|
Title: GPU brute forcing an encrypted wallet Post by: yourstruly on March 03, 2013, 05:21:37 AM I lost my password to a wallet that had 20 bitcoins in it, its now worth my effort to retrieve it. I tried using Revalins script found here https://bitcointalk.org/index.php?topic=85495.msg942171#msg942171 without any luck.
So I have modified it to brute force based off a base password that I know is correct, so I'm only have to brute force between 6-8 characters which is feasible. Code: #!/usr/bin/ruby -w This is going terribly slow though, but that is because I'm using CPU to try to crack this and I should take a lesson from the mining community and try to use my GPU through CUDA or OpenCL. I was wondering if anyone could help me adapt this script to python or a ruby OpenCL/CUDA library so that I can harness my GPU power to try to crack my password to recover it. If not perhaps this will help someone else who ends up losing their wallet password and needs to brute force it. At 3-5 characters this would work find with a Quadcore. Title: Re: GPU brute forcing an encrypted wallet Post by: peewee on March 03, 2013, 09:46:31 AM An ambitious project...curious to see the outcome...and thanks for the reminder not to lose my wallet info >:(
Title: Re: GPU brute forcing an encrypted wallet Post by: kokjo on March 03, 2013, 09:59:36 AM system("sudo bitcoind", "bruteforce", "basepassword" + phrase, "20")
WTF!! seriously how far up your butt are your head? have you even tried cracking a password before, on your own? SUDO Really? the method you are using have way too much overhead to be anywhere possible even to crack a 4-char password. 1. you are comminucating with bitcoind over jsonrpc over http over tcp. 2. bitcoind are using berkeley DB, to check if the password s correct. RLY? U CRAZY? solution: extract enough information from from wallet.dat, to be able to verify a password, look in berkeleyDB manuels, bitcoin source, and determent what is needed. implement algoritm in some sort of GPU code(cuda, opencl,...) that do this efficient. Title: Re: GPU brute forcing an encrypted wallet Post by: alig23 on March 03, 2013, 10:18:47 AM system("sudo bitcoind", "bruteforce", "basepassword" + phrase, "20") WTF!! seriously how far up your butt are your head? have you even tried cracking a password before, on your own? SUDO Really? the method you are using have way too much overhead to be anywhere possible even to crack a 4-char password. 1. you are comminucating with bitcoind over jsonrpc over http over tcp. 2. bitcoind are using berkeley DB, to check if the password s correct. RLY? U CRAZY? solution: extract enough information from from wallet.dat, to be able to verify a password, look in berkeleyDB manuels, bitcoin source, and determent what is needed. implement algoritm in some sort of GPU code(cuda, opencl,...) that do this efficient. It would not work Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 04, 2013, 02:40:22 AM system("sudo bitcoind", "bruteforce", "basepassword" + phrase, "20") WTF!! seriously how far up your butt are your head? have you even tried cracking a password before, on your own? SUDO Really? the method you are using have way too much overhead to be anywhere possible even to crack a 4-char password. 1. you are comminucating with bitcoind over jsonrpc over http over tcp. 2. bitcoind are using berkeley DB, to check if the password s correct. RLY? U CRAZY? solution: extract enough information from from wallet.dat, to be able to verify a password, look in berkeleyDB manuels, bitcoin source, and determent what is needed. implement algoritm in some sort of GPU code(cuda, opencl,...) that do this efficient. Yeah that line was bad, I fixed it. I have no cracked before, you raise a great point that I had been noticing myself. My biggest bottleneck is the bitcoind client itself which is running on my CPU. The only way I could increase the speed is by running more bitcoind clients. I will try to read more about your proposed solution, I think that is the right direction. It would not work Could you please elaborate? Title: Re: GPU brute forcing an encrypted wallet Post by: DannyHamilton on March 04, 2013, 02:52:36 AM This is going terribly slow though, but that is because I'm using CPU to try to crack this and I should take a lesson from the mining community and try to use my GPU through CUDA or OpenCL. I was wondering if anyone could help me adapt this script to python or a ruby OpenCL/CUDA library so that I can harness my GPU power to try to crack my password to recover it. Mining involves generating hashes, which apparently GPU shaders are good at. I'm not sure what algorithm is used for encrypting your private keys, but I guess the first thing to figure out is if a GPU would be any good at that algorithm anyhow. Then assuming that it is, I would think you could pull an encrypted private key from the wallet and repeatedly attempt to decrypt it, looking to see if the result is a valid private key without having to go back to bitcoind every time. Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 04, 2013, 05:44:15 AM This is going terribly slow though, but that is because I'm using CPU to try to crack this and I should take a lesson from the mining community and try to use my GPU through CUDA or OpenCL. I was wondering if anyone could help me adapt this script to python or a ruby OpenCL/CUDA library so that I can harness my GPU power to try to crack my password to recover it. Mining involves generating hashes, which apparently GPU hashes are good at. I'm not sure what algorithm is used for encrypting your private keys, but I guess the first thing to figure out is if a GPU would be any good at that algorithm anyhow. Then assuming that it is, I would think you could pull an encrypted private key from the wallet and repeatedly attempt to decrypt it, looking to see if the result is a valid private key without having to go back to bitcoind every time. I will look into this, who knows if bitcoins keeps going up cracking wallets with lost passwords will be worth greater and greater investment. I was considering writing a short story about it. Title: Re: GPU brute forcing an encrypted wallet Post by: kokjo on March 04, 2013, 05:58:11 PM Mining involves generating hashes, which apparently GPU shaders are good at. I'm not sure what algorithm is used for encrypting your private keys, but I guess the first thing to figure out is if a GPU would be any good at that algorithm anyhow. AES is used to encrypt the privatekeys, if i remember correctly. it is easy to brutefore on GPU Title: Re: GPU brute forcing an encrypted wallet Post by: tminuszer0 on March 05, 2013, 05:01:08 AM AES is used to encrypt the privatekeys, if i remember correctly. it is easy to brutefore on GPU You would be correct. (http://bitcoin.stackexchange.com/questions/1713/how-does-the-bitcoin-client-encrypt-the-wallet-dat-file) Title: Re: GPU brute forcing an encrypted wallet Post by: kokjo on March 05, 2013, 08:11:38 AM AES is used to encrypt the privatekeys, if i remember correctly. it is easy to brutefore on GPU You would be correct. (http://bitcoin.stackexchange.com/questions/1713/how-does-the-bitcoin-client-encrypt-the-wallet-dat-file) Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 07, 2013, 10:00:40 PM AES is used to encrypt the privatekeys, if i remember correctly. it is easy to brutefore on GPU You would be correct. (http://bitcoin.stackexchange.com/questions/1713/how-does-the-bitcoin-client-encrypt-the-wallet-dat-file) So since its multiple rounds I would be better off trying to just crack via multiple instances of the bitcoind rpc? Title: Re: GPU brute forcing an encrypted wallet Post by: Nicolai on March 07, 2013, 10:58:36 PM Don't use bitcoind RPC interface, it's waaaaaaay to slow.
Go to github, find the 'wallet unlock code'-part, extract and use this code to bruteforce. Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 09, 2013, 02:46:11 AM Don't use bitcoind RPC interface, it's waaaaaaay to slow. Go to github, find the 'wallet unlock code'-part, extract and use this code to bruteforce. Great idea, thank you. Ill share my code when it is ready, incase anyone else runs into this. Title: Re: GPU brute forcing an encrypted wallet Post by: el_rlee on March 09, 2013, 02:57:48 AM can you not somehow utilize hashcat or john the ripper for that?
Title: Re: GPU brute forcing an encrypted wallet Post by: djdollabill on March 09, 2013, 07:49:55 AM You realize if you are successful you could brute force ANY BTC wallet whether you had legitimate claim to it or not.
In other words, bitcoin would be essentially dead, since you could take from any arbitrary wallet. You would start with the biggest ones, of course, and eventually word would get out, and bitcoin would be officially dead. So far, since the 2009 release of the bitcoin protocol, nobody has hacked an arbitrary wallet. This is presumably not for lack of trying. I would, to quote Justin Bieber, "Never say never," but if you want a way to open a wallet, you might be brute forcing for a long, long time. Title: Re: GPU brute forcing an encrypted wallet Post by: silverfuture on March 09, 2013, 07:59:45 AM You realize if you are successful you could brute force ANY BTC wallet whether you had legitimate claim to it or not. In other words, bitcoin would be essentially dead, since you could take from any arbitrary wallet. You would start with the biggest ones, of course, and eventually word would get out, and bitcoin would be officially dead. So far, since the 2009 release of the bitcoin protocol, nobody has hacked an arbitrary wallet. This is presumably not for lack of trying. I would, to quote Justin Bieber, "Never say never," but if you want a way to open a wallet, you might be brute forcing for a long, long time. Maybe you are confusing cracking the user password for the wallet with cracking a private key? A wallet password would crack easier or harder depending on what the password was. Title: Re: GPU brute forcing an encrypted wallet Post by: archaeopteryx on March 09, 2013, 01:27:25 PM You realize if you are successful you could brute force ANY BTC wallet whether you had legitimate claim to it or not. In other words, bitcoin would be essentially dead, since you could take from any arbitrary wallet. You would start with the biggest ones, of course, and eventually word would get out, and bitcoin would be officially dead. So far, since the 2009 release of the bitcoin protocol, nobody has hacked an arbitrary wallet. This is presumably not for lack of trying. I would, to quote Justin Bieber, "Never say never," but if you want a way to open a wallet, you might be brute forcing for a long, long time. OP: Quote So I have modified it to brute force based off a base password that I know is correct, so I'm only have to brute force between 6-8 characters which is feasible. He knows part of the password so has some a priori information to go off of, not like cracking a private key. It still might take a while. Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 10, 2013, 09:48:17 AM You realize if you are successful you could brute force ANY BTC wallet whether you had legitimate claim to it or not. In other words, bitcoin would be essentially dead, since you could take from any arbitrary wallet. You would start with the biggest ones, of course, and eventually word would get out, and bitcoin would be officially dead. So far, since the 2009 release of the bitcoin protocol, nobody has hacked an arbitrary wallet. This is presumably not for lack of trying. I would, to quote Justin Bieber, "Never say never," but if you want a way to open a wallet, you might be brute forcing for a long, long time. Not quite, I'm trying to crack a wallet with a password I created that is over 14 characters long. Since I created it though I have a base password which I know for certain is in the password which brings down the length of the password I need to crack to an insecure length. It is already pretty much known you don't use passwords less than 8 characters, preferably 14 or greater. All of this got me thinking, wouldn't it be crazy if after all the bitcoins were handed out the infrastructure once used to mine was turned to hack wallets because of their value. Title: Re: GPU brute forcing an encrypted wallet Post by: DannyHamilton on March 10, 2013, 04:33:48 PM All of this got me thinking, wouldn't it be crazy if after all the bitcoins were handed out the infrastructure once used to mine was turned to hack wallets because of their value. Sure, but first you'd have to get ahold of the wallet.dat file somehow. Then, even if you could do that, keep in mind that miners get the transaction fees of all the transactions in the block in addition to the newly minted bitcoins. So in 136 years when all new bitcoins have been issued, you'd probably still be more profitable continuing to mine (and receiving the transaction fees), unless you could get ahold of the wallet.dat of someone who had a REALLY large number of bitcoins AND an insecure password. Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 11, 2013, 02:14:08 AM All of this got me thinking, wouldn't it be crazy if after all the bitcoins were handed out the infrastructure once used to mine was turned to hack wallets because of their value. Sure, but first you'd have to get ahold of the wallet.dat file somehow. Then, even if you could do that, keep in mind that miners get the transaction fees of all the transactions in the block in addition to the newly minted bitcoins. So in 136 years when all new bitcoins have been issued, you'd probably still be more profitable continuing to mine (and receiving the transaction fees), unless you could get ahold of the wallet.dat of someone who had a REALLY large number of bitcoins AND an insecure password. I had not realized that the mining would continue because of ongoing transactions which makes sense now that you say it. Thanks for that insight. Title: Re: GPU brute forcing an encrypted wallet Post by: Jutarul on March 11, 2013, 02:26:32 AM You realize if you are successful you could brute force ANY BTC wallet whether you had legitimate claim to it or not. Try breaking the encryption for a wallet you don't have. First rule of business: Keep savings wallets offline. Forever. Encryption is only meant to create an economic barrier and give you some time, once you realize that the wallet has been compromised (i.e. uploaded to the internet). Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 25, 2013, 01:21:37 AM I'm having trouble isolating the functions I need out of the bitcoin client.
So what I understand is that there is a built in 100ms delay. If I extract out the piece to unlock it and bypass the rpc I can avoid that or is that because of the algorithm used to encrypt it? Title: Re: GPU brute forcing an encrypted wallet Post by: ihopedso on March 25, 2013, 01:43:32 AM That sounds terrible. I keep a unencrypted wallet on disk, just for this reason.
Title: Re: GPU brute forcing an encrypted wallet Post by: deepceleron on March 25, 2013, 02:00:50 AM You are out of your depth. Decrypt this message:
U2FsdGVkX1+b0djAYNFH7ci5sgIKVEVittOk11oml4C/ESACHoqEYrdz0pkCfIf7 The password is 1234 Code: /* What a cracker needs to do is extract the public and private(encrypted) ECDSA keys for some addresses out of the wallet, and perform a billion billion trial decryptions based on a passphrase iteration, generating encryption keys using the same formula Bitcoin does (https://en.bitcoin.it/wiki/Wallet_encryption), then verify the decrypted privkey also will create the ECDSA pubkey. The first thing you will find challenging is to parallelize is 25000 rounds of hashing for every master key attempt. https://www.cryptool.org/trac/CrypTool2/browser/trunk/CrypPlugins/AES/OpenCL/AESOpenCL.cl?rev=2061 Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 25, 2013, 04:19:18 AM You are out of your depth. Decrypt this message: U2FsdGVkX1+b0djAYNFH7ci5sgIKVEVittOk11oml4C/ESACHoqEYrdz0pkCfIf7 The password is 1234 Code: /* What a cracker needs to do is extract the public and private(encrypted) ECDSA keys for some addresses out of the wallet, and perform a billion billion trial decryptions based on a passphrase iteration, generating encryption keys using the same formula Bitcoin does (https://en.bitcoin.it/wiki/Wallet_encryption), then verify the decrypted privkey also will create the ECDSA pubkey. The first thing you will find challenging is to parallelize is 25000 rounds of hashing for every master key attempt. https://www.cryptool.org/trac/CrypTool2/browser/trunk/CrypPlugins/AES/OpenCL/AESOpenCL.cl?rev=2061 I appreciate this message, to be clear, you are suggesting I extract the public/private key from the address the funds were sent to and just attack that? I didn't attempt this method because I don't think I have the computing power necessary for that since bitcoin's wallet encryption algorithm is so crazy. I came to the conclusion I would have a much better chance trying actual passwords from a large list of possibilites with substitutions, subtractions and additions. But my main problem now is the RPC used to interact with bitcoind is waay too slow. So instead of trying to run multiple clients at once, someone suggested I extract the portion of code the RPC interacts with. I have been trying to do that and I'm making progress but its slow. Side note, is there a script that encrypts/decrypts the public/private from bitcoin to and from ascii? I really appreciate everyone's input. Title: Re: GPU brute forcing an encrypted wallet Post by: deepceleron on March 25, 2013, 08:32:35 AM I appreciate this message, to be clear, you are suggesting I extract the public/private key from the address the funds were sent to and just attack that? ... Brute-forcing the AES secret directly would require you brute force the entire key space, which is infeasible. I suggest that you must make your own native code that does the pass-phrase->master key computation using possible human pass-phrases. This is intentionally made hard to crack, a good CPU will only be able to manage a few hundred key attempts a second.Title: Re: GPU brute forcing an encrypted wallet Post by: veryveryinteresting on March 29, 2013, 05:46:41 AM Please update if you progress! I have been trying to modify Revalin's code for my password but have been unsuccessful. I too remember part of it.
Thanks Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 29, 2013, 11:32:31 PM I appreciate this message, to be clear, you are suggesting I extract the public/private key from the address the funds were sent to and just attack that? ... Brute-forcing the AES secret directly would require you brute force the entire key space, which is infeasible. I suggest that you must make your own native code that does the pass-phrase->master key computation using possible human pass-phrases. This is intentionally made hard to crack, a good CPU will only be able to manage a few hundred key attempts a second.So you are also recommending that I cut up the bitcoin client too? I'm trying to do this but having trouble. My wallet is now worth 2,000 and growing so its only more worth it by the day, so I guess Ill keep trying. Title: Re: GPU brute forcing an encrypted wallet Post by: yourstruly on March 29, 2013, 11:35:07 PM Please update if you progress! I have been trying to modify Revalin's code for my password but have been unsuccessful. I too remember part of it. Thanks Do you have an idea of how large the extra stuff on the base password is? If you can give me a bit more info I can try to help you out with what I have learned so far. Also write down EVERYTHING you remember about it now, this moment. Title: Re: GPU brute forcing an encrypted wallet Post by: KennyH on May 17, 2013, 07:38:01 PM I'm having trouble isolating the functions I need out of the bitcoin client. So what I understand is that there is a built in 100ms delay. If I extract out the piece to unlock it and bypass the rpc I can avoid that or is that because of the algorithm used to encrypt it? I'm also in the same spot as you and trying to run ruby scripts with bitcoind at about 25 passwords/second. Where did you find the info about the 100ms delay? I think I saw some timing when the keys are generated so that the decrypt will not be too slow. This timing sets the nDeriveIterations value for the master key. Title: Re: GPU brute forcing an encrypted wallet Post by: KennyH on May 19, 2013, 09:58:19 AM I'm having trouble isolating the functions I need out of the bitcoin client. So what I understand is that there is a built in 100ms delay. If I extract out the piece to unlock it and bypass the rpc I can avoid that or is that because of the algorithm used to encrypt it? I'm also in the same spot as you and trying to run ruby scripts with bitcoind at about 25 passwords/second. Where did you find the info about the 100ms delay? I think I saw some timing when the keys are generated so that the decrypt will not be too slow. This timing sets the nDeriveIterations value for the master key. to about 100 ms and set in nDeriveIterations for the master key. To effectively crack a strong password you would have to run the crack program on a computer with multi cpu or with a much faster cpu than was used to encrypt the wallet. I think multi cpu/gpu is the way to go. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 09, 2014, 11:44:31 AM Sorry guys to bother you. And sorry for my bad english. I get straight to it. One year ago, in was interessed in BTC and i bought 1,0 for reasonable price. My Programm was Multibit because in the other boards, they told me it is most user-friendly and i can subcribe. So i thought 1,0 Bitcoin would raise and raise, but did not. So i want to sell it.
Problem i can remember the password and iam very desperated.Okey, its not the end of the world. I google a lot and the majority said your pw is gone. Some mentions Brute Force, Scripts atc. But i do not know how to use it. What i need is an exe.progamm where i put the pw-wallet, i wait a couple of hours. And i got my PW back. Only thing remember, it was not jibberish, it was short 6 words and german. Could you help me or is the case closse? Best Regards Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 09, 2014, 03:09:59 PM Sorry guys to bother you. And sorry for my bad english. I get straight to it. One year ago, in was interessed in BTC and i bought 1,0 for reasonable price. My Programm was Multibit because in the other boards, they told me it is most user-friendly and i can subcribe. So i thought 1,0 Bitcoin would raise and raise, but did not. So i want to sell it. Problem i can remember the password and iam very desperated.Okey, its not the end of the world. I google a lot and the majority said your pw is gone. Some mentions Brute Force, Scripts atc. But i do not know how to use it. What i need is an exe.progamm where i put the pw-wallet, i wait a couple of hours. And i got my PW back. Only thing remember, it was not jibberish, it was short 6 words and german. Could you help me or is the case closse? Best Regards btcrecover (https://github.com/gurnec/btcrecover) might help, but only if you remember a decent amount of your password. It does support Multibit, although it doesn't support non-ASCII letters, so if your password had any umlauts it won't help. There's a tutorial with a quick start here (https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md) (in English, sorry). This thread (https://bitcointalk.org/index.php?topic=85495) has a lot of good information related to password recovery, but some of it is specific to Bitcoin Core (Bitcoin-Qt) wallets. If you have any specific questions about btcrecover, let me know and I'll try to help (I'm the dev). Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 09, 2014, 07:09:14 PM I'll try but it is to complicated. I thought a bruteforce was build like bloodpatch or serial.exe, you click the button then you got it. I think to understand that you must know basics of codings. Apparertly a german guy called Rene78 has the same problem and solved it, but he stays offline :( It is like i got the cure for cancer Good luck guys
Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 09, 2014, 07:49:38 PM I'll try but it is to complicated. I thought a bruteforce was build like bloodpatch or serial.exe, you click the button then you got it. Bitcoin wallets all (that I know of) use strong encryption. The point is to protect you from hackers. This also means that if you lose your password, you could be in trouble. If you describe everything you remember about your password, I can try to help. You don't have to use specifics -- for example you could say "I know my password contained 3 - 5 of these words below, and then a 1 - 2 digit number" and give example words, but not the actual ones you had in mind. If you want to use Bitcoin in the future, look into a "deterministic" wallet, such as Electrum or Armory. They have easy backup-to-paper and recovery mechanisms that can help. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 09, 2014, 07:53:34 PM I really fight i click on these python cmd it appears for one second and then diseapers.
I know for certain it was short and german. Maximun 5-6 letters(no numbers). Normally the first Letter is Big, you know what i mean, not frog, but Frog. Do can really help me, because in my timezone is soon sleepytime. :-) When i put my wallet.key whatever into a editor than came a jibberish of digits and letters...so is there my pw hidden? I try now this hashcat tgod know ifm it willhelp.. Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 09, 2014, 08:46:14 PM The different languages thing is hurting us... but I'll try.
From the Quick Start (https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#quick-start), follow Step 1 to install everything. Next, open Notepad, and then copy and paste this into Notepad: Code: #--pause --no-dupchecks --wallet multibit.key Next, save the Notepad file into the btcrecover-master folder you unzipped from Step 1. The file name must be btcrecover-tokens-auto.txt Next, follow Step 5 from the Tutorial Quick Start. After you find your Multibit .key file, copy it into the same btcrecover-master folder, and then rename the .key file to multibit.key Finally, double-click btcrecover.py, and it should start. If you installed PyCrypto in Step 1 (optional), it will take an hour or two to finish. If you didn't install PyCrypto, it will take around 6 - 24 hours to finish. This will test every password from 1 to 6 letters long. The first letter is upper or lower case, the rest are all lower case. No numbers or symbols. Good luck! Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 09, 2014, 09:24:13 PM From my bottom of my heart thank you chris.Unfournatly it did not work, because nothing happens when i click btcrecover.py. It appears 0000000,1 sec and than gone. If i type cmd it stays.
i do not know why btcrecover.py. is so bitchy. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 09, 2014, 09:47:36 PM No I surrender. Python wants not open. But i found out i can idle this.This is Monster about all wallets, but nothing where it wrotes there is your password.
For a butterflly i could toke a picture, maybe you understands why pyton do like me http://img5.fotos-hochladen.net/thumbnail/boardf9sxchg87w_thumb.jpg (http://www.fotos-hochladen.net/view/boardf9sxchg87w.jpg) Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 09, 2014, 11:17:56 PM Thank you for the picture, it is very helpful.
I understand what the problem is, but I can't fix it tonight, sorry about that. I'll post an update tomorrow sometime... Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 10, 2014, 12:41:04 AM How kind of you. I can not say hot excited i am, to find resolution. I hope it's just touching the right buttons and notw. Please reinstall windows.lol
Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 10, 2014, 12:58:36 PM No I surrender. Python wants not open. But i found out i can idle this.This is Monster about all wallets, but nothing where it wrotes there is your password. For a butterflly i could toke a picture, maybe you understands why pyton do like me http://img5.fotos-hochladen.net/thumbnail/boardf9sxchg87w_thumb.jpg (http://www.fotos-hochladen.net/view/boardf9sxchg87w.jpg) I should have caught this sooner, but now I see the problem. You have Python 3 installed. btcrecover only works with Python 2. (They are similar, but different programming languages.) You can have them both installed at the same time, but it's probably safest to: 1. Uninstall PyCrypto 2. Uninstall Python 3 3. Install Python 2.7.8 Windows X86-64 Installer from here (https://www.python.org/ftp/python/2.7.8/python-2.7.8.amd64.msi). 4. (optional) Install PyCrypto 2.6 for Python 2.7 64bit from here (http://www.voidspace.org.uk/downloads/pycrypto26/pycrypto-2.6.win-amd64-py2.7.exe). Title: Re: GPU brute forcing an encrypted wallet Post by: MakeBelieve on August 10, 2014, 01:05:22 PM So if you know 4 words out of 8 characters is that possible to crack or not?
Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 10, 2014, 01:38:13 PM So if you know 4 words out of 8 characters is that possible to crack or not? I'm not understanding you... can you describe in more detail? A bunch of examples would help. It also depends on which wallet you're using. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 10, 2014, 01:48:55 PM @btcchris
Big Thanks and Respect....12 hours to go....and i will not forget you, when i got lil bit more coins in my pocket, you get a lil thank you, a share I just hope it find the pw Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 10, 2014, 02:06:21 PM @btcchris Big Thanks and Respect....12 hours to go....and i will not forget you, when i got lil bit more coins in my pocket, you get a lil thank you, a share I just hope it find the pw I hope so too. If not, but you remember something new about your password, we can always try again. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 10, 2014, 03:05:46 PM Quick Questions in the cmd i understand everythings ETA 11 means 11 hours to go
But[###-----------------------] is written there at the momemt, should this my pw at the end, i am confused it was never so long Title: Re: GPU brute forcing an encrypted wallet Post by: Kipsy89 on August 10, 2014, 03:40:02 PM Is it really possible to do this with brute force? I mean a ruby or python script won't do you any good, that's sure... they're interpreted languages. I guess it totally depends on the size of your key then.... A GPU could do this. But of course it is still futile for a real bitcoin private key! They're safe!
Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 10, 2014, 04:30:12 PM Please do not discourage me :( ;)
Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 10, 2014, 04:38:18 PM Quick Questions in the cmd i understand everythings ETA 11 means 11 hours to go But[###-----------------------] is written there at the momemt, should this my pw at the end, i am confused it was never so long It should look something like this: Code: Read additional options from tokenlist file: --pause --no-dupchecks --wallet multibit.key In this example, it's been running for 6 minutes so far, and it has 29 minutes before it's tried every combination. If it finds the password, it will look like this: Code: Read additional options from tokenlist file: --pause --no-dupchecks --wallet multibit.key Or if it tries every combination and the password is something else (e.g. maybe it's longer, or has numbers), it will look like this: Code: Read additional options from tokenlist file: --pause --no-dupchecks --wallet multibit.key Does that answer your question? Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 10, 2014, 04:51:32 PM Is it really possible to do this with brute force? I mean a ruby or python script won't do you any good, that's sure... they're interpreted languages. I guess it totally depends on the size of your key then.... A GPU could do this. But of course it is still futile for a real bitcoin private key! They're safe! You're right, Bitcoin keys cannot be feasibly brute-forced. But this thread is talking about brute-forcing the password on wallets. If the password is weak enough, or if you know enough about the password, it's certainly feasible (and a GPU can help, depending on the wallet). As far as using a scripting language goes: yes they are slower, but many scripting languages implement the time-consuming portions (e.g. SHA) in native code, so using a scripting language isn't as big of a performance hit as you may think (btcrecover is written in Python, for example, but most of the crypto uses native code libraries (not written by me) or OpenCL for GPU acceleration). Moral of the story is: use strong passwords. :) Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 10, 2014, 05:17:37 PM @btcchris
Absoutley it answers my question. 9 hours to go Title: Re: GPU brute forcing an encrypted wallet Post by: MakeBelieve on August 10, 2014, 05:45:25 PM @btcchris Absoutley it answers my question. 9 hours to go You must know the majority of the password do you? how many characters don't you know? 12 hours seems like a very short time to wait. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 10, 2014, 05:55:20 PM I know it is a german word. And Maximun 5-6 Letters. No Numbers or+-*/ a german word
But I remember not a single Letter. My Style is that i start my word with Capital Letter. not perfume But Perfume Title: Re: GPU brute forcing an encrypted wallet Post by: CryptKeeper on August 10, 2014, 06:00:01 PM Use this service: http://www.walletrecoveryservices.com/ (http://www.walletrecoveryservices.com/)
These guys are experts in wallet hacking and are reliable. Title: Re: GPU brute forcing an encrypted wallet Post by: Sonny on August 10, 2014, 06:30:44 PM Is it really possible to do this with brute force? I mean a ruby or python script won't do you any good, that's sure... they're interpreted languages. I guess it totally depends on the size of your key then.... A GPU could do this. But of course it is still futile for a real bitcoin private key! They're safe! Brute-forcing a 256bit bitcoin private key is statistically impossible, but brute-forcing the password of an encrypted wallet is completely doable if there are only a few unknown characters in the password. Title: Re: GPU brute forcing an encrypted wallet Post by: MakeBelieve on August 10, 2014, 06:35:25 PM I've used: https://bitcointalk.org/index.php?topic=717334.0
Sorted out my problem in little to no time and was pretty cheap can't recommend him enough I found a post on reddit about his service and decided to ask him a few questions which he answered straight away and then contacted in through email which I found on the reddit post. Think it took no longer than 2 hours from sending him the details. But there is also: http://www.walletrecoveryservices.com/ These are suppose to be good but take a bigger fee which wasn't worth it in my opinion. I've heard great things though Or of course you can try and use btcrecover but it seems these guys who offer the service do it much faster and have custom hardware and custom scripts. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 10, 2014, 08:09:43 PM Half-time...six hours to got...I go to sleep...maybe a surprise when i wake up
Thanks again BTchris for patience,knowlegde and Help Title: Re: GPU brute forcing an encrypted wallet Post by: elliwilli on August 10, 2014, 09:16:20 PM You are kinda screwed...
the wallet is encrypted with multiple rounds of AES making it much, much harder to crack by almost any means. Try getting a quantum computer :D Title: Re: GPU brute forcing an encrypted wallet Post by: Welsh on August 10, 2014, 10:30:38 PM You are kinda screwed... the wallet is encrypted with multiple rounds of AES making it much, much harder to crack by almost any means. Try getting a quantum computer :D Wrong. It's indeed very possible to crack a password if you know a little about it. I've found around 8 passwords within a week. That is because they knew a little bit about their password. If you know the majority of your password you should be able to get it. If you are certain you used it but, might of made a typo(s) then it takes under a hour usually to find. The less you know about the password the more the chance of recovery failing. Remember, we are not trying to crack a private key, but a password. It's much easier and is possible. If anyone, needs help. Feel free to contact me about the matter. Title: Re: GPU brute forcing an encrypted wallet Post by: elliwilli on August 10, 2014, 10:40:51 PM You are kinda screwed... the wallet is encrypted with multiple rounds of AES making it much, much harder to crack by almost any means. Try getting a quantum computer :D Wrong. It's indeed very possible to crack a password if you know a little about it. I've found around 8 passwords within a week. That is because they knew a little bit about their password. If you know the majority of your password you should be able to get it. If you are certain you used it but, might of made a typo(s) then it takes under a hour usually to find. The less you know about the password the more the chance of recovery failing. Remember, we are not trying to crack a private key, but a password. It's much easier and is possible. If anyone, needs help. Feel free to contact me about the matter. Title: Re: GPU brute forcing an encrypted wallet Post by: Sonny on August 10, 2014, 10:42:27 PM You are kinda screwed... the wallet is encrypted with multiple rounds of AES making it much, much harder to crack by almost any means. Try getting a quantum computer :D Wrong. It's indeed very possible to crack a password if you know a little about it. I've found around 8 passwords within a week. That is because they knew a little bit about their password. If you know the majority of your password you should be able to get it. If you are certain you used it but, might of made a typo(s) then it takes under a hour usually to find. The less you know about the password the more the chance of recovery failing. Remember, we are not trying to crack a private key, but a password. It's much easier and is possible. If anyone, needs help. Feel free to contact me about the matter. Not sure about OP's case, but for Ronya, his password is very short and simple, and it is not really hard to brufe-force it. I know for certain it was short and german. Maximun 5-6 letters(no numbers). Normally the first Letter is Big, you know what i mean, not frog, but Frog. Title: Re: GPU brute forcing an encrypted wallet Post by: Welsh on August 10, 2014, 10:58:01 PM Not sure about OP's case, but for Ronya, his password is very short and simple, and it is not really hard to brufe-force it. Yes. Ronya should be able to crack it pretty soon, I'm surprised it's taking as long as it is though, guess it depends on the hardware you got pumping that script. I'm unsure how fast btcrecover is though.(a quick glance and the code is actually pretty clean and should run at decent speeds depending on hardware and whether it is able to utilize cores) I've had some similar scenarios and it's taken a few hours at most. I wish you the best of luck Ronya and hope you can get access back, if you can't you can always send me a message and we'll discuss more about the issue. Title: Re: GPU brute forcing an encrypted wallet Post by: aronnov on August 11, 2014, 07:16:34 AM You realize if you are successful you could brute force ANY BTC wallet whether you had legitimate claim to it or not. In other words, bitcoin would be essentially dead, since you could take from any arbitrary wallet. You would start with the biggest ones, of course, and eventually word would get out, and bitcoin would be officially dead. So far, since the 2009 release of the bitcoin protocol, nobody has hacked an arbitrary wallet. This is presumably not for lack of trying. I would, to quote Justin Bieber, "Never say never," but if you want a way to open a wallet, you might be brute forcing for a long, long time. Maybe you are confusing cracking the user password for the wallet with cracking a private key? A wallet password would crack easier or harder depending on what the password was. i hope this program cannot open my wallet and the others make something useful for humankind, not a kind of destructable ok ... Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 11, 2014, 08:35:16 AM So bad news....exhausted...
But i am so sure short word 5-6 letters and it is a word, not jibberish like adjkgs. But I think this is it, of course i could pay fees, i am not greedy, just it would be nice get just my old bitcoin.. But thabnks for all the help Title: Re: GPU brute forcing an encrypted wallet Post by: MakeBelieve on August 11, 2014, 10:13:27 AM So bad news....exhausted... But i am so sure short word 5-6 letters and it is a word, not jibberish like adjkgs. But I think this is it, of course i could pay fees, i am not greedy, just it would be nice get just my old bitcoin.. But thabnks for all the help Sad to hear I would keep trying and if you do fail and cant think of any thing else I should think you wouldn't mind paying much of a fee. Title: Re: GPU brute forcing an encrypted wallet Post by: HarmonLi on August 11, 2014, 11:48:03 AM Does anyone have a comparison of how long this would take with a script/interpreter language like Ruby or Python, vs. a compiled and highly parallized computation on a GPU? I guess we're talking 4-5 orders of magnitude here?
Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 11, 2014, 02:35:29 PM What i can do now? Just restart but it would provide the same results. Or i was wrong about password, but it is unusual that is a long pw, i am too lazy, It is 100% a word not combination of letters and numbers. But maybe something like Number1, but is ridicolous such a word i would not write.
So what should i do write notepad to enlarge the bruteforce? Title: Re: GPU brute forcing an encrypted wallet Post by: Wilhelm on August 11, 2014, 05:36:44 PM Does anyone have a comparison of how long this would take with a script/interpreter language like Ruby or Python, vs. a compiled and highly parallized computation on a GPU? I guess we're talking 4-5 orders of magnitude here? Much much faster. Try 20x. Still it will take many years to bruteforce. Dictionary attack will be faster if they have a weak password. Maybe you could program rainbow tables if you have many wallet.dat files to crack Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 11, 2014, 09:06:58 PM What i can do now? Just restart but it would provide the same results. Or i was wrong about password, but it is unusual that is a long pw, i am too lazy, It is 100% a word not combination of letters and numbers. But maybe something like Number1, but is ridicolous such a word i would not write. So what should i do write notepad to enlarge the bruteforce? First, just a reminder, if there was an umlaut over any of the vowels, btcrecover will never find it. It can't handle non-ASCII. The only option would be to try more passwords. I guess I'd try this: Code: #--pause --no-dupchecks --wallet multibit.key --autosave progress.sav This tries passwords that have a single number at the end, and also passwords that are 7 letters long. It will take 36 times longer to run, so it's pretty important that you install PyCrypto 2.6 for Python 2.7 64bit from here (http://www.voidspace.org.uk/downloads/pycrypto26/pycrypto-2.6.win-amd64-py2.7.exe) first. It will autosave to a file in the same directory, so you can close it and restart it without losing any progress (but only after the initial counting phase). I just added a small improvement related to autosave, so you should probably download a new copy of btcrecover first. Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 11, 2014, 09:38:15 PM Does anyone have a comparison of how long this would take with a script/interpreter language like Ruby or Python, vs. a compiled and highly parallized computation on a GPU? I guess we're talking 4-5 orders of magnitude here? Much much faster. Try 20x. Still it will take many years to bruteforce. Dictionary attack will be faster if they have a weak password. Maybe you could program rainbow tables if you have many wallet.dat files to crack The wallet.dat password is seeded, rainbow tables wouldn't help. While there is a speed difference between Python and native code, for this particular application it's much closer than 20x. Most of the time is spent inside cryptographic code, and most scripting languages implement cryptographic primitives in native code. Here's a comparison between btcrecover and John the Ripper, including columns which show what language each cryptographic primitive is actually written in. The interesting comparisons are the Bitcoin Core lines, which show a speedup of 2.75x from 44 P/s to 128 when going from btcrecover to JtR, and the speedups that you get with GPU acceleration (pretty good speedups with Bitcoin, but a measly 4 - 6x speedup for Armory which uses a memory-hard KDF). All of these tests were run on my aging i5-2500k and 2x 560 Ti's. Wallets were created on the same system using default KDF parameters, except for the Blockchain.info wallet with 10,000 iterations (10 is the default). BBcode tables are pretty ugly, the original spreadsheet if you want to see it is here (http://1drv.ms/1pnpk0m).
Title: Re: GPU brute forcing an encrypted wallet Post by: MakeBelieve on August 11, 2014, 11:27:11 PM Does anyone have a comparison of how long this would take with a script/interpreter language like Ruby or Python, vs. a compiled and highly parallized computation on a GPU? I guess we're talking 4-5 orders of magnitude here? Much much faster. Try 20x. Still it will take many years to bruteforce. Dictionary attack will be faster if they have a weak password. Maybe you could program rainbow tables if you have many wallet.dat files to crack The wallet.dat password is seeded, rainbow tables wouldn't help. While there is a speed difference between Python and native code, for this particular application it's much closer than 20x. Most of the time is spent inside cryptographic code, and most scripting languages implement cryptographic primitives in native code. Here's a comparison between btcrecover and John the Ripper, including columns which show what language each cryptographic primitive is actually written in. The interesting comparisons are the Bitcoin Core lines, which show a speedup of 2.75x from 44 P/s to 128 when going from btcrecover to JtR, and the speedups that you get with GPU acceleration (pretty good speedups with Bitcoin, but a measly 4 - 6x speedup for Armory which uses a memory-hard KDF). All of these tests were run on my aging i5-2500k and 2x 560 Ti's. Wallets were created on the same system using default KDF parameters, except for the Blockchain.info wallet with 10,000 iterations (10 is the default). BBcode tables are pretty ugly, the original spreadsheet if you want to see it is here (http://1drv.ms/1pnpk0m).
OH wow great information there thanks for the information chris. Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 13, 2014, 04:56:42 PM @Chris
This file is getting complicated, they ask me if i repair/remove/change...I do not I klick somewhere--But i think i did not right cuz,warning: can't find pycrypto..maybe give me a more detail Hoe to put pycrypto in btc-recover Title: Re: GPU brute forcing an encrypted wallet Post by: MakeBelieve on August 13, 2014, 04:59:17 PM If you can't do it yourself and find your self struggling you should probably just hire a more technical person they will probably find it in no time if its near the correct password.
Title: Re: GPU brute forcing an encrypted wallet Post by: MakeBelieve on August 13, 2014, 05:00:19 PM I did try first myself on trying to recover my wallet but then I gave up and contacted someone over at the services section and they finally found it wasn't far from my prediction but I probably would of never got it...or would of took me a long time for a small amount.
Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on August 13, 2014, 08:56:59 PM @Chris This file is getting complicated, they ask me if i repair/remove/change...I do not I klick somewhere--But i think i did not right cuz,warning: can't find pycrypto..maybe give me a more detail Hoe to put pycrypto in btc-recover Please give this a try. 1. Go to Start -> Control Panel. 2. Click on Uninstall a Program. 3. Find everything that has "Python" in the program name, you should find at least two, maybe more. 4. Double-click each one to remove it. 5. Install Python 2.7.8 Windows X86-64 Installer from here (https://www.python.org/ftp/python/2.7.8/python-2.7.8.amd64.msi). 6. Install PyCrypto 2.6 for Python 2.7 64bit from here (http://www.voidspace.org.uk/downloads/pycrypto26/pycrypto-2.6.win-amd64-py2.7.exe). Let me know if you still get the "warning: can't find pycrypto" message... Title: Re: GPU brute forcing an encrypted wallet Post by: Ronya on August 23, 2014, 10:38:44 PM I want proudly annonce that Btcris made it. I gave my key-file and then crack/hack/brute-force(for all jibberish) and he is a man of Honor, he could steal 1,0 Btc, but he got his fee,w hat was negoniated under us 10%, so 0,1 Btc
So he is the Heisenberg of BTC Title: Re: GPU brute forcing an encrypted wallet Post by: Sonny on August 24, 2014, 04:05:23 PM It is nice to know that the problem is finally solved now, and it is nice to see you haven't trusted the wrong person.
Well done, btchris. Title: Re: GPU brute forcing an encrypted wallet Post by: DhaniBoy on August 29, 2014, 06:15:52 PM It is not so easy to encrypted a wallet with GPU brute forcing, because encryted wallet has a very complicated security, as example in blockchain.info, if you lost your passwrod, you must enter some random words, which given at the time of first registration, hopefully you can find the lost password wallet
Title: Re: GPU brute forcing an encrypted wallet Post by: Gumbork on August 30, 2014, 07:20:57 AM I want proudly annonce that Btcris made it. I gave my key-file and then crack/hack/brute-force(for all jibberish) and he is a man of Honor, he could steal 1,0 Btc, but he got his fee,w hat was negoniated under us 10%, so 0,1 Btc So he is the Heisenberg of BTC Nice that you finally get your bitcoin back. Title: Re: GPU brute forcing an encrypted wallet Post by: silverfuture on September 04, 2014, 11:37:53 AM btchris I sent you a PM.
Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on September 04, 2014, 09:35:56 PM btchris I sent you a PM. Been away for a while and I'm slowly catching up. I did get it, will hopefully reply soon... Title: Re: GPU brute forcing an encrypted wallet Post by: silverfuture on November 17, 2014, 09:31:28 PM Just wanted to let folks know that btchris cracked a password for me and I would consider him a trustworthy individual. He could have stolen the btc but did not.
Title: Re: GPU brute forcing an encrypted wallet Post by: Simon8x on November 18, 2014, 09:30:06 AM silverfuture and btchris, would you mind telling me (or through PM) about how complicated the password is (length? consists of upper-case/lower-case/special/numeric characters?) and how long the brute-forcing process takes?
Title: Re: GPU brute forcing an encrypted wallet Post by: btchris on November 20, 2014, 08:26:10 PM silverfuture and btchris, would you mind telling me (or through PM) about how complicated the password is (length? consists of upper-case/lower-case/special/numeric characters?) and how long the brute-forcing process takes? I hope you'll understand that I will not... that's up to silverfuture to decide. Although if you have a set of password criteria in mind, I might be able to estimate such a thing for your circumstances, but you'd need to be fairly specific (about the password, about your wallet software, and possibly about your PC as well). Title: Re: GPU brute forcing an encrypted wallet Post by: ashraful1980 on August 23, 2020, 04:15:56 PM I lost my password to a wallet that had 20 bitcoins in it, its now worth my effort to retrieve it. I tried using Revalins script found here https://bitcointalk.org/index.php?topic=85495.msg942171#msg942171 without any luck. So I have modified it to brute force based off a base password that I know is correct, so I'm only have to brute force between 6-8 characters which is feasible. Code: #!/usr/bin/ruby -w This is going terribly slow though, but that is because I'm using CPU to try to crack this and I should take a lesson from the mining community and try to use my GPU through CUDA or OpenCL. I was wondering if anyone could help me adapt this script to python or a ruby OpenCL/CUDA library so that I can harness my GPU power to try to crack my password to recover it. If not perhaps this will help someone else who ends up losing their wallet password and needs to brute force it. At 3-5 characters this would work find with a Quadcore. Dear Sir, I have many time tried to find tested password as "abc11" but it is not find. Could you please give me a guideline to operate the script. I have run your script before i have run the C:\Program Files (x86)\Bitcoin\daemon\bitcoind.exe please ask me anything wrong...... Title: wallet Post by: sapce on September 08, 2021, 12:57:57 AM I only remember part of the wallet password. What command can I use in btcrecover to find it?
|
