Bitcoin Forum

I'm always forgetting my passwords so I've created a NXT password recovery tool. Basically you provide it a list of your possible passwords and it tries them against every NXT account and lets you know when it finds your account.

Its a simple executable jar, you run ./unlock.jar   (with your wordlist named words) and in seconds it spits out:

1XXXXX6 goes with-> 13265985987339974375
1XXXXXX5 goes with-> 13888415127028438325
1XXXXXXX9 goes with-> 9145748622157025476
PXXXXXXXXd goes with-> 17946328911576397249
6XXXXXXXX1 goes with-> 16866580466432022750
mXXXXXXXXl goes with-> 353866013030102193
qXXXXXXXXy goes with-> 507719274119471401
1XXXXXXXX0 goes with-> 16958579998696111878
sXXXXXXXXXn goes with-> 1381199936781422049
hXXXXXXXXXo goes with-> 3530952447553796006

... (XXX's added because those accounts/brainwallet addresses aren't mine)

I don't know if it would help anyone else but I'd offer it out for a small donation. :) (Also you have to promise not to do anything illegal with it, only plan to give out 10 for educational purposes)

contact: Ryanwheeler999@gmail.com

NXT: 10529688047532253405

You just opened a Pandora's Box ...

Perhaps Nxt can actually be "mined", after all.  ;D

I suppose that's possible but that would be stealing. (and that's wrong). I will say though that when I ran an api balance check and saw someone holding 975,000 NXT with a 4 character all lowercase password my mind melted. (They still have their money, :) obviously or I wouldn't be posting that here! )

-Will

wow, and who can reverse this now!!
more secure passwords, more secure passwords..

You are a very kind and genuine, but naive person.  :(

Looks like 8 left, I can also provide the java source code if someone would prefer to look at the code and run it that way. It's kind of neat just to see what people have used for passphrases:

123456789012345678901234567890XXXXXXXXXXXXXXXXX89012345678901234567890123456789 0 goes with-> 2150793311394299018

It's a "feature".

https://bitcointalk.org/index.php?topic=366105.msg4785565#msg4785565


Nxt passwords are supposed to be at least 30 random uppercase/lowercase/number characters (https://bitcointalk.org/index.php?topic=428423.0), why the client simply doesn't generate these itself and then save them in a wallet.dat is beyond me.

I've updated the subject of the email based on this post. It's an interesting possibility.

That's a good method to "mined" nxt.When yon mine any coin, must be exciting

Wow!  ::)

I'm not going to pay for this kind of ( more elaborate) software, but I'm sooo tempted to make a python scrypt and dictionary attack this crap, just to see how many accounts I can find with non-zero balance.

I wanted to go the python route (love Python!) but ran into some issues finding the two types of encryption in Python libraries. You'll have to let me know if you get it figured out. (I think SHA256 was actually available to some extent but not Curve)

(I'm now down to 7)

Are u running this against an offline blockchain ?

Because if you are running this attack against the live NXT network,  then congratulations, mate,  u have made an account generator.

How is that? As long as he does not transfer money FROM that account, no account is created.

This one not working
- https://github.com/Hatswitch/cirripede/tree/master/curve25519-python
?

I just have it scan the blockchain for all transactions and account numbers. (all offline following that)

There are minor variations is the different implementations. The 64-bit integer implementation of Curve25519 in Java (ported from C) just worked for me out of the box.

Could you elaborate? (bold part)

Moreover: Does your tool support GPUs for recovery (e.g. uses jCuda)? what about the performance, any specifics?

thanks

I'm certainly no expert in the different implmentations but a quick google search shows:

Implementation   Platform   Author   32-bit speed   64-bit speed   Constant time
curve25519    x86 32-bit   djb    265µs    N/A    yes
curve25519-donna-c64    64-bit C   agl    N/A    215µs    yes
curve25591-donna    Portable C   agl    2179µs    610µs    yes

My tool does not support GPU's (my expectation though is that it would be used with pre-defined wordlists and not random permutations. ) I don't have any metrics on number of hashes a second or anything like that. (it's the exact same implementation built into the NXT protocol)

I did rent one of Amazons EC2's supercomputer 'cc2.8xlarge' for a day ($60 bucks). I can say that was blazingly fast compared to my laptop. :)

ok, so https://github.com/Hatswitch/cirripede/tree/master/curve25519-python could be working.

ok, so same code as good old vanitygen from jlp, with added wordlist and scan blockchain/transactions functionality.

thanks for answering

Hmmm...the way I understand it (and I'm not saying that I've got a perfect understanding of NXT account security) is that an account is created with a 64 bit hash the first time a particular pass phrase is submitted to the NXT client and thus to the network/blockchain.
U can then transfer NXT into this account, but the full 256 bit hash is only created when u first transfer funds (even if it is only 1 NXT) out of the account, which is recommended for any account holding funds.

64 bit encryption is a lot easier to crack, obviously, which is why (supposedly) BCNext chose this mechanism to allow recovery of "lost" NXT in the future, ie NXT sent by mistake to an account with no set passphrase.

Have a look in the mega-thread, there is (somewhere) lots of info about this issue.
https://bitcointalk.org/index.php?topic=345619.0

No. Only transactions create accounts.

Arg, somebody requested video of the tool running. I've supplied a tiny dictionary file pulled from some random site, used the api to confirm that that they are vacant accounts (don't want to screw anyone over) and threw in a cgi script that updates accounts at: http://192.168.0.4/cgi/test.cgi (This will actually update very slowly, and I really hope nobody adds NXT to them! ) <- *edit took down

I've got 6 spots left and I'm closing this up. To expedite this, just send ~500 NXT (.1 bc) (email ryanwheeler999@gmail.com the amount, make it unique so I know who you are) to the account listed in the initial post and I'll email the tool and API balance checker.

(additionally, the top donator has the option for one hell of an app given the others)


-Will

NXT: 10529688047532253405
BTC: 15LjXMdKZ9jnH8TDMxntQkvh1838oitoQU

I've sent 5 out (for all the people that just sent messages please read the post above, much easier than managing the various messages I"m getting).


Also good feedback:

ano nybuffer
5:22 PM (2 hours ago)

to me
hey

hey , its pretty sweet!
thank you much.

Ok, I can send this out to 3 more people (7 have gone out) . I've caught some guff from folks about users using this to steal money. (I hope that isn't happening)

:) thanks for your support, two left.

-Will