Show Posts
|
Pages: [1]
|
import itertools import sys import string import datetime import scrypt import threading from binascii import unhexlify from Crypto.Cipher import AES from simplebitcoinfuncs import normalize_input, b58d, hexstrlify, dechex, privtopub, compress, pubtoaddress, b58e, multiplypriv from simplebitcoinfuncs.ecmath import N from simplebitcoinfuncs.hexhashes import hash256
def simple_aes_decrypt(msg, key): assert len(msg) == 16 assert len(key) == 32 cipher = AES.new(key, AES.MODE_ECB) msg = hexstrlify(cipher.decrypt(msg)) while msg[-2:] == '7b': # Can't use rstrip for multiple chars msg = msg[:-2] for i in range((32 - len(msg)) // 2): msg = msg + '7b' assert len(msg) == 32 return unhexlify(msg)
def bip38decrypt(password, encpriv, outputlotsequence=False): password = normalize_input(password, False, True) encpriv = b58d(encpriv) assert len(encpriv) == 78 prefix = encpriv[:4] assert prefix == '0142' or prefix == '0143' flagbyte = encpriv[4:6] if prefix == '0142': salt = unhexlify(encpriv[6:14]) msg1 = unhexlify(encpriv[14:46]) msg2 = unhexlify(encpriv[46:]) scrypthash = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 64)) key = unhexlify(scrypthash[64:]) msg1 = hexstrlify(simple_aes_decrypt(msg1, key)) msg2 = hexstrlify(simple_aes_decrypt(msg2, key)) half1 = int(msg1, 16) ^ int(scrypthash[:32], 16) half2 = int(msg2, 16) ^ int(scrypthash[32:64], 16) priv = dechex(half1, 16) + dechex(half2, 16) if int(priv, 16) == 0 or int(priv, 16) >= N: if outputlotsequence: return False, False, False else: return False pub = privtopub(priv, False) if flagbyte in COMPRESSION_FLAGBYTES: privcompress = '01' pub = compress(pub) else: privcompress = '' address = pubtoaddress(pub, '00') try: addrhex = hexstrlify(address) except: addrhex = hexstrlify(bytearray(address, 'ascii')) addresshash = hash256(addrhex)[:8] if addresshash == encpriv[6:14]: priv = b58e('80' + priv + privcompress) if outputlotsequence: return priv, False, False else: return priv else: if outputlotsequence: return False, False, False else: return False else: owner_entropy = encpriv[14:30] enchalf1half1 = encpriv[30:46] enchalf2 = encpriv[46:] if flagbyte in LOTSEQUENCE_FLAGBYTES: lotsequence = owner_entropy[8:] owner_salt = owner_entropy[:8] else: lotsequence = False owner_salt = owner_entropy salt = unhexlify(owner_salt) prefactor = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 32)) if lotsequence is False: passfactor = prefactor else: passfactor = hash256(prefactor + owner_entropy) if int(passfactor, 16) == 0 or int(passfactor, 16) >= N: if outputlotsequence: return False, False, False else: return False passpoint = privtopub(passfactor, True) password = unhexlify(passpoint) salt = unhexlify(encpriv[6:14] + owner_entropy) encseedb = hexstrlify(scrypt.hash(password, salt, 1024, 1, 1, 64)) key = unhexlify(encseedb[64:]) tmp = hexstrlify(simple_aes_decrypt(unhexlify(enchalf2), key)) enchalf1half2_seedblastthird = int(tmp, 16) ^ int(encseedb[32:64], 16) enchalf1half2_seedblastthird = dechex(enchalf1half2_seedblastthird, 16) enchalf1half2 = enchalf1half2_seedblastthird[:16] enchalf1 = enchalf1half1 + enchalf1half2 seedb = hexstrlify(simple_aes_decrypt(unhexlify(enchalf1), key)) seedb = int(seedb, 16) ^ int(encseedb[:32], 16) seedb = dechex(seedb, 16) + enchalf1half2_seedblastthird[16:] assert len(seedb) == 48 # I want to except for this and be alerted to it try: factorb = hash256(seedb) assert int(factorb, 16) != 0 assert not int(factorb, 16) >= N except: if outputlotsequence: return False, False, False else: return False priv = multiplypriv(passfactor, factorb) pub = privtopub(priv, False) if flagbyte in COMPRESSION_FLAGBYTES: privcompress = '01' pub = compress(pub) else: privcompress = '' address = pubtoaddress(pub, '00') try: addrhex = hexstrlify(address) except: addrhex = hexstrlify(bytearray(address, 'ascii')) addresshash = hash256(addrhex)[:8] if addresshash == encpriv[6:14]: priv = b58e('80' + priv + privcompress) if outputlotsequence: if lotsequence is not False: lotsequence = int(lotsequence, 16) sequence = lotsequence % 4096 lot = (lotsequence - sequence) // 4096 return priv, lot, sequence else: return priv, False, False else: return priv else: if outputlotsequence: return False, False, False else: return False
def testPassword(pwd): try: if bip38decrypt(pwd, encryptedSecret) != False: pwdLenth = 22 + len(pwd) print("\n\n" + "#" * pwdLenth + "\n## PASSWORD FOUND: {pwd} ##\n".format(pwd=pwd) + "#" * pwdLenth + "\n") global flag flag = 1 except: pass finally: td.release()
if __name__ == '__main__': COMPRESSION_FLAGBYTES = ['20', '24', '28', '2c', '30', '34', '38', '3c', 'e0', 'e8', 'f0', 'f8'] LOTSEQUENCE_FLAGBYTES = ['04', '0c', '14', '1c', '24', '2c', '34', '3c']
encryptedSecret = "6PnQmAyBky9ZXJyZBv9QSGRUXkKh9HfnVsZWPn4YtcwoKy5vufUgfA3Ld7"
threadNum = 32
pwdCharacters = string.ascii_uppercase + string.digits maxCombination = 20 maxLength = 23 positions = [4, 9, 14, 19]
td = threading.BoundedSemaphore(int(threadNum)) threadlist = []
print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
num = 0 flag = 0 for pwd in itertools.product(pwdCharacters, repeat=maxCombination): if flag == 1: break
password = "".join(pwd) if len(password) <= int(maxLength): formatted_pwd = list(password) for pos in positions: formatted_pwd.insert(pos, '-') formatted_pwd = ''.join(formatted_pwd)
num += 1 msg = 'Test Password {num} , {password}'.format(num=num, password=formatted_pwd) sys.stdout.write('\r' + msg) sys.stdout.flush() td.acquire() t = threading.Thread(target=testPassword, args=(formatted_pwd,)) t.start() threadlist.append(t) for x in threadlist: x.join()
print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')) if you're interested in finding the password for challenge #1, I'll leave a simple code here.this code will search for 36^20 combinations sequentially. good luck.
|
|
|
import time import random import multiprocessing from bit import *
add = "13zb1hQbWVsc2S7ZTZnP2G4undNNpdh5so"
s = 0 cores = 8 def lucky(s): F = [] while True: x = "0123456789abcdef" a = "3f" #prefix range, can be modified. b = ''.join(random.choice(x) for _ in range (15)) private_key = (f'{a}{b}') key = Key.from_hex(private_key) address = key.address if address.startswith('13zb1hQ'): #can be used as vanity search print ("Pattern Found :",private_key, address) if address == add: print("Lucky mf! :" ,address, private_key)
if __name__ =='__main__': t = time.ctime() job =[] for s in range (cores): p = multiprocessing.Process(target=lucky, args=(s,)) jobs.append(p) p.start() if you want to find puzzle #66 in slow mode. I leave the code here.
|
|
|
I think it was cobras that cracked 120, a few month ago I found him asking for help cracking the public key . I assume it is the public key for puzzle number 120 which has been subtracted to a smaller range. https://bitcointalk.org/index.php?topic=5358408.msg57868189#msg57868189 ./keysubtracter -p 02ceb6cbbcdbdf5ef7150682150f4ce2c6f4807b349827dcdbdd1f2efa885a2630 -n 2 -b 120 [+] Min range: 800000000000000000000000000000 [+] Max range: ffffffffffffffffffffffffffffff 0362f33083aae318c8872e495305ced03b567de068919193d3fa70134a2cd1a26a # - 664613997892457936451903530140172287 034c75bc6ae92e6bf22ccae3bec05d6d82396cc42d2a63a6ead4d77ca5b92d09eb # + 664613997892457936451903530140172287 02ceb6cbbcdbdf5ef7150682150f4ce2c6f4807b349827dcdbdd1f2efa885a2630 # target ./keysubtracter -p 034c75bc6ae92e6bf22ccae3bec05d6d82396cc42d2a63a6ead4d77ca5b92d09eb -n 2 -b 119 [+] Min range: 400000000000000000000000000000 [+] Max range: 7fffffffffffffffffffffffffffff 03af9ff2319ca56bbae0d859e595f32688b407ede77449b6c2cf27dbb25f5ecee0 # - 332306998946228968225951765070086143 024784d11152aaef647c03b76281e2c41d4c64d4ebb821b24da76785b046d145b4 # + 332306998946228968225951765070086143 034c75bc6ae92e6bf22ccae3bec05d6d82396cc42d2a63a6ead4d77ca5b92d09eb # target ./keysubtracter -p 024784d11152aaef647c03b76281e2c41d4c64d4ebb821b24da76785b046d145b4 -n 2 -b 118 [+] Min range: 200000000000000000000000000000 [+] Max range: 3fffffffffffffffffffffffffffff 0288f732f22c5e98e63e58fb6fbebbf857c9fa5deefa1f672b5abfd6f1d5bf3651 # - 166153499473114484112975882535043071 037e9417c523e5f04d97d86ec49a2580539e494f32f986331b7e6bd234ed79367d # + 166153499473114484112975882535043071 <=you can search this pubkey on range 117 bits 024784d11152aaef647c03b76281e2c41d4c64d4ebb821b24da76785b046d145b4 # target Of course this requires trial and error, with the kangaroo method it will take us less time if we find the right public key in a smaller range.
|
|
|
[...] num = 50000000 [...] #cpu_time = cpu_gen(length, num, randStr) gpu_time = gpu_gen(length, num, randStr) print("****************************************************") print("CPU and GPU execution time comparison") #print("CPU Time: {0} s".format(cpu_time)) print("GPU Time: {0} s".format(gpu_time))
I was curious to see if and how fast the GPU part is done. So I disabled the CPU part in your code and raised num to 50 million. Before starting I opened my Nvidia System app to monitor the load of my GPU. After about 1.5 sec my Nvidia System Monitor showed Used Dedicated Memory: 3531 MB (43%) GPU Utilization: 0%
that means that data was loaded into the dedicated memory, but GPU utilization remains during the complete run at 0% which is unusual. Whenever I run other tools like VanitySearch, BitCrack, KeyHunt-Cuda, etc. GPU utilization is at 100%. I doubt that everything is running at optimum speed inside the GPU part. Also, when measuring the execution time it takes 39sec. and not only 0.9sec as stated by the program. $ time python3 crewchill.py GPU Time: 0.9311995506286621 s **************************************************** Random Strings gnerated by GPU **************************************************** CPU and GPU execution time comparison GPU Time: 0.9311995506286621 s
real 0m39,594s user 0m38,058s sys 0m3,153s
0.9 seconds is too fast to activate gpu. 39s because you print space. for i in range(totChar): if i>1 and i % length==0:print('' ,end='') <=hide this print and try again
|
|
|
import string import random import time import numpy as np import pyopencl as cl import math # You can input here length = 17 #hex length for 66 num = 1000000 randStr = "abcdefghijklmnopqrstuvwxyz0123456789"
# end of Input
def randomwords(size, chars): return ''.join(random.choice(chars) for _ in range(size))
def cpu_gen(length, num, randStr): str_list=[] cpu_start_time = time.time() # Get the CPU start time for i in range(num): str_list.append(randomwords(length, randStr)) cpu_end_time = time.time() # Get the CPU end time timeGap = cpu_end_time - cpu_start_time print("CPU Time: {0} s".format(timeGap)) print("****************************************************") print("Random Strings gnerated by CPU") #print(str_list) return timeGap
def gpu_gen(length, num, randStr): #define random basic letters # radom base length totChar = length * num randomIndex = len(randStr) # parameters of random generation function # right_index = np.array.randint(randomIndex, size= totChar) right_index = np.empty(totChar, dtype=str) ranss = np.array((randStr,))
rand_seed = math.floor(time.time()) % 20 # define the contect to use gpu ctx = cl.create_some_context(0) queue = cl.CommandQueue(ctx) # define flag of the opencl mf = cl.mem_flags
rand_buff_1 = cl.Buffer(ctx, mf.READ_ONLY | mf.COPY_HOST_PTR, hostbuf=right_index) rand_str = cl.Buffer(ctx, mf.READ_ONLY | mf.COPY_HOST_PTR, hostbuf=ranss) program = cl.Program(ctx, """ int mpow(int n, int p){ int s =1; for(int i=1; i<=p; ++i){ s = s * n; } return s; } int myRand(int next){ next = ((next * (next % 3) )/50)% 100; return next; } int mabs(int a){ if (a<0){ a = 0-a; } return a; } int myRandInRange(int next, int min, int max){ int temp; if (max < min){ temp = max; max = min; min = temp; } return myRand(next) % (max + 1 - min) + min; } __kernel void RandGen( __global int *rand_out_buff, __global char *ss, int rand_buff, int seed_buff) { int gid = get_global_id(0); int temp = mpow(gid, seed_buff) + seed_buff % (gid+1); int input = myRandInRange(temp, gid * seed_buff, gid * (gid % seed_buff)) + seed_buff; input = mabs(input); rand_out_buff[gid] =ss[(input % rand_buff)*4]; } """).build()
rand_out_buff = cl.Buffer(ctx, mf.WRITE_ONLY, right_index.nbytes) gpu_start_time = time.time() event = program.RandGen(queue, right_index.shape, None, rand_out_buff, rand_str, np.int32(randomIndex), np.int32(rand_seed)) event.wait() rand_list = np.empty_like(right_index) cl.enqueue_copy(queue, rand_list, rand_out_buff) gpu_end_time = time.time() # Get the GPU end time timeGap = gpu_end_time - gpu_start_time print("GPU Time: {0} s".format(timeGap)) for i in range(totChar): if i>1 and i % length==0:print('' ,end='') #print(rand_list[i], end='') #print('') print("****************************************************") print("Random Strings gnerated by GPU") return timeGap
cpu_time = cpu_gen(length, num, randStr) gpu_time = gpu_gen(length, num, randStr) print("****************************************************") print("CPU and GPU execution time comparison") print("CPU Time: {0} s".format(cpu_time)) print("GPU Time: {0} s".format(gpu_time))
compile this random generator with ice.secp256k1 to increase speed.
|
|
|
|