com/Multibit-Legacy/read-multibit-wallet-file/tree/c4956f1c5a1ecb2df7a5612c8d9ea04388cdde0f

I got to this page but how do I run the python script on my Mac in Terminal?
https://pastebin.com/Z2zfbwiv

I hope this will work and will decrypt my .keys file. The BTC in there is worth a lot to me so any help will be appreciated.

No response from wallet recovery services

Also I tried this guys tool, to export the private key, when I enter the wrong password it gives a bad decrypt error, when I enter the correct password it gives a "not a valid private key" error. The search continues.

I am approaching Dave at wallet recovery services to see if he has any ideas, so it might be of some help. HCP tried to figure out what the correct password decrypts to 94 characters using his utility but to no avail. I will report back here if Dave is able to help. I'll send some BTC to HCP if I am able to crack the wallet, it has now become a life changing amount of money stuck in the wallet.

Thanks for your reply. Yes, walletkeys.py for the wallet

In fact, I found an interesting thing that can be usefull to other people who forgot their password (like me) :

=> you CAN'T rely on OpenSSL to be sure that your key has been unencrypted

I generated 210000 passwords with crunch and I used this command line to bruteforce the key :

cat passfile | while read i ; do pass=`echo -n $i` ;  openssl enc -d -p -aes-256-cbc -a -in enc.key -out clear.key -pass pass:$pass && echo $pass && exit ; done

When the script stopped first I was very happy but the pb that I described previously on this thread appears. Then I modified the command like that :

cat passfile | while read i ; do pass=`echo -n $i` ;  openssl enc -d -p -aes-256-cbc -a -in enc.key -out clear.key -pass pass:$pass &&  && echo $pass >> PASS ; done

So the script doesn't stop when the key is decrypted at the first time.

Guess how many password there was in PASS ??

$ wc -l PASS
1049 PASS

So, OpenSSL has decrypted the key with 1049 different passwords !! :-D

I gonna mofity the script to keep the output and to check after if the file is plaintext or not.
Antother possiblity would be to use walletkeys.py to bruteforce the key but I don't know yet if you can call it via a script. 

 
 

Do NOT use Multibit to encrypt your keys.
Even it can't decrypt its own encryption.
I know because I have such experience.
You, the thread starter, are better off exporting the keys and encrypting them directly on your own, like using WinRar or any encryption software that you know to be very reliable (anyone who says WinRar is unreliable and/or untrustworthy, please state the evidence proving that is so).
Different wallets may use different methods of encryption and so decrypting the keys may not be compatible between different wallets.
Multibit is no longer supported now.
You have been warned.

Edit:
I was lucky I didn't uninstall my Multibit after encrypting my keys with it, so I managed to export the keys unencrypted, and encrypt them myself.
Or else, I would be in seriously deep shit.

It shouldn't be... it sounds like either the password you are entering is incorrect, or the file is corrupted so the decryption fails and the script detects this as an "incorrect" password

Which file are you attempting to run the script on? I think you may be using the wrong script... walletkeys.py was made for extracting keys from a wallet file...

If I use decrypt_multibit_classic_walletkeys.py I have this output :
File NOT Encrypted
--------------------------------------------------------------------------------
Keys are encrypted
terminal does not support UTF; passwords with non-ASCII chars might not work
This wallet file is encrypted, please enter its password:
incorrect password

How the password from the wallet can be different than the password of the key ?

 

Hi there,

I have more or less the same issue except that I've been able to decrypt the key with openssl :

$ openssl enc -d -p -aes-256-cbc -a -in First-data/key-backup/First-20140130220522.key -out file.key
enter aes-256-cbc decryption password:
salt=84D98ZEDAAF43B7F
key=7EB90668080C400F0E90E2CBZLDP7B29A036E2C9B59194BE5D330324D4F6C70
iv =1277FA41948C21AA8E3A721DDBC12841

The decryption seems to be ok :

$ echo $?
0
The problem is that I don't obtain a text file in file.key :
$file file.key
data

same thing when I use decrypt_multibit_classic_keys.py I got some binary caracteres as output. nothing that looks like a private key.

Does anybody understand why the output is not plain text with both openssl and decrypt_multibit_classic_keys.py ?

Thanks   


 

I have not had any code in Chinese, I haven't been able to crack the keys yet, but gave it a rest, considering there was no urgent need. However, I would like to recover my coins one day 

Autoband are most of your .cipher files in Chinese? Wonder what caused that?

 I've sent you a PM... I'll have a play with some old versions of MultiBit Classic when i get off shift tonight... hopefully i can replicate these different file formats and figure out exactly what these 94 character strings are...

Any luck gentlemen,

I am having the same issue, although I am less competent at code than both of you. My situation was pretty similar.

HCP scripts appear to attempt to decrypt the keys and wallet file, but I get the same error message as Autoband86.

I was chatting with a couple of the original devs on Github about this who were not of very much help. I can offer up a bounty of 1BTC for a solution.

HCP the wallet cipher decryption did not work for me either   (I have all the same files as autoband and confirmed in the wallet.info file the wallet with the address with the bitcoin)

I think what I did is upgrade from version .14 to version .15 then I put in the password. Prior to testing if the password unlocked the wallet I transferred the coins to cold storage from the exchange (since everyone tells you to do that) now they might be in permanent cold storage

I was thinking about buying a keep key as they have a script to move private keys from Multibit classic to their device, as a hail mary as well...

So as I PM'd you... I went ahead and read through the multibit code to figure out the file format for the wallet.cipher files... and how they are meant to be decrypted... Then attempted to recreate that Java code in Python... I did a quick test and it seemed to decrypt my wallet.cipher (using my wallet password) and spat out an unencrypted wallet file containing unecrypted keys... and displayed my addresses and private keys... so I *think* it works...

#fingersCrossed

For anyone who wants to try it or is curious, the "ugly code" is currently here: https://pastebin.com/2PYVG6My

Once it is confirmed that it is working "properly" and with some more testing, I'll tidy up the code and add it to the github project

Unfortunately I am still not able to find any solution, I've had the help of HCP to decrypt my wallet file, but his script outputs a 94 char Private address, which of course is wrong. None of the 64 char slices from the address actually seem to be my private address...

Does anyone know how the wallet.cipher files are encoded? Or how the encryption of the bitcoin wallet can be split to see which parts are encoded/where the IV and Salt are?

That is all you should have to do... that script should find all the unspent coins in your wallet (excluding any unconfirmed transactions)... and output the private keys for the addresses containing those UTXOs...

Ummmmm NOPE! That script is for multibit CLASSIC... it is even in the script name... decrypt_multibit_classic_walletkeys.py

That script is NOT designed for MultiBit HD... the only MultiBit HD script is: find_unspent_multibitHD_txes.py

In any case, if you want to recover your seed and you have mbhd.wallet.aes file and password... try: https://github.com/gurnec/decrypt_bitcoinj_seed

I have exact the same problem. I have a Multibit HD wallet (damn me, I lost the seeds), locked by the Multibit bug. I have the right password and tried your modified script:
First: find_unspent_multibitHD_txes.py. That works fine.
Then: your modified script with output of private key.
My private key ist 170 (hex) characters long, not 64...
The key-file is encrypted in my case. I call your script with the password, that works fine - its working a while. Then it asks for the password a second time and begins working again, stopping with the 170 long privkey and error message.
So Autoband and my problem is the same!
Both corrupted wallet-files, it seems.
50$ blown away...
If someone can help me, getting access back to my BC, that would be very nice!
Thanks

Not necessarily... Does the script output this:

File NOT Encrypted
--------------------------------------------------------------------------------
Keys are encrypted

Right at the start? If so, then the wallet file itself isn't actually encrypted... it is just in a "protobuf" format, hence why you can't read it. The public key isn't encrypted either, even though it "looks" all weird and encrypted. It is just binary encoded hex values stored as text characters...

The really confusing thing though, is that if your password was incorrect, the decryption of the keys should fail and you should see "incorrect password" and get prompted for the password again... it shouldn't give an incorrect private key??!?

The .key file I have wont decrypt with the password (your script says the password is wrong), and with the password I get gibberish when using OpenSSL. The fact of the matter is I wasn't able to export my private keys in the first place, because my multibit wallet rejected my password.

It was the start of the problem, I used all kinds of other passwords, but only this password gave me a "Provided AES key is wrong" reaction. I guessed this must have been the correct password so I tried to decrypt all other files.

When decrypting with the MultiBit Recovery script however, I do get the correct Public Key, so I think this password should be correct?


@HI-TEC99 Considering the timestamp, I have two files in the wallet-backup. One from 29 of nov, one from 30th. Both decrypt (only in the Multibit Recovery script) with the password I have above. But in multibit it says the password is wrong. If I look at the hex both are identical strangely.

The .key file is made at the same moment as the 1st backup. It doesnt decrypt either...

Did you only ever use one password for that wallet, or did you ever change it?

In 2013 if you added a password multibit classic made a timestamped backup in a folder whose name ends in -data. If you changed your password multibit classic made another timestamped backup. The first password would only work with the first timestamped backup, and the second password would only work with the second timestamped backup.

You said you had several rolling backups and a .key file. You can choose to manually create a .key file, but if you change your password multibit automatically creates one. If you ever changed your password then try all possible combinations of passwords and backups.

Well... colour me confused then... I honestly have no idea why your private key is decrypting as 94 chars which is effectively 47 bytes... that just makes no sense??!?

Do you have a .key file at all? maybe try just running the decrypt_multibit_classic_keys.py script on the .key file...

Are you not able to open your wallet with MultiBit Classic and export the keys from there?

HCP, thanks for your skype!

I'm having Dad duty today, so only sporadicly online. I do have a parsed-wallet file, and it also contains an encrypted_private_key. There is also a salt in the form of:
encryption_type: ENCRYPTED_SCRYPT_AES
encryption_parameters {

And the encryption is also version 2

Sent you a PM with my Skype... but I guess you dropped offline before I sent it.

Anyway, 94 characters?? that's not a good result. That sounds like something is going a bit wonky somewhere...

Does the script output say the following right at the beginning?:


The script should have generated a file called "parsed_wallet.txt". Can you open that up and see what it contains?

you should see things like:

key {
  type: ENCRYPTED_SCRYPT_AES
  public_key: "\0030g\351\227 ~-\370b\261 6\031\347\004U\321\331cFV\222HRD\255\240\255H\317\254\252"
  creation_timestamp: 1494035052000
  encrypted_data {
    initialisation_vector: "\201e\2700m}\217x+I}\235\237\356\201n"
    encrypted_private_key: "\2564\274\217\263Q\177\345\270\216\275]N\326\305\360\226\246\207B\033\225e\311j\200\353\014\016\205\355jn\206Q\366\023\306\303\306\017\267\2670\021\3501_"
  }
}

NOTE: DO NOT POST ANY OF THE CONTENT OF YOUR "parsed_wallet.txt" FILE HERE!!!

The pubkey isn't encrypted within the file... but the private key is... can you confirm that your "parsed_wallet.txt" has key{}'s that have type: ENCRYPTED_SCRYPT_AES and also contains the encrypted_data{} section that has the initialisation_vector and encrypted_private_key?

Also, near the end of the file should be some sections that look like:

encryption_type: ENCRYPTED_SCRYPT_AES
encryption_parameters {
  salt: "\355\220\310M\277UJ/"
}
version: 2
extension {
  id: "org.multibit.walletProtect.2"
  data: "\000"
  mandatory: true
}

Again, DON'T post any of that here... I just want to confirm that you have ENCRYPTED_SCRYPT_AES with the "salt"... and that there is the org.multibit.walletProtect.2 in there as well?

I'm trying to rule out a different wallet format to what I have seen and that the script is expecting...

Hi HCP,

Thanks for your reply, and your script! I ran your mod and it gives me a 94 character long output, which I guess it is not supposed to do. The error after that is:

Traceback (most recent call last):
  File "decrypt_multibit_classic_keys2.py.py", line 216, in
    wallet = load_wallet(wallet_file, get_password)
  File "decrypt_multibit_classic_keys2.py.py", line 173, in load_wallet
    print("Privkey: " + bitcoin.encode_privkey(privkey, 'wif_compressed'))
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 224, in encode_privkey
    return encode_privkey(decode_privkey(priv), formt, vbyte)
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 237, in decode_privkey
    if not formt: formt = get_privkey_format(priv)
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 217, in get_privkey_format
    bin_p = b58check_to_bin(priv)
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 427, in b58check_to_bin
    assert bin_dbl_sha256(data[:-4])[:4] == data[-4:]
AssertionError

When I run the script for the .key file, it tells me the password is incorrect. I was wondering about the password, but if it decrypts the PubKey correctly it must be the right one, right? I am afraid the .key and other files are corrupted? All the files I have give the same output btw, I have a saved file from when I installed Multibit, and one from after that. Another option I guess would be to decrypt the wallet.cypher files, I havent managed to do that with OpenSSL yet though, because it is more than 64 char, and my knowledge of it is little.

Would it be possible to decrypt the .wallet file and look at where the problem lies in the code? I have encoded and decoded a wallet file with the same password and name, which decrypted perfectly with your script! If I can put those decrypted next to each other, I might be able to spot the difference.

The output PrivKey I guess is wrong, but would it be decrypted correctly, just with a few to many characters?

I am using a mac btw

Firstly, sorry that my script is not working for you. I tested it with a number of files and never got this error

This part of the error message suggests that the checksum of the generated WIF format private key, doesn't match the original checksum from the private key stored in the file:

Is the .key file encrypted as well? Can you open it in a text editor like Notepad and read anything? If it is all encrypted, can you run the decrypt_multibit_classic_keys.py script on the .key file with that password? Does that generate any errors?

Unfortunately, I cannot replicate this error... so it is a little hard for me to test and figure it out...

I have made a quick modification here: https://pastebin.com/Z2zfbwiv

It should hopefully print out the "hex" version of the private key after the Pubkey: line... and before the error occurs. it'll look something like (NOTE: hex should be exactly 64 chars long):

Privkey: 41e09d37764805f234d2d17995d1c8f6338243f413a374c8d8a8b1e002b5b67e

Create an offline copy of the bitaddress.org website (links are at the bottom of the bitaddress.org page)... and then copy/paste that hex value into "Private Key" section of the "Wallet Details" page and click the "View Details" button. See if it gives you the matching addresses or an error message.

If you don't actually get that big long hex string (exactly 64 chars) from the script... then that is the reason for the error... as the private key is not being retrieved correctly... which is a bit of a problem

Hey all,

After searching everywhere last night, I have found several solutions to a problem I am experiencing, which don't work (yet). My Multibit Classic wallet is quite old, from 2013, using version 0.5.15, and I cannot decrypt the wallet, it rejects the password.. Apparently a common problem with the classic?

I have several rolling backups, a number of encrypted files, and a .key file, yet none seem to get decrypted properly with the password. I have used OpenSSL without succes.

Another thing I tried is a python script called Multibit Recovery by one of the forum members here. With the password, I am getting the Pubkey but not the privkey, it then shows the following output:

Traceback (most recent call last):
  File "decrypt_multibit_classic_walletkeys.py", line 215, in
    wallet = load_wallet(wallet_file, get_password)
  File "decrypt_multibit_classic_walletkeys.py", line 172, in load_wallet
    print("Privkey: " + bitcoin.encode_privkey(privkey, 'wif_compressed'))
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 224, in encode_privkey
    return encode_privkey(decode_privkey(priv), formt, vbyte)
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 237, in decode_privkey
    if not formt: formt = get_privkey_format(priv)
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 217, in get_privkey_format
    bin_p = b58check_to_bin(priv)
  File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/bitcoin/main.py", line 427, in b58check_to_bin
    assert bin_dbl_sha256(data[:-4])[:4] == data[-4:]
AssertionError

I am hoping someone can make more sense of this than I can? Some of my files give an incorrect password message, some do give me back the PubKey but always the same error above.