Problem is, the test does not test all possibilities as expected. Typically i get results like :
guili195
guili466
guili1051
guili1231
guili1370
guili2026
guili2476
As if, I don't why, some steps were jumped. I can write a bit python but this is the first time I am touching ruby. Please someone help ?
My script takes a shortcut. Electrum doesn't stretch the wallet seed (more here: https://bitcointalk.org/index.php?topic=330672.0) and most passphrases can be rejected before stretching. The script is written to be compact instead of readable so it's hard to spot it. The shortcut is: given an invalid key, "$cipher.final" raises a CipherError exception; the program then jumps to "rescue OpenSSL::Cipher::CipherError", skipping the lines where it prints and tests the passphrase. |
|
|
|
net/http: warning: Content-Type did not set; using application/x-www-form-urlencoded
and then a password attempt. is it working? it's runing through the passwords, but not sure if its actually applying them.
Yes, that's fine. The wallet doesn't care about the content-type. If you want to see everything it's doing in detail then make this change (add the middle line): response = Net::HTTP.new("localhost", $rpc_port).request(request)
puts request.body, response.body
if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
|
|
|
|
For everyone asking about Multibit: Sorry, I don't have time to write an interface for it right now. If someone creates a command line or JSON-RPC API I can use to test a password I'll be happy to plug my script into it.
Here is the JSON-RPC for recovering Multibit passwords. This in only for Multibit, i'm working on Armory as well. https://dl.dropboxusercontent.com/u/71434563/rpc-service.jarThis is interesting, but I don't want to touch it unless I can build it myself. Can you post the source? |
|
|
|
here's one that is probably very easy to figure out. i know the first 7 characters of the passphrase, and have some combination of 4-8 numbers on the end, no spaces anywhere.
Start myraidcoind like this: myriadcoind -rpcpass=some-password Then run this script: #!/usr/bin/ruby -w
require 'net/http'
require 'json'
start = "passphrase"
min_digits = 4
max_digits = 8
$rpc_user = ""
$rpc_pass = "some-password"
$rpc_port = 10889
def test(passphrase)
puts passphrase.inspect
request = Net::HTTP::Post.new("/")
request.basic_auth $rpc_user, $rpc_pass
request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
response = Net::HTTP.new("localhost", $rpc_port).request(request)
if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
ret = JSON.parse response.body
if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
return if ret["error"]["code"] == -14 # wrong passphrase
raise "WTF? #{ret.inspect}"
end
(min_digits..max_digits).each do |digits|
(10**digits).times do |i|
test("%s%0#{digits}d" % [start, i])
end
end
puts "No luck."
exit 1
It'll take about 1 day for 6 digits, 2 weeks for 7, 3 months for 8. |
|
|
|
I've gotten behind on things. Let's catch up: For everyone asking about Multibit: Sorry, I don't have time to write an interface for it right now. If someone creates a command line or JSON-RPC API I can use to test a password I'll be happy to plug my script into it. Dogecoin, other altcoins: Try using the newer Net::HTTP scripts. They're more reliable and easier to plug into altcoin wallets. https://bitcointalk.org/index.php?topic=85495.msg1768970#msg1768970Everyone who's sent me PMs: Thanks for being patient. I'll reply when I can. I remember 6 in the password but cannot remember the rest, 16 in total..
10 characters is too many. Details: https://bitcointalk.org/index.php?topic=85495.msg4401257#msg4401257If you can narrow down the search we might be able to help. I run pywallet and this is what I get
The wallet is encrypted but no passphrase is used
This means you ran pywallet without the --password option. It does not mean the wallet has an empty passphrase. Another question is, what it's needed to change if I want to search for every possible solution with a script without any starting point. Any hints where I can read up about this?
First read this: https://bitcointalk.org/index.php?topic=85495.msg4401257#msg4401257The practical limit of brute force is 5-6 characters. If you think your passphrase is that short I can write a script for you. It's great for the rest of us because less coins means more value for the ones that are accessible. Think of it this way, they cannot sell those coins cheap, so it keeps the price higher.
The fact that it's so easy to lose your money is a significant hindrance to adoption. If we can't come up with a better way to solve this problem then Bitcoin will be stuck in a niche: it's too difficult for most people to handle. You call yourself FiatKiller... If that's really your goal then this isn't just a big deal, it's the whole game. Even if you're just an investor then widespread utility and public confidence will give you far more benefit than you'll see from a small reduction in the money supply. I haven't heard back from the OP but I hope he recovered his wallet. Otherwise he's just another statistic, and that's not good for any of us. |
|
|
|
The problem is that I usually swap one or two vowels by numbers and I can't remember which of them I did.
I'd appreciate a lot if you help me with the function that, giving a word by parameter, it returns a list of all the words with different combinations, where a might be replaced by 4, e by 3, i by 1 and o by 0. I only need that function, the Revalin code is pretty clear.
This might do what you need: password_elements = ['p', ['a', '4'], 'ssw', ['o', '0'], 'rd']
def splat(accum, elements)
if elements.any?
[elements.first].flatten.each { |elem| splat(accum + elem, elements[1,999]) }
else
test accum
end
end
splat('', password_elements)
|
|
|
|
Thank you for answering me. If I know that I probably put 10 characters with a capital letter at the beginning and 2 number at the end without knowing what it was, I have a chance to find the password with a script?
1 capital letter == 26^1 == 26 2 digits == 10^2 == 100 7 mixed case == 52^7 == 1028071702528 26 * 100 * 1028071702528 == 2672986426572800 2672986426572800 passwords / 10 passwords per second == 8,470,364 years |
|
|
|
i tried adding the -w flag in different ways pointing to the wallet file but it kept throwing syntax errors.
Try changing this: i,o,t = Open3.popen2e($electrum, "-o", "getseed") To this: i,o,t = Open3.popen2e($electrum, "-w", "electrum.dat", "-o", "getseed") Or this: i,o,t = Open3.popen2e($electrum, "-w", 'C:\Users\Admin\Desktop\Brute\electrum.dat', "-o", "getseed") |
|
|
|
Could you help me with a script Revalin? I have tried some of the ones listed earlier but did not help me find my password.
I know the first 7 characters with 100%. Following is 2 words. I have a list of words for words_1 and words_2, I might have also used either a ! or ^^ at the end.
Ex: Known(Words_1)(Words_2)(special)
Thanks!
Here you go: #!/usr/bin/ruby -w
require 'net/http'
require 'json'
$rpc_pass = "some-password"
passphrase = 'IKnowThisPart'
words_1 = ['one', 'two', 'three']
words_2 = ['btc', 'ltc', 'usd']
words_3 = ['', '!', '^^']
def test(passphrase)
puts passphrase.inspect
request = Net::HTTP::Post.new("/")
request.basic_auth "", $rpc_pass
request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
response = Net::HTTP.new("localhost", 8332).request(request)
if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
ret = JSON.parse response.body
if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
return if ret["error"]["code"] == -14 # wrong passphrase
raise "WTF? #{ret.inspect}"
end
words_1.each do |w1|
words_2.each do |w2|
words_3.each do |w3|
test(passphrase + w1 + w2 + w3)
end
end
end
puts "No luck."
exit 1
|
|
|
|
i need a script that i know the first 9 charasters but not the rest could be unto 9 long
Hello I opened a wallet long ago i have 0.8 btc, I absolutely remember not the password, I just know that I put 10 characters with uppercase in the word. Is it possible to have a script that test every possible combination of word 10 character?
It's not feasible to guess completely random passphrases. Here are how many days it it will take with one CPU: passphrase length lowercase alphanumeric any character
1 0.00 0.00 0.00
2 0.00 0.00 0.00
3 0.00 0.03 0.10
4 0.05 1.71 9.43
5 1.38 106.03 895.58
6 35.75 6574.10 85080.08
7 929.61 407594.28 8082607.59
8 24169.80 25270845.55 767847721.40
9 628414.78 1566792424.34 72945533532.94
10 16338784.22 97141130308.84 6929825685629.39
Even with a large budget (thousands of CPUs or GPUs) you could only do 6 or 7 characters. It's only possible to crack a passphrase when you know most of it and the unknown part is constrained. That's why I have so many custom tailored scripts in this thread - each targets a narrow pattern which could be identified. |
|
|
|
edit: i added some random word in the initial password and it did the same thing, said found it! but of course it was the wrong password. It seems to think the first guess is the right one.
That's strange. Try running this script and paste the output into this thread. #!/usr/bin/ruby
require "open3"
$electrum = 'C:\Users\Admin\Desktop\Brute\electrum-1.9.5.exe'
i,o,t = Open3.popen2e($electrum, "-o", "getseed")
i.puts "wrong-password"
i.close
puts o.read.inspect
puts t.value.inspect
|
|
|
|
there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all. Do you mean you have a long list of passwords and your passphrase is between one and five of them? I can help with that. What do you mean by "include wildcards"? Can you provide a list of samples of what they would look like? You can substitute different words in. It'd make it easier to see what you're describing. |
|
|
|
Revalin, is your script compatible with Multibit?
Multibit doesn't have an RPC or command line interface I can use. I'll try using BitcoinJ to access it when I have some time. sorry but..how to luch deamon of PTS-qt? it doesn't have a deamon like bitcoin...
protoshares-qt.exe -server -rpcpassword=some-password -rpcport=8332 Using this, I get the following errors: It might be a paste error. Open the script in an editor and paste it back to me in a PM. |
|
|
|
That one means the script couldn't connect to your wallet via RPC. Check that the daemon is running with: -rpcpassword=some-password -rpcport=8332 1: I encrypted the wallet on a live ubuntu CD. Is there any difference in encoding?
I'm not sure. I suggest you test it with your exact setup. Create a new wallet with a short password, copy it onto the new system, and try the brute force script with a typo in the password. That will verify that everything is working correctly. 2: Is there any faster way to check the key, besides submitting a message to bitcoind? I am currently doing about 3-4 guesses per second which isn't cutting it so far
Bitcoin stretches the keys to about 0.1 seconds on the CPU where you create your wallet. 4 per second suggests you might be cracking on a slower CPU than the one where your wallet came from. Submitting to bitcoind is pretty fast. Any of the RPC scripts should keep bitcoind at 99% CPU. Bitcoind itself is using OpenSSL which is also pretty fast. There's not much to optimize there. Bitcoind only uses a single CPU. A multithreaded version would be several times faster. GPUs would have less performance gain than mining, but they would help. You'll need someone with experience programming GPUs. I do not. The best case for optimizing the number crunching is we could speed things up a few hundred times. You will get MUCH bigger gains by targeting the search better. It's easy to get literally a trillion-times speedup by narrowing the search criteria, so that's where I focus most of my time. |
|
|
|
Is there any way this could be altered for multiple wordlists?
Eg. I am fairly sure I made the password from four wordlists.
For example, List A is shirt-themed (hawaiian, dress, long-sleeve, etc.)
List B is car-themed (ford, toyota, camry, etc.)
List C is country-themed (australia, thailand, colombia, etc.)
List D is guitar-themed (fender, gibson, valencia, etc.)
So it would try "hawaiianfordaustraliafender", "hawaiianfordaustraliagobson", etc.
Right now I am making it run all wordlists at once, but this is inefficient as it repeats words and it has a lot of combinations that I know are not correct (incorrect order, etc.)
Sure: #!/usr/bin/ruby
require "net/http"
require "json"
$rpc_pass = "rpc-pass"
words_a = ['hawaiian', 'dress', 'long-sleeve']
words_b = ['ford', 'toyota', 'camry']
words_c = ['australia', 'thailand', 'colombia']
words_d = ['fender', 'gibson', 'valencia']
def test(passphrase)
puts passphrase.inspect
request = Net::HTTP::Post.new("/")
request.basic_auth "", $rpc_pass
request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
response = Net::HTTP.new("localhost", 8332).request(request)
if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
ret = JSON.parse response.body
if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
return if ret["error"]["code"] == -14 # wrong passphrase
raise "WTF? #{ret.inspect}"
end
words_a.each do |a|
words_b.each do |b|
words_c.each do |c|
words_d.each do |d|
[a,b,c,d].permutation.each { |p| test p.join }
end
end
end
end
puts "No luck."
|
|
|
|
uninitialized constant Net (NameError)
Whoops, paste error. I've fixed it above. The top of the script should look like this: #!/usr/bin/ruby -w
require 'net/http'
require 'json'
|
|
|
|
I don't have Electrum. I have feathercoin. I know the first 16 characters of the password, but the last 9-12 characters I am unsure of. can u make it so it is case insensitive, and try a 1-2 digit number at the end, with a ~ or ~~ after or before, I forgot..?
I think you got the Electrum script by accident. Try this one: https://bitcointalk.org/index.php?topic=85495.msg3969951#msg3969951We will need to narrow the password down more. Do you know approximately what the last 9-12 are, or are they completely unknown? |
|
|
|
And now i get this error brute.rb:62in '<main>' : underfined method 'captures' for NilClass <NoMethodError>
seed_base64 = wallet.match(/'seed': '([^']+)'/).captures.first That indicates the script couldn't find the seed in your Electrum wallet. Try putting this just above that line: That will print out the raw wallet (it's just a text file for Electrum). Read through it and see if it has something like this: 'seed': 'a349iYLbPwas1O4mXdLDcg/N1RLK2Hb6oZdee7JLsf6J79EGZORmLY9+a5yBryFxKtPBl3WWUdFmNjEdEXo8dg==' If it doesn't print anything it didn't load your wallet for some reason. If it doesn't have a seed it might be a different wallet version. If it does have a seed we'll have to find the bug in my script. |
|
|
|
i've lost my PTS & DTC wallet psw (The psw is the same at both) like bounty i offer 30% of my pts & 25% of my DTC!
i remember it but when i try to put it the wallet give a error
The psw was Ctrl+c & ctrl+v form a wikipedia page so i'm sure at 100% it is. but maybe i'm missing a space or something like that...thanks who will pm me!
You should check if that page has been edited.  If that doesn't work you can try the standard double-typo script: #!/usr/bin/ruby -w
require 'net/http'
require 'json'
passphrase = 'oops i forgot'
$rpc_pass = "some-password"
def test(passphrase)
puts passphrase.inspect
request = Net::HTTP::Post.new("/")
request.basic_auth "", $rpc_pass
request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
response = Net::HTTP.new("localhost", 8332).request(request)
if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
ret = JSON.parse response.body
if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
return if ret["error"]["code"] == -14 # wrong passphrase
raise "WTF? #{ret.inspect}"
end
def scramble(passphrase)
characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
list = []
# transpose adjacent chars
(passphrase.length - 1).times do |i|
testphrase = passphrase.dup
testphrase[i] = passphrase[i+1]
testphrase[i+1] = passphrase[i]
list << testphrase
end
# delete one char
passphrase.length.times do |i|
testphrase = passphrase.dup
testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
list << testphrase
end
# substitutute one char
passphrase.length.times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase[i] = c
list << testphrase
end
end
# insert one char
(passphrase.length + 1).times do |i|
characters.chars.each do |c|
testphrase = passphrase.dup
testphrase.insert(i, c)
list << testphrase
end
end
return list.uniq
end
list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}
puts "No luck."
exit 1
Instructions are here: https://bitcointalk.org/index.php?topic=85495.msg3746636#msg3746636And here: https://bitcointalk.org/index.php?topic=85495.msg3882236#msg3882236Protoshares uses a different RPC port so either change it in the script above or start protoshares with -rpcport=8332 in addition to -rpcpassword=some-password . Give it a try, and we'll help you get it working if you get stuck. |
|
|
|
|
Sorry, my mistake. Change this:
words.repeated_permutation(n_words).each { |p| test p }
to this:
words.repeated_permutation(n_words).each { |p| test p.join }
|
|
|
|
|
Show Posts
