|
Title: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on July 01, 2011, 03:56:07 PM Edit: Updated to create a new wallet.dat with the recovered keys.
Edit 2: New v0.2 release, new instructions. Note that this still can't recover encrypted wallets! Edit 3: v0.3 release to support the compressed public keys created by recent Bitcoin versions. Still can't recover encrypted wallets. For some reason, people keep reformatting their drive or deleting their wallet.dat without taking proper backups. As casascius helpfully points out (http://forum.bitcoin.org/index.php?topic=22697.0) - and this is something I'd already suspected - it may be possible to recover the crucial wallet.dat private keys and the bitcoins secured with them by scanning the disk for certain markers, so long as you're lucky and the data you need isn't too fragmented and hasn't already been overwritten. To that end, I've written a little experimental utility (http://www.makomk.com/gitweb/?p=bitcoin-wallet-recover.git;a=summary) that tries to search for and validate those keys. It's not even close to being able to recover all keys that are recoverable - though it should work in a decent proportion of cases - Instructions:
Code: wget http://www.makomk.com/~aidan/wallet-recover-0.3-linux.tar.gz Code: sudo ./wallet-recover-0.3-linux/bin/32/wallet-recover <insert device name here> recovered-wallet.dat Code: sudo ./wallet-recover-0.3-linux/bin/32/wallet-recover /dev/sda recovered-wallet.dat WARNING: The recovered wallet does not contain a pool of spare keys to send change to (the old ones should get recovered but aren't marked as such). It also doesn't include any names for addresses, so the address you can copy-and-paste in the client is a NEW address created when you first started bitcoin using your recovered wallet, and any change from transactions also goes to a NEW address - none of these addresses are in the original recovered wallet. After first running Bitcoin with the recovered wallet, you MUST exit it and take backup copies of the wallet.dat in your .bitcoin directory to several locations BEFORE making or receiving any transactions - then be sure to use this version and NOT THE ORIGINAL recovered-wallet.dat from this point on. If you're using bitcoind rather than the GUI, you must also call "bitcoind getnewaddress" before shutting down and copying the wallet.dat. Also, be extremely careful about backing up your wallet on a regular basis after using this tool - Bitcoin's handling of the keypool is quirky and this may trigger bugs in it. (Added 9th July, amended 19th Sept.) Disclaimer: This code comes with no warranty, not even an implied warranty of fitness for its intended purpose. I don't guarantee that it won't make things worse, or that the recovered keys are correct, and obviously I can't guarantee that it'll manage to recover the keys you need. Oh, and it may not be able to recover older wallets at all. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: cypherdoc on July 01, 2011, 04:35:05 PM http://forum.bitcoin.org/index.php?topic=11331.0
how does your tool differ from above? i created a new wallet using Live CD Ubuntu, tx'd some btc to it, but then didn't save it properly. would there be any traces left on my computer? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on July 01, 2011, 04:45:15 PM http://forum.bitcoin.org/index.php?topic=11331.0 That tool's a lot easier to use, but relies on you having a filesystem and enough of wallet.dat left intact for BerkleyDB to be able to open it. how does your tool differ from above? Quote i created a new wallet using Live CD Ubuntu, tx'd some btc to it, but then didn't save it properly. would there be any traces left on my computer? Not a chance, sorry. Live CDs deliberately don't save anything to your computer unless you specifically tell them to - it's why I suggest using one for this, because that way you don't risk overwriting any more of the data you're trying to recover - so there's just nothing there to be recovered. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: cypherdoc on July 01, 2011, 04:51:25 PM sorry to bug you with an off topic question but when i transfer a wallet.dat from a usb stick to a cdrom or to another usb stick on same computer, are there any traces of it left on hard drive?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: bitplane on July 01, 2011, 05:53:29 PM sorry to bug you with an off topic question but when i transfer a wallet.dat from a usb stick to a cdrom or to another usb stick on same computer, are there any traces of it left on hard drive? Unless you know how the system works, you should assume that the answer is yes. Windows caches files on the disk before burning it to CD. When copying from USB -> USB you'd expect nothing to be written to the hard drive, but it goes through RAM and anything in there could potentially end up in your paging file and therefore written to disk.The ideal solution would be USB -> USB using a Linux live CD, with either no hard drive plugged in, or by running "swapoff" to make sure no virtual memory is in use at the time of the copy. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: BkkCoins on July 02, 2011, 02:42:53 AM Excellent that this is out there as a resource now.
If I ever need to use it I'll definitely send some coin your way! Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: error on July 02, 2011, 02:36:16 PM Source code?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on July 02, 2011, 03:17:44 PM Source code? Yep, follow the second link - it's in a git repository here (http://www.makomk.com/gitweb/?p=bitcoin-wallet-recover.git;a=summary) (because I've set up so many of those by now I can almost do it in my sleep). A bit messy, but the code should be reasonably straighforward.Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: error on July 02, 2011, 03:42:27 PM Source code? Yep, follow the second link - it's in a git repository here (http://www.makomk.com/gitweb/?p=bitcoin-wallet-recover.git;a=summary) (because I've set up so many of those by now I can almost do it in my sleep). A bit messy, but the code should be reasonably straighforward.Ah, your prose did not make it clear that that was a source code repository. Sorry. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: jonathan on July 09, 2011, 02:05:40 PM debian squeeze amd64 users will need this:
aptitude install ia32-libs i got my btc back, thanks again for speeding the process along makomk :-) Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on July 09, 2011, 02:36:17 PM debian squeeze amd64 users will need this: That's useful to know. Probably makes sense too... the canned instructions were mainly aimed at users running from random 32-bit LiveCDs. aptitude install ia32-libs i got my btc back, thanks again for speeding the process along makomk :-) Was glad to hear it helped someone - and thank you for the donation, by the way!Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Lolcust on August 17, 2011, 01:09:30 PM Wow, good one.
Any chance of a windows build ? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: MoonShadow on October 12, 2011, 12:59:31 AM Any possibility that this recovery tool can be used to scan an Android phone for the keys of an android client that no longer will properly update?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on October 12, 2011, 09:39:25 AM Any possibility that this recovery tool can be used to scan an Android phone for the keys of an android client that no longer will properly update? Not currently, no. It is/was on my TODO list to add this feature to it, but I haven't got around to it yet. (A lot of users of the Android client have been running into difficulties.) The Android client - and bitcoinj-based clients in general - store private keys in a more compact format than the official Bitcoin client does.Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: MoonShadow on October 12, 2011, 01:34:53 PM Any possibility that this recovery tool can be used to scan an Android phone for the keys of an android client that no longer will properly update? Not currently, no. It is/was on my TODO list to add this feature to it, but I haven't got around to it yet. (A lot of users of the Android client have been running into difficulties.) The Android client - and bitcoinj-based clients in general - store private keys in a more compact format than the official Bitcoin client does.Would a bounty help to encourage your efforts? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on October 13, 2011, 03:21:43 PM Would a bounty help to encourage your efforts? Dunno. The main obstacle is that Java is involved. In particular, the wallet file uses Java's own serialization support which seems to be both poorly-documented and a pain to deal with.If you've got or can obtain a (non-corrupt) copy of the .wallet file from the phone in question, then it looks like bitcoinj already has a tool for opening it and printing the private keys, and that's probably the easiest option: Code: java -classpath bitcoinj-0.2.jar:bitcoinj-0.2-sources.jar:../lib/* com.google.bitcoin.examples.DumpWallet pingservice-prodnet.wallet Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: MoonShadow on October 13, 2011, 04:33:40 PM I don't know how to even get a copy of the wallet.dat off of the phone, I've left it untouched for two months taking up phone space.
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on October 13, 2011, 10:31:09 PM I don't know how to even get a copy of the wallet.dat off of the phone, I've left it untouched for two months taking up phone space. I think the "easiest" solution is to install adb and use adb pull to copy it off. In fact, a quick google turns up these instructions (http://code.google.com/p/bitcoin-wallet/source/browse/trunk/README?spec=svn214&r=214). I'm not sure if this is the right Bitcoin app, but if it is then it appears it may have files with plain-text Base58 copies of the private keys you can copy off - that'd save a lot of hassle! Presumably you'd have to change the command to:Code: adb pull /data/data/de.schildbach.wallet/files/key-backup-base58 Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on October 20, 2011, 11:38:21 AM Finally got around to rolling a new v0.2 release of this:
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tlhonmey on January 19, 2012, 05:25:22 PM I haven't looked at the details of how your code works, so I can't be sure, but there is a possibility that you could save yourself some maintenance effort on it if you put it together as a magicrescue recipe... Magicrescue scans block devices looking for particular sigils to recover certain kinds of files, and then calls arbitrary scripts to extract them. I don't know if it would make anything easier or not, but it might be worth a look.
Edit: Also, This seems donation-worthy, but I'm not seeing an address listed... Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: hmongotaku on June 15, 2012, 09:20:23 PM windows version?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on July 06, 2012, 05:04:03 PM Finally got around to adding the compressed public key support required to recover wallets created by Bitcoin 0.6 and up.
windows version? Afraid not, sorry.Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: sadpandatech on July 09, 2012, 03:25:56 AM Does it matter what file system is on the HDD that we are attempting to recover from?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: makomk on July 11, 2012, 07:51:44 PM Does it matter what file system is on the HDD that we are attempting to recover from? Not particularly, so long as it's not encrypted or compressed. Some filesystems may give a better chance of success than others though. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: NRF on August 07, 2012, 07:54:26 AM Edit: Updated to create a new wallet.dat with the recovered keys. Edit 2: New v0.2 release, new instructions. Note that this still can't recover encrypted wallets! Edit 3: v0.3 release to support the compressed public keys created by recent Bitcoin versions. Still can't recover encrypted wallets. Sorry for doing a necro, but this is a great little bit of code! Sucks the private keys directly out of a drive, does not care about file system, OS's or anything! I just had to sub to it. I have already put it onto my Recovery USB and tested several different scenarios. Any ideas on how/when you are going to implement support for encrypted wallets? I think that encrypted wallets is the last thing left and then this will be the ultimate key recovery tool. Thanks Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: nikolaicheg on November 29, 2012, 07:58:15 AM Hello! any chance to get this tool working with crypted wallets?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: eXcelleNt on February 08, 2013, 10:36:55 PM I tried this, but it isn't working for me.
I downloaded SystemRescueCd ---> http://www.sysresccd.org/SystemRescueCd I booted from a DVD and went straight to the GUI, had terminal open, typed in exactly what is written in the OP and I get an error in terminal. After I type the part with "sudo ....." Terminal responds with: zsh: correct 'sudo' to '_sudo' [nyae]? If I press y: _arguments:comparguments:312:can only be called from completion function If I press n: zsh: command not found : sudo I have 4 hard-drives and 1 SSD. I disconnected all of them and connected the 1 hard-drive that I need to run the recovery tool on (this HDD is not bootable). It's not connected to the number 1 SATA port on the mobo. Does this therefore affect the part of the code with: '/dev/sda'? Or what's going on? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Manstef on April 03, 2013, 11:30:38 PM Hi makomk,
Is this a linux version? I have a corruption with Litecoin but dont know if there's even a problem with the wallet... Just have the error: "A fatal error occured. Litecoin can no longer continue safely and will quit. EXCEPTION: 11DbException Db::open: Invalid argument litecoin in Runaway exception " Can I try loading the wallet in a fresh install of the client does anybody know? Cheers Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: whpulsar85 on April 21, 2013, 05:18:06 PM Would love more info and a Windows version here...
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tlhonmey on April 27, 2013, 06:11:09 PM Yes, this is a Linux version. You'll want to stop using the OS that's on the drive with the corrupted wallet as soon as possible to reduce the odds of lost data being over-written and destroyed. The easiest way to do that is with a Linux live CD, so don't hold your breath for a Windows version, I doubt it's really worth the time. (Although the program would probably compile and run under cygwin or mingw just fine.)
You should be able to erase the block chain files or copy the wallet to a fresh install to see if it's really the wallet that's damaged. I recommend using a different machine if possible just in case. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: cnsunshu on May 17, 2013, 01:35:11 AM I was trying to recover my corrupted bitcoin wallet with your recovery tool, I used a Ubuntu 13.04 install CD, I managed to extract 101 key pairs, and I can find the recovered-wallet.dat file, however I couldn't move the file to anywhere, it says "Error opening file: Permission denied", I've got root by type in "su" command in teminal but still no help. I'm not familiar with Linux system so could you please help me with this issue? Thanks
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Praxis on July 17, 2013, 11:59:26 AM Would it be possible to retrieve other *coins? namecoin, devcoin, litecoin etc. wallets?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Kinetic915 on November 27, 2013, 05:35:08 PM Bump here.
So any news on recovering encrypted wallets? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: skyrater on November 30, 2013, 11:26:20 PM I have a slightly different scenario and would need help.
A mate's pc crashed (it was on Windows 7), the file system (NTFS) is half corrupt, so the HDD itself won't boot or be recognised by other PC. I extracted the HDD and connected to a working PC with a USB-SATA cable. With a data recovery tool I reconstructed the file system and tried to recover the critical wallet.dat file. I can get the entire dir out but wallet.dat seem corrupt (the file opened in an HEX file shows all zeros, seem totally empty). How would I run this tool to scan the crashed HDD in search of these key traces? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Martijnvdc on December 01, 2013, 08:45:12 AM I have a slightly different scenario and would need help. By putting a linux distro on a CD/flash drive, then boot it and run the tool.A mate's pc crashed (it was on Windows 7), the file system (NTFS) is half corrupt, so the HDD itself won't boot or be recognised by other PC. I extracted the HDD and connected to a working PC with a USB-SATA cable. With a data recovery tool I reconstructed the file system and tried to recover the critical wallet.dat file. I can get the entire dir out but wallet.dat seem corrupt (the file opened in an HEX file shows all zeros, seem totally empty). How would I run this tool to scan the crashed HDD in search of these key traces? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: skyrater on December 03, 2013, 11:01:28 AM I have a slightly different scenario and would need help. By putting a linux distro on a CD/flash drive, then boot it and run the tool.A mate's pc crashed (it was on Windows 7), the file system (NTFS) is half corrupt, so the HDD itself won't boot or be recognised by other PC. I extracted the HDD and connected to a working PC with a USB-SATA cable. With a data recovery tool I reconstructed the file system and tried to recover the critical wallet.dat file. I can get the entire dir out but wallet.dat seem corrupt (the file opened in an HEX file shows all zeros, seem totally empty). How would I run this tool to scan the crashed HDD in search of these key traces? The hard disk crashed is now an extranl drive of a working PC with Windows XP. It is NOT recognised by the OS, so probably alsso linux will not be able to see it properly. Only data recovery tools (like ZAR which I used) can reconstruct the File system on the crashed hdd by reading data in fragments and recovering them. I was wondering if this wallet recovery tool can do something similar or needs a drive mapping (which cannot be done due to the crash) to start with... Also: can anyone recommend any small linux distribution which can fit on a USB drive and work with this tool? I don't have a cd reader on that PC. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Martijnvdc on December 03, 2013, 01:08:58 PM I have a slightly different scenario and would need help. By putting a linux distro on a CD/flash drive, then boot it and run the tool.A mate's pc crashed (it was on Windows 7), the file system (NTFS) is half corrupt, so the HDD itself won't boot or be recognised by other PC. I extracted the HDD and connected to a working PC with a USB-SATA cable. With a data recovery tool I reconstructed the file system and tried to recover the critical wallet.dat file. I can get the entire dir out but wallet.dat seem corrupt (the file opened in an HEX file shows all zeros, seem totally empty). How would I run this tool to scan the crashed HDD in search of these key traces? The hard disk crashed is now an extranl drive of a working PC with Windows XP. It is NOT recognised by the OS, so probably alsso linux will not be able to see it properly. Only data recovery tools (like ZAR which I used) can reconstruct the File system on the crashed hdd by reading data in fragments and recovering them. I was wondering if this wallet recovery tool can do something similar or needs a drive mapping (which cannot be done due to the crash) to start with... Also: can anyone recommend any small linux distribution which can fit on a USB drive and work with this tool? I don't have a cd reader on that PC. You can use System Rescue CD, it comes with all the tools you'll need. Feel free to email me or PM me; i can help you through. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: skyrater on December 10, 2013, 01:24:47 PM I tried this, but it isn't working for me. I downloaded SystemRescueCd ---> http://www.sysresccd.org/SystemRescueCd I booted from a DVD and went straight to the GUI, had terminal open, typed in exactly what is written in the OP and I get an error in terminal. After I type the part with "sudo ....." Terminal responds with: zsh: correct 'sudo' to '_sudo' [nyae]? If I press y: _arguments:comparguments:312:can only be called from completion function If I press n: zsh: command not found : sudo I have 4 hard-drives and 1 SSD. I disconnected all of them and connected the 1 hard-drive that I need to run the recovery tool on (this HDD is not bootable). It's not connected to the number 1 SATA port on the mobo. Does this therefore affect the part of the code with: '/dev/sda'? Or what's going on? I can help you here, as I had the exact same problem. It is a problem due to how gentoo (the base of SystemRescueCd) works. You solve it doing this. Instead of typing sudo ./wallet-recover-0.3-linux/bin/32/wallet-recover /dev/sda recovered-wallet.dat in the terminal window you type first: su (so you get the superuser priviledges) and then simply: ./wallet-recover-0.3-linux/bin/32/wallet-recover /dev/sda recovered-wallet.dat It will then work. Also, careful if you work with external devices your drive to scan will NOT be sda. with the crashed hard disk connected via usb in my case was sdc You can see a list of all your drives via the system menu - partition names Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: skyrater on December 10, 2013, 01:34:25 PM This tool ignores whatever filesystem there is. It just reads it raw. It reads it as if the whole disk is just one big file. You don't need the disk to be mountable. You can use System Rescue CD, it comes with all the tools you'll need. Feel free to email me or PM me; i can help you through. Thank you for the suggestions. I was able to set it up to make it start but: a) The key scan is taking very long. After an hour or so the program stops with 'io error: impossible to read' or something like that. Of course the hd is crashed, so there might be some damaged clusters. Is there any way to make the program continue anyway instead of stopping? b) The program seem to find a large number of keys. On the first scan it found 302 keys after 2 hours of work (but there was a power cut, so I could not even see the result file...). On successive scans around 100 keys. On the terminal screen I see a new line for each new key with a private key output. Is this useful in any way? c) The file recovered-wallet.dat is written at each new key or only at the end? I ask as I was not able to have a full run (due to the power cut and the reading errors in the next runs), but in two cases I saved the file recovered-wallet.dat. This does not seem to be populated at all. Certainly looking at it with an hex editor I cannot see any sign of the 100 keys the program tells me being recovered. Maybe they were not written yet? Any suggestion how to make use of the terminal dump with all those private keys to attempt seeing if any of those is the lost wallet key I am after? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: scutzi128 on January 16, 2014, 10:53:08 PM will this prgram work for a litecoin wallet instead of a bitcoin wallet?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: petrkr on February 04, 2014, 02:40:54 PM will this prgram work for a litecoin wallet instead of a bitcoin wallet? Today I tried it, version, which you can download at 1st post didn't worked, but I dowloaded source codes from GIT and that version worked for me. I had corrupted wallet file so any python script could not open it as long probably header was damaged so it was not valid database file... I used file instead device as long I didn't needed find wallet at raw (deleted) drive. Code: ./wallet-recover damagedWallet.dat newWallet.dat after move newWallet to .litecoin and rebuild tree I've got this http://petrkr.net/a/ltcrepaired.jpeg All "mined" transactions appears with date and time when I ran recovery tool. I can't tell if send of them will work as I still don't have synced network, but I hope so. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: daserpent1 on February 04, 2014, 05:33:56 PM Could this tool of yours be used to recover any accidently deleted files? I accidently removed the alphacoin folder with close 100k alphacoins in it :-\
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: 0Null0 on February 17, 2014, 12:09:01 AM Hi, I tried using the tool and it worked at first. I got this error after the first few minutes
Device read: Input/output error Could someone please help? thanks Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: hilgi on April 09, 2014, 06:52:59 PM I was able to get a recovered wallet but it was still giving me a corrupt wallet error so I ran it with the salvagewallet=1 conf file in the appdata folder and it worked!
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: BenHur on May 31, 2014, 03:10:22 PM Hi makomk,
I want to thank you for your Bitcoin private key/wallet.dat data recovery tool. I recover my Gridcoins with the tool. :D I want to send you btc,but I can't find the address. :) Thanks again. ;D Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: derrend on August 28, 2014, 06:53:35 AM What if you scan a drive with several wallets (litecoin, bitcoin, quarkcoin), are all the keys imported into one 'wallet.dat' file which will work with all three clients or will the have to be separated somehow??
@makomk, Thanks for the tool and please post a donation address ;) Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: derrend on September 11, 2014, 10:38:48 PM Hello,
I'm trying to build your very useful tool form source as a member of the forum stated that they had more success when it was built on their machine. I downloaded a .tar.gz snapshot of the master branch and ran make in the same directory as the akefile but got: Code: g++ -I/usr/include/db4.8 -I/usr/include/cryptopp -ggdb -Wall -O2 -o wallet-recover main.cpp -lcryptopp -ldb-4.8 Please could you give me some directions if possible? I don't build software very often ;) Thanks :) Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: jackjack on September 12, 2014, 07:23:23 AM Hello, I'm trying to build your very useful tool form source as a member of the forum stated that they had more success when it was built on their machine. I downloaded a .tar.gz snapshot of the master branch and ran make in the same directory as the akefile but got: Code: g++ -I/usr/include/db4.8 -I/usr/include/cryptopp -ggdb -Wall -O2 -o wallet-recover main.cpp -lcryptopp -ldb-4.8 Please could you give me some directions if possible? I don't build software very often ;) Thanks :) You may need an additional library Also I don't want to hijack the thread but OP haven't logged for more than a year Have you tried pywallet? I only requires python2.7 Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: derrend on September 18, 2014, 11:30:19 PM You may need an additional library lol, I hadn't noticed how old the thread was :) Thanks for the tip :)Also I don't want to hijack the thread but OP haven't logged for more than a year Have you tried pywallet? I only requires python2.7 Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: kingscrown on September 19, 2014, 03:21:20 AM u are life saver to many people!
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Rashnraj on October 17, 2014, 11:31:13 AM I have lost all private keys of blockchain.info wallet,
Can anyone recover it, I have nearly 50,000 btc in it. I tried many ways but I couldn't. Help me out Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: Muhammed Zakir on October 17, 2014, 12:08:35 PM I have lost all private keys of blockchain.info wallet, Can anyone recover it, I have nearly 50,000 btc in it. I tried many ways but I couldn't. Help me out I think this is a spam just to increase activity. Please don't spam, you will get banned from the forum. Blockchain.info is an online wallet. So what do you mean by that question? What are the ways you tried? ~~MZ~~ Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: DeborahGunn on November 10, 2014, 07:46:27 AM Data Recovery is a wonderful and multifunctional recovery tool to retrieve your lost videos, photos, music, documents, emails, etc. from your computer's hard drive. Besides, it can also recover data from USB drives, external hard drives, mobile phones, digital cameras, iPods, MP3/MP4 players and other storage devices.
Some steps on how to recover the lost data with Data Recovery: 1. Select types of lost data. All the common file formats are generally classified into six different categories. Only choose the specific types of the files you need to retrieve will accelerate the scan speed. 2. Choose a location to start searching data. This option is suitable for the situation of a data loss caused by deleting or losing a partition, and re-partition. 3. Scan your computer or device. The process bar displays how long the scan will take. 4. Preview and recover the files. When the preview or search finishes, select the target files and press Recover button to save data again on your device. Want to get back your lost data right now? IfCoupons.com offers you Discounts and Coupons for Data Recovery (http://www.ifcoupons.com/categories/data-recovery/) from different brands and companies. Come and get one! Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: dooglus on September 16, 2015, 05:43:41 AM So this morning I noticed there was an outgoing transaction in my wallet that hadn't confirmed for a week. I decided I would try to send it again with a bigger fee. So I did a 'dumpprivkey' on the address that funded the unconfirmed transaction, made a new wallet, did an 'importprivkey' to import the address into the new wallet, then re-sent the transaction. There was only a single output on the address, so it used the same one again, effectively double-spending it.
Once the transaction confirmed, which it did quickly, I switched back to my main wallet, and deleted the temporary new wallet, since I was done with it. Right? I rescanned the old wallet, using the -zapwallettxes argument to delete the old conflicting transaction, and it came up showing that I had made two spends recently, not the one that I expected. Then I remembered: the change from the new spend is only in the new temporary wallet that I just deleted. Oops. I looked for 'undelete' programs, but didn't find anything that looked useful. I found this thread, but the git repository seems to have died. So I wrote my own simple "privkey finder": Code: #include <stdio.h> It's much simpler than the tool this thread is about, but it did the trick. It found the deleted private keys and I was able to get my coins back. So I figured I'd share it. I built and ran it like this: Code: $ gcc -O4 -o pkgrep pkgrep.c I was somewhat surprised to find that the private key for the change address was on the drive 5 times. It was a new wallet that I created just to double-spend that single output, then deleted. And somehow the key found itself written to disk 5 times. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: CryptoSalad on September 16, 2015, 10:06:29 PM Can this be used on other wallets other than bitcoin if so would be good as I have lost a few wallets in the past on one drive that I have not used in ages and has had deleted partitions and all sorts go wrong on it. is their any windows version to t his tool or just Linux?
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: dooglus on September 17, 2015, 07:04:18 AM Can this be used on other wallets other than bitcoin if so would be good as I have lost a few wallets in the past on one drive that I have not used in ages and has had deleted partitions and all sorts go wrong on it. is their any windows version to t his tool or just Linux? My code should work on any wallet and any OS with a C compiler. You may need to change the 8 bytes it looks for. Make a new wallet, load it up in a hex editor, look for the 8 bytes which precede each private key. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tspacepilot on September 17, 2015, 07:20:02 AM Code: #include <stdio.h> Simple and useful program, dooglus, thanks for sharing it. One follow up question, I can see how you're just checing for each byte and then printing if you find them. But the code you pasted just checks for 7 bytes. There should be a check for 0x30 before the 0x81, right? Or what am I missing? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: siameze on September 17, 2015, 09:14:37 AM Can this be used on other wallets other than bitcoin if so would be good as I have lost a few wallets in the past on one drive that I have not used in ages and has had deleted partitions and all sorts go wrong on it. is their any windows version to t his tool or just Linux? My code should work on any wallet and any OS with a C compiler. You may need to change the 8 bytes it looks for. Make a new wallet, load it up in a hex editor, look for the 8 bytes which precede each private key. I thank you so much for sharing this as well, light enough to use on my arm based node. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: dooglus on September 17, 2015, 09:21:24 AM Code: #include <stdio.h> Simple and useful program, dooglus, thanks for sharing it. One follow up question, I can see how you're just checing for each byte and then printing if you find them. But the code you pasted just checks for 7 bytes. There should be a check for 0x30 before the 0x81, right? Or what am I missing? Suppose the disk image contains: "2930 3081 d302 0101 0420 privkey". Checking for 0x30 would cause my simple program to miss that privkey completely, since it never backtracks. I figured it was better to maybe get some false positives than to miss some private keys. In tests, my code encountered bytes like these, and so missed the privkey: 0081 d302 0101 0420 3081 d302 0101 0420 privkey It output: 3081 d302 0101 0420 privke since the 7 bytes before the real 8 byte prefix triggered the matching code. I'm guessing that's quite an uncommon situation. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: itod on September 17, 2015, 10:09:09 AM Code: #include <stdio.h> Simple and useful program, dooglus, thanks for sharing it. One follow up question, I can see how you're just checing for each byte and then printing if you find them. But the code you pasted just checks for 7 bytes. There should be a check for 0x30 before the 0x81, right? Or what am I missing? Suppose the disk image contains: "2930 3081 d302 0101 0420 privkey". Checking for 0x30 would cause my simple program to miss that privkey completely, since it never backtracks. I figured it was better to maybe get some false positives than to miss some private keys. In tests, my code encountered bytes like these, and so missed the privkey: 0081 d302 0101 0420 3081 d302 0101 0420 privkey It output: 3081 d302 0101 0420 privke since the 7 bytes before the real 8 byte prefix triggered the matching code. I'm guessing that's quite an uncommon situation. IMHO your code should use nested If's instead of ANDs, that way not finding expected byte should reset search to the beginning, without ever encountering false positives or missing something: Code: #include <stdio.h> Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tspacepilot on September 17, 2015, 04:19:34 PM Code: #include <stdio.h> Simple and useful program, dooglus, thanks for sharing it. One follow up question, I can see how you're just checing for each byte and then printing if you find them. But the code you pasted just checks for 7 bytes. There should be a check for 0x30 before the 0x81, right? Or what am I missing? Suppose the disk image contains: "2930 3081 d302 0101 0420 privkey". Checking for 0x30 would cause my simple program to miss that privkey completely, since it never backtracks. I figured it was better to maybe get some false positives than to miss some private keys. In tests, my code encountered bytes like these, and so missed the privkey: 0081 d302 0101 0420 3081 d302 0101 0420 privkey It output: 3081 d302 0101 0420 privke since the 7 bytes before the real 8 byte prefix triggered the matching code. I'm guessing that's quite an uncommon situation. Oh I see what you mean. I guess you could make it more robust if you, say, recurse when you find 0x30 so that you check all potential 8 byte windows. Anyway, thanks again. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: dooglus on September 18, 2015, 02:56:08 AM IMHO your code should use nested If's instead of ANDs, that way not finding expected byte should reset search to the beginning, without ever encountering false positives or missing something: You might be surprised to learn this, but your code is equivalent to mine. Both Code: if (a() && b()) ... and Code: if (a()) if (b()) ... don't call b() if a() returns a falsy value. For example: Code: #include <stdio.h> Then... Code: $ gcc if-shortcut.c Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: dooglus on September 18, 2015, 02:54:35 AM IMHO your code should use nested If's instead of ANDs, that way not finding expected byte should reset search to the beginning, without ever encountering false positives or missing something: You might be surprised to learn this, but your code is equivalent to mine. Both Code: if (a() && b()) ... and Code: if (a()) if (b()) ... don't call b() if a() returns a falsy value. For example: Code: #include <stdio.h> Then... Code: $ gcc if-shortcut.c Edit: see http://stackoverflow.com/a/628538/1253362 for confirmation of this. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: itod on September 18, 2015, 12:52:53 PM You might be surprised to learn this, but your code is equivalent to mine. Interesting, you are right, I thought left-to-right evaluation for && operator is not guaranteed. Solution may be to introduce another variable to buffer first next getchar() value, and then in case of missed match take the value of c from that buffer instead of getchar() in the while loop condition statement. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: JeWay on September 18, 2015, 03:27:51 PM This is actually a good tool to use, but kinda hard to use for a newbie
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: dooglus on September 18, 2015, 03:53:02 PM You might be surprised to learn this, but your code is equivalent to mine. Interesting, you are right, I thought left-to-right evaluation for && operator is not guaranteed. Solution may be to introduce another variable to buffer first next getchar() value, and then in case of missed match take the value of c from that buffer instead of getchar() in the while loop condition statement. I expect reading characters one by one is introducing lots of overhead, and it would be better to do some kind of buffering. Or maybe stdio.h handles that for me. There's also ungetc(): ungetc() pushes c back to stream, cast to unsigned char, where it is available for subsequent read operations. Pushed-back characters will be returned in reverse order; only one pushback is guaranteed. which could be all I need to avoid missing keys. My main aim in sharing this was to show a very simple way of scanning a device for private keys that recently worked for me. It took maybe 5 hours to scan my whole (full-disk encrypted) 1 TB root partition. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: marcusiscoo1 on November 10, 2015, 06:29:05 AM So after doing a scan with System Rescue CD, it find 226 keys. How do I transfer them to a usb? After Googling the issue, I cant seem to find a way to mount a usb in System Rescue so I can move files to it. Can anyone help me? Also plan on donating if I am able to get my wallet back. Thank you.
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tspacepilot on November 10, 2015, 04:49:51 PM So after doing a scan with System Rescue CD, it find 226 keys. How do I transfer them to a usb? After Googling the issue, I cant seem to find a way to mount a usb in System Rescue so I can move files to it. Can anyone help me? Also plan on donating if I am able to get my wallet back. Thank you. What is a System Rescue CD? It sounds like you've got some proprietary software there and maybe you have to read the manual. If you just need help mounting a USB drive on a linux system, I can help you with that. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: LuckyYOU on November 17, 2015, 08:28:44 PM This is actually a good tool to use, but kinda hard to use for a newbie Yeah a detailed video would handy to be honest. I got stuck in the beginning already.. wget http://www.makomk.com/~aidan/wallet-recover-0.3-linux.tar.gz Do i need a linux server for this or can i do this with windows also? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: siameze on November 17, 2015, 09:23:19 PM This is actually a good tool to use, but kinda hard to use for a newbie Yeah a detailed video would handy to be honest. I got stuck in the beginning already.. wget http://www.makomk.com/~aidan/wallet-recover-0.3-linux.tar.gz Do i need a linux server for this or can i do this with windows also? Isn't the answer to your question rather obvious from the name of the file ? Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tspacepilot on November 18, 2015, 01:19:25 AM I think the code that dooglus posted just a few posts back should run on windows, assuming you know how to run a compiler on that system (I don't).
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: facembanijung on April 23, 2016, 10:24:28 PM The ideal solution would be USB -> USB using a Linux live CD, with either no hard drive plugged in, or by running "swapoff" to make sure no virtual memory is in use at the time of the copy.
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: rfisher1968 on April 26, 2016, 12:40:00 AM I compiled it on windows using Cygwin and ran it just on a wallet.dat file. Worked great.
I'm going to modify the code and inject 32 different bytes into each, is there any problem with this? I think the code that dooglus posted just a few posts back should run on windows, assuming you know how to run a compiler on that system (I don't). Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tspacepilot on April 27, 2016, 04:29:38 PM I compiled it on windows using Cygwin and ran it just on a wallet.dat file. Worked great. I'm going to modify the code and inject 32 different bytes into each, is there any problem with this? I think the code that dooglus posted just a few posts back should run on windows, assuming you know how to run a compiler on that system (I don't). What do you mean, "inject 32 different bytes into each"? Good to know that the script runs on any system. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: rfisher1968 on April 27, 2016, 06:33:35 PM I guess I should have said a new/different private key. I didn't know if it would work.
I compiled it on windows using Cygwin and ran it just on a wallet.dat file. Worked great. I'm going to modify the code and inject 32 different bytes into each, is there any problem with this? I think the code that dooglus posted just a few posts back should run on windows, assuming you know how to run a compiler on that system (I don't). What do you mean, "inject 32 different bytes into each"? Good to know that the script runs on any system. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: rfisher1968 on May 01, 2016, 12:47:09 PM I just created the code to insert random private key into wallet.dat and bitcoin core says wallet.dat is corrupt. I just got my answer.
Code: #include <stdio.h> Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: tspacepilot on May 07, 2016, 12:09:45 AM I just created the code to insert random private key into wallet.dat and bitcoin core says wallet.dat is corrupt. I just got my answer. Code: #include <stdio.h> Are you sure you didn't just get the format wrong? I'm pretty sure the wallet format has more than just the list of private keys. Actually, it's documented somewhere on the wiki, I've looked at it before. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: dooglus on May 07, 2016, 04:24:13 PM I just created the code to insert random private key into wallet.dat and bitcoin core says wallet.dat is corrupt. I just got my answer. Code: printf("found: ");I think you would have better luck if you did a fgetc() with each of those fputc() calls. That way you are effectively overwriting the old privkey with a new random one rather than inserting new bytes into the file which will corrupt it. Edit: oh, you are already doing that. :) So I'm not sure what went wrong. I'll take another look. Edit2: wallet.dat stores the public keys as well as the private keys and complains if they don't match. That's why you're getting the error you're getting. From walletdb.cpp: Code: // Old wallets store keys as "key" [pubkey] => [privkey] Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: almightyruler on May 06, 2017, 09:01:54 AM So I wrote my own simple "privkey finder": Code: #include <stdio.h> Hi dooglus, where did you get the 3081 d302 0101 0420 sequence from? Did you reverse engineer that yourself, or see it elsewhere? I don't think that sequences covers all keys, because I found several in my wallet which had different leading bytes. I've modified your code to extract keys more aggressively - using a smaller sequence - and also backtrack if the conditional fails: Code: #include <stdio.h> The downside of the reduced lead sequence is that the program will cause a lot more false positives, particularly if you use it to scan an entire raw device, rather than (say) a corrupt wallet.dat file. I fed it an old 40GB Windows XP backup image, and it output nearly 600,000 potential keys, so it's really only practical for extracting keys from a known wallet file. Hope this helps someone, anyway. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: WarrEagle on May 16, 2017, 05:19:00 PM Thank you for your contribution, this is a very helpful tool. I have a friend that past away in 2013 supposedly his mom said his laptop has a bunch of BTC on it. Will be checking it out this weekend.
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: buzztiaan on July 05, 2017, 12:14:34 AM Will be checking it out this weekend. The suspense is killing me :D Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: CrewKitten on July 05, 2017, 10:00:53 PM Hey, thanks a lot for posting this. I will keep it in mind.
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: head.arrow on July 06, 2017, 07:18:53 AM i used it
it works really well my hdd was virus attacked now my wallet.dat is recovered great job Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: morbius55 on July 16, 2017, 10:45:15 AM Is this useable with windows? and is there a computer novices guide to getting it running?.
Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: doncello on August 19, 2017, 07:31:04 PM Edit: Updated to create a new wallet.dat with the recovered keys. Edit 2: New v0.2 release, new instructions. Note that this still can't recover encrypted wallets! Edit 3: v0.3 release to support the compressed public keys created by recent Bitcoin versions. Still can't recover encrypted wallets. For some reason, people keep reformatting their drive or deleting their wallet.dat without taking proper backups. As casascius helpfully points out (http://forum.bitcoin.org/index.php?topic=22697.0) - and this is something I'd already suspected - it may be possible to recover the crucial wallet.dat private keys and the bitcoins secured with them by scanning the disk for certain markers, so long as you're lucky and the data you need isn't too fragmented and hasn't already been overwritten. To that end, I've written a little experimental utility (http://www.makomk.com/gitweb/?p=bitcoin-wallet-recover.git;a=summary) that tries to search for and validate those keys. It's not even close to being able to recover all keys that are recoverable - though it should work in a decent proportion of cases - Instructions:
Code: wget http://www.makomk.com/~aidan/wallet-recover-0.3-linux.tar.gz Code: sudo ./wallet-recover-0.3-linux/bin/32/wallet-recover <insert device name here> recovered-wallet.dat Code: sudo ./wallet-recover-0.3-linux/bin/32/wallet-recover /dev/sda recovered-wallet.dat WARNING: The recovered wallet does not contain a pool of spare keys to send change to (the old ones should get recovered but aren't marked as such). It also doesn't include any names for addresses, so the address you can copy-and-paste in the client is a NEW address created when you first started bitcoin using your recovered wallet, and any change from transactions also goes to a NEW address - none of these addresses are in the original recovered wallet. After first running Bitcoin with the recovered wallet, you MUST exit it and take backup copies of the wallet.dat in your .bitcoin directory to several locations BEFORE making or receiving any transactions - then be sure to use this version and NOT THE ORIGINAL recovered-wallet.dat from this point on. If you're using bitcoind rather than the GUI, you must also call "bitcoind getnewaddress" before shutting down and copying the wallet.dat. Also, be extremely careful about backing up your wallet on a regular basis after using this tool - Bitcoin's handling of the keypool is quirky and this may trigger bugs in it. (Added 9th July, amended 19th Sept.) Disclaimer: This code comes with no warranty, not even an implied warranty of fitness for its intended purpose. I don't guarantee that it won't make things worse, or that the recovered keys are correct, and obviously I can't guarantee that it'll manage to recover the keys you need. Oh, and it may not be able to recover older wallets at all. Hi, Will it recover litecoin wallet.dat as well? I made a huge mistake and lost all my coins. Will appreciate if you can help with it. Title: Re: Bitcoin private key/wallet.dat data recovery tool! Post by: oinkoink on October 29, 2017, 08:58:38 AM Hi, Will it recover litecoin wallet.dat as well? I made a huge mistake and lost all my coins. Will appreciate if you can help with it. Interested as well, whats needed for other wallets edit: just checked the source, a bit lost here, could someone point out which parts need changes for this to work for e.g. litecoin? i guess this tool checks constants that are in the btc curve (secp256k1?) and picks the right bits around it? Pls enlighten me |
