Bitcoin Forum
July 29, 2021, 04:22:09 PM *
News: Latest Bitcoin Core release: 0.21.1 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Alternate cryptocurrencies / Altcoin Discussion / XMR MONERO - crack monero wallet *.keys file to restore YOUR password on: February 05, 2021, 08:13:39 PM
Dear all,

in the past there have been affected users who lost their passwords to their wallet *.keys file, if you got the mnemoic seed you are fine -hopefully-, if not then you are truly scrued... Roll Eyes
Please keep in mind and be advised, that cracking a wallet *.keys file is ONLY legitimate if it is YOUR wallet *.keys file, all other operations in that manner would be ILLEGAL!!! This "how-to" is intended to safely get back YOUR password to YOUR wallet *.keys file.

Let me introduce you to John-the-ripper, also known as JtR, which is a password cracking tool intended for ethical -also called "white-hat"- hacking and penetration testing.

Official homepage with a mailing list for updates. Please read the documentation before you start working with JtR, hence i will take no responsibility if you brake your own system or another system and i will not be held liable for any other damage that may arise out of this tutorial.
https://www.openwall.com/

Official mailing list for JtR users
https://www.openwall.com/lists/john-users/

This "how-to" is largely based on the work of this kind user, who made a very good introduction into this topic, so this "how-to" is more or less just a quick summary of the great work! Please feel free to read all 5 sites built, i will serve you with the landing page of that topic  Smiley
https://miloserdov.org/?p=4961

In order to make use of the module that we need, we need the community driven branche of JtR, also called JUMBO.
As you may notice, i will base this on UNIX system, to be more specific, on a Debian based distribution.
For UNIX users you will have to compile that for your own system, there are no real binaries for your system.

You need some libraries for compiling on your system
Code:
apt install build-essential libssl-dev yasm libgmp-dev libpcap-dev libnss3-dev libkrb5-dev pkg-config

Installing video drivers for NVIDIA on Linux
Code:
apt install -y ocl-icd-libopencl1 nvidia-driver nvidia-cuda-toolkit

If your CPU supports OpenCL, then install the following packages:
Code:
apt install firmware-misc-nonfree intel-opencl-icd

Get the source files, either by downloading the zip archive and unzipping the archive or by pulling the git.
Code:
wget https://github.com/openwall/john/archive/bleeding-jumbo.zip
unzip bleeding-jumbo.zip

Navigate into the source files
Code:
cd john-bleeding-jumbo/src/

Compile the source for your binaries
Code:
./configure && make

If all went without any errors, navigate into the binaries folder
Code:
cd ../run

Do a test, to see, if you have a running binary
Code:
./john --test

The module that we are looking for, is called
Code:
monero2john.py




Assuming that we work in the JtR JUMBO /run folder, the wallet *.keys file is in the home folder, ~/ is mandatory

Place the wallet *.keys in to your home folder. You need to work in the ../run folder in JtR JUMBO

Issue the command in down below, in order to turn the wallet.keys file into a hash file for JtR JUMBO to work on
Code:
./monero2john.py ~/wallet.keys > ~/monerowallet.hash

UPDATE 20210208:
Find a offer in down below, tested, not checked if legitimate. Watch out, you need to upload your wallet *.keys file in order to get the hash for JtR to work on. USE AT YOUR OWN RISK! This is NOT a recommendation! --> https://www.onlinehashcrack.com/tools-monero-hash-extractor.php


In this example we know, that the password has 4 lower lever alpha characters, thank fully. JtR JUMBO can crack passwords without knowing how many and what characters the password has, but as you can imagine, the longer and more complex the password is, the more time and ressources are needed. In order be efficient, it is good to know, how many digits your password has.
./john is the command to run the binary
--mask is an option by which passwords are generated (lower case alpha only, upper case alpha only, numbers, specials and umlauts)
--min-length and --max-length are parameters of how many characters your password has. Doesn't have to be exact, you can also define a range, but later more to that.
--progress gives you an output of the actual process, interval defined in seconds
--session is a name for the procedure you are running. If you have to stop the procedure you can resume to the session without losing the work your system has already done
/path/to/file in this example ~/monerowallet.hash

Let's start and give it a try. Please be informed, that with this hash, JtR JUMBO will not stop when a password is found, due to the possibility of finding more than one password.

Issue the command for a known lower level alpha 4 character password
Code:
./john --mask=?l --min-length=4 --max-length=4 --progress=10 --session=monerowallet ~/monerowallet.hash
Note: This format may emit false positives, so it will keep trying even after finding a possible candidate.
Using default input encoding: UTF-8
Loaded 1 password hash (monero, monero Wallet [Pseudo-AES / ChaCha / Various 32/64])
Will run 12 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:10 0.06% (ETA: 19:13:03) 0g/s 27.82p/s 27.82c/s 27.82C/s idaa..hdaa
0g 0:00:00:20 0.12% (ETA: 19:18:40) 0g/s 27.68p/s 27.68c/s 27.68C/s pfaa..owaa
0g 0:00:00:30 0.18% (ETA: 19:24:33) 0g/s 27.53p/s 27.53c/s 27.53C/s wrea..slea
...
...
...
0g 0:04:30:20 97.20% (ETA: 19:26:42) 0g/s 27.38p/s 27.38c/s 27.38C/s bass..nass
pass             (wallet.keys)    
1g 0:04:30:30 97.26% (ETA: 19:26:43) 0.000061g/s 27.38p/s 27.38c/s 27.38C/s yyss..zyss
...
...
...
1g 0:04:38:00 DONE (2021-02-05 19:26) 0.000059g/s 27.39p/s 27.39c/s 27.39C/s wqqq..qqqq
Session completed.



Parallel to that, you can monitor the progress in the log file of JtR JUMBO
Code:
tail -f john.log
0:00:00:00 Starting a new session
0:00:00:00 Loaded a total of 1 password hash
0:00:00:00 Command line: ./john --mask=?l --min-length=4 --max-length=4 --progress-every=10 /home/user/monerowallet.hash
0:00:00:00 - UTF-8 input encoding enabled
0:00:00:00 - Passwords will be stored UTF-8 encoded in .pot file
0:00:00:00 - Hash type: monero, monero Wallet (min-len 0, max-len 41 [worst case UTF-8] to 125 [ASCII])
0:00:00:00 - Algorithm: Pseudo-AES / ChaCha / Various 32/64
0:00:00:00 - Will reject candidates longer than 4 bytes
0:00:00:00 Proceeding with mask mode
0:00:00:00 - Candidate passwords will be buffered and tried in chunks of 12
0:00:00:00 - No stacked rules
0:04:30:20 + Cracked wallet.keys
0:04:38:00 Session completed



Cracked passwords can also be shown with this command. This command can be issued any time in the process in another terminal output
Code:
./john --show ~/monerwallet.hash
wallet.keys:pass

1 password hash cracked, 0 left



The cracked passwords are also in the pot file from the JtR, find it always at the end after the :
Code:
cat john.pot
$monero$0*a45874325b336f22f48c0c093cae8a87645438ff27f587e2fad1c57a3b2c7ba2273a81578765468095fa96e8c17fa7b948eb243434793744b51b3c6c81b7a47909e2a69533e5c81edbef71bdf17d393e698fbd4bc76644fa9bc5f9b2248466847684686c00d6fe7b88db7422ff38e23b58765468465876546d2c54537d350a3f40201f0öyldfkg5sdf87g43dsfg19a74ea72151246f46fd374f05fc9a765e682be3d9f72fa24546c7004a105bf78b2bebdf4d4f259992cae90025cb1d59cd879e0138fc128feb115fde69041b04eed51a606da6bdd6eab0e7543a0708d6lyjdfg58fdgsd6f874sdfgs6d84df6gsd6f8dsfg04f40d91278e9f20c136e8967416e57684a9971d7ed5fd73564df9964c1919c421d3caab54684dsdfg5686dsfg3698dsfg326df98g5df6g85dsgfed931aa534bdc94268a503021c954355ea5dc2472760440520ce52abb17a879b154fcb8435f1ef7c6c54497f7f2cf0d53945e93fa05cec659e5385d25165eb47e327717eff7c5aefc4f9bc7090abc615ceb60cb25e2f9b241efe24f03d8d76491e1b2177ba073ecbbc51a2646fd6090f9$SOURCE_HASH$940018746546847a94ae17f5e1eb132f86:pass



As mentioned, we crakced a lower level 4 charater long alpha password only. If you for example do not remember the actual length of your password, you can also define a range of characters
Code:
./john --mask=?l --min-length=3 --max-length=5 --progress=10 --session=monerowallet ~/monerowallet.hash



You can also define the --mask option to try ALL known ASCI II characters for your 4 character password
Code:
./john --mask=?A --min-length=4 --max-length=4 --progress=10 --session=monerowallet ~/monerowallet.hash



You can also define a range for the length of your password
Code:
./john --mask=?A --min-length=3 --max-length=5 --progress=10 --session=monerowallet ~/monerowallet.hash



As you can imagine, the length and complexity of your password is the biggest impact for cracking the password, the duration is bottle necked by the ressources you have, so go and rescue your password and get back a hold of your Monerujo  Grin Grin Grin

If you did find this "how-to" helpful and you managed to restore your password to your wallet *.keys file, consider a donation
Code:
88SuJgiZvsaFVSJ9BwwQsNAn8QzB6HxvW7mxS4iYC6cP4RcbP3DLBZPUZiR2mPF7emSpds6E2jhEVQfSXM1YPKvW2CRxrjk

If you need any further assistance beyond this "how-to", for example computing power, drop me a PN  Wink
Code:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.10.8
Comment: https://openpgpjs.org

xjMEYDJt4xYJKwYBBAHaRw8BAQdATdxsb39AeQhjBI6JxwE9vtgrDg+al6Eg
Ac+4am1hh+7NN2xhbmRpbmdAcmVzdG9yZW15bW9uZXJvLmV1IDxsYW5kaW5n
QHJlc3RvcmVteW1vbmVyby5ldT7CjwQQFgoAIAUCYDJt4wYLCQcIAwIEFQgK
AgQWAgEAAhkBAhsDAh4BACEJEKv++VH2eu69FiEEClcJjtjIDll43Odqq/75
UfZ67r3N/AD5AKlIuq4W0E6CclC3vnztRNEW8h9t4Tdwn7yGKUQiurQBAJsZ
JfBe8hREKZF9Sb30thHlccSW6mwU6EydXVihsxcOzjgEYDJt4xIKKwYBBAGX
VQEFAQEHQGTlNFtEjSFddR17o0uOTXwWminTP+uuT0PrT2JmEZkOAwEIB8J4
BBgWCAAJBQJgMm3jAhsMACEJEKv++VH2eu69FiEEClcJjtjIDll43Odqq/75
UfZ67r2NnAEAvYa8Z1pY3Y/+VN0iqlZGy3668QboHItkJamyRaedJE0BAMKZ
vx1swADAi8s48xLSyNd9/+97wsCNR6WD/8VM5HMF
=NL/x
-----END PGP PUBLIC KEY BLOCK-----
2  Local / Anfänger und Hilfe / Nachricht signieren - Fehlermeldung - Die eingegebene Adresse verweist nicht auf on: December 22, 2020, 06:21:24 PM
Hallo Zusammen,

ich versuche auf meiner core-qt wallet eine Nachricht mit meiner eigenen Adresse zu signieren, welche aus dieser Wallet stammt.
Ich gebe die Adresse ein, den Text, klicke auf "Nachricht signieren" und bekomme diesen Fehler

Code:
Die eingegebene Adresse verweist nicht auf einen Schlüssel. Bitte überprüfen sie die Adresse und versuchen es erneut

Was heisst das? Was muss ich korrigieren?

Von dieser Adresse kann ich empfangen und nach Eingabe des PWD auch versenden, aber signieren kann ich nicht und ich weiss nicht warum...

Danke und Gruß
3  Local / Trading und Spekulation / Wette 0,1[btc] KURS BTC bis einschließlich 15.10.2018 CET bei €35k on: February 10, 2018, 08:12:24 AM
Hallo Zusammen,

anbei die Wette, ich hoffe diese hat jeder verstanden. Wenn hier Unklarheiten bestehen, bitte nicht fragen einfach nicht mit wetten.

1.) Multisig oder Escrow, je nach Teilnehmeranzahl. Ein JA gilt als JA ohne wenn und aber.
2.) Einsatz 0,1BTC dafür und dagegen.
3.) Bitte gib an, ob du für oder dagegen wettest.
4.) Teilnehmer werden bis 18.02.2018 akzeptiert. Am 18.02.2018 ist der Einsatz an die Multisig/Escrow zu bezahlen.
5.) Moderator, wenn sich einer findet, herzlich willkommen.
6.) The winner takes it all = aliquote Aufteilung unter den erfolgreichen Gewinnern
7.) Gib deine Auszahlungsadresse an, an diese wird aliquot dein Beitrag überwiesen. Solltest du Zugriff auf deine wallett verlieren, ist dein Gewinn damit verloren.
8.) Wettsumme n/Anzahl der Gewinner = Auszahlungsbetrag
9.) Kurs auf www.bitstamp.net in €
10.) Kur muss erreicht werden bis 15.10.2018 23:59:59 CET
Vorschläge, Anregeungen und Kritik willkommen solange diese Fruchttragend angelegt sind  Grin
4  Local / Trading und Spekulation / Wette Kurs auf Bitstamp bis 16.02.2018 bei/unter €6000 on: January 31, 2018, 08:13:15 AM
Hallo,

UPDATE: WETTE VORBEI --> elrippos friend hat gewonnen
inkling bitte überweise 0,1BTC an
Code:
198bkRm82aGLzxPQA74DwJvGHyPAmSMuGN



Wetteinsatz 0,1BTC, Multisig 2 aus 2 oder Escrow mit Moderator, wenn jemand moderieren möchte  Grin

Edit 31.01.2018 13:49 Update der Bedignungen
Bedingung 1: Wenn mehrere teilnehmen müsst ihr euch die 0,1BTC aliquot teilen, wenn ich gewinne ist mir jeder Teilnehmer der dagegen wettet, 0,1BTC schuldig
Bedingung 2: Escrow an SebastianJu --> Ich check den Escrow (31.01.2018 13:52 PN an SebastianJu)



Anbei die Antwort und die Bedingungen von SebastianJu
Hallo Sebastian,

wir bräuchten deine Dienste als Escrow für eine Wette
Bedingungen kannst du dem Verlauf entnehmen,

Danke im Vorhinein,
Elrippo

Kann ich machen aber klingt nicht wirklich wie wenn die Regeln ankommen.

Please ALWAYS QUOTE everything we wrote when answering! Quotes is the text we wrote before. When you answer you click on "quote" instead on "reply" (or on "reply to all" when more than one receiver) in order to preserve the quote.

Because of very few time I ask for a minimum tip of 0.006b or 2% of the coin value. Whatever is higher. When a refund happens the refund fee is 0.003b or 1% of the coin value.
Because of the insane tx-fees nowadays this is plus the tx fee to forward or refund the coins. You can chose a proper fee when checking out the 3 block bitcoin transaction fee on https://bitcoinfees.info/

Let me know if you still are interested. I then would create the escrow details message and send you both the escrow address.






Teilnehmer:
inkling ist dabei


Erster Williger mammut ist raus
21M ist raus


5  Economy / Services / [CLOSED] Hacker needed [CLOSED] on: July 16, 2017, 10:07:36 AM
!!!CLOSED!!!

!!!NO PM, NO AWNSER!!!
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!