Hamuki
Legendary
 Offline
Activity: 1022
Merit: 1000
|
 |
April 11, 2015, 06:56:23 PM |
|
Can anyone here teach me a bit about this BIP38 cracking? I want to learn a bit about it  |
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
minimalB (OP)
Donator
Hero Member
Offline
Activity: 674
Merit: 522
|
|
May 19, 2015, 09:49:19 PM |
|
Is there anyone working on last remaining private key or did you give up?
|
|
|
|
|
digicoinuser
Legendary
Offline
Activity: 2716
Merit: 1072
|
|
May 19, 2015, 11:08:13 PM |
|
Is there anyone working on last remaining private key or did you give up?
The wallet still has 0.5 BTC, I would surely think there is incentive to crack it. |
|
|
|
|
toodamntired
|
|
May 20, 2015, 04:29:39 AM |
|
Okay, total Newbie question coming.... ready for it?... wait, wait, wait.... before i ask and ridicule myself, let me at least state that I had absolutely Zero knowledge of anything more difficult than very basic html until I started school recently for programming, so with that being said...
Where the hell do you go to even find the wallets so you can crack them?
That's what I don't get about offline wallets.... I get taking the btc offline for storage; I get sweeping/importing it back online.... but where is the hub, the port, the dock, the space station?!?!?!?
See, total Newb question...
|
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
May 20, 2015, 06:56:37 PM |
|
People can't crack a 5 char pass and they thing they'll get into my 25+ char pass.. Funny.
This is a sweet idea non the less.. tempted to add a little more BTC to inspire more people.
|
|
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
May 20, 2015, 07:02:45 PM |
|
Okay, total Newbie question coming.... ready for it?... wait, wait, wait.... before i ask and ridicule myself, let me at least state that I had absolutely Zero knowledge of anything more difficult than very basic html until I started school recently for programming, so with that being said...
Where the hell do you go to even find the wallets so you can crack them?
That's what I don't get about offline wallets.... I get taking the btc offline for storage; I get sweeping/importing it back online.... but where is the hub, the port, the dock, the space station?!?!?!?
See, total Newb question...
I don't get the question of where is the port/hub/dock...? What do you mean? He created a wallet, I assume via bitaddress.org and encrypted it. |
|
|
|
|
minimalB (OP)
Donator
Hero Member
Offline
Activity: 674
Merit: 522
|
|
April 06, 2016, 08:17:04 AM |
|
One year went by and 3rd wallet is still loaded with bitcoin : )
I decided to keep this experiment going for another year. I've also added extra 0.5BTC and updated the OP.
In case this wallet is not cracked in a year, I'll take back 1BTC and publish the password.
Happy cracking!
|
|
|
|
|
minimalB (OP)
Donator
Hero Member
Offline
Activity: 674
Merit: 522
|
|
April 06, 2016, 11:01:38 PM |
|
Here is a small password hint: If you divide the number of UPPERCASE letters by the number of lowercase letters you get an integer.
This should give you a nice 35% speed boost!
|
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3304
Merit: 16599
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
June 12, 2016, 09:21:07 AM |
|
It took ~20 hours on three n1-highcpu-16 machines on Google Compute. Each one did ~50 passwords per second, 150 total.
It cost around $38 overall.
At this rate it would take up to 4 years to crack the Third password. At $38 for 20 hours it's clearly not worth it. Here is a small password hint: If you divide the number of UPPERCASE letters by the number of lowercase letters you get an integer.
So that means: 0 UP 6 low: 0/6=0: integer 1 UP 5 low: 1/5: nope 2 UP 4 low: 2/4: nope 3 UP 3 low: 3/3=1: integer 4 UP 2 low: 4/2=2: integer 5 UP 1 low: 5/1=5: integer |
|
|
|
|
JasonXG
|
|
June 12, 2016, 05:56:06 PM |
|
Can you tell us what was/is the first pass?
First password is "BarT". Wow !! Dude good for you !! Well done ! Thanks OP for doing this its great ! |
|
|
|
|
janggernaut
Legendary
Offline
Activity: 2366
Merit: 1130
|
|
June 12, 2016, 10:56:18 PM |
|
Can you tell us what was/is the first pass?
First password is "BarT". Wow !! Dude good for you !! Well done ! Thanks OP for doing this its great ! Lol? He already did that 1 year ago and this challenge isnt done yet. Theres still 1 wallet ( third wallet) which still didnt got cracked. Damn, i hope i know whats password in third wallet since the prize is high. |
|
|
|
|
minimalB (OP)
Donator
Hero Member
Offline
Activity: 674
Merit: 522
|
|
June 13, 2016, 08:05:42 AM |
|
I am also surprised that 3rd wallet is still uncracked. I've got several PMs with "thanks for the money, man!" stating that they will cracked it in a week or two : )
Looks like they miscalculated something...
Anyways... with rising prices and another 10 months to go (2 years total) there is still plenty of time to crack it. Also my hint reduces the time for a brute force attack quite a lot (about 35%).
|
|
|
|
|
janggernaut
Legendary
Offline
Activity: 2366
Merit: 1130
|
|
June 13, 2016, 08:15:08 AM |
|
I am also surprised that 3rd wallet is still uncracked. I've got several PMs with "thanks for the money, man!" stating that they will cracked it in a week or two : )
Looks like they miscalculated something...
Anyways... with rising prices and another 10 months to go (2 years total) there is still plenty of time to crack it. Also my hint reduces the time for a brute force attack quite a lot (about 35%).
Your pass in 3rd seems very difficult to cracked, lol. Altough you already gave more hint (35%) , im still no have any idea about the pass. |
|
|
|
|
mmitech
Legendary
Offline
Activity: 1148
Merit: 1001
things you own end up owning you
|
|
August 29, 2016, 02:46:33 PM |
|
I didn't read all posts in this thread, but I suggest that you use hashcat, it is the fastest and most developed open source tool for brute-forcing, you can download binaries and read more about it here, The great thing about hashcat is that you can set a cluster (brute forcing pool) of many rigs that have multiple GPUs to crack one password... I've used this software to crack Nokia SL3 Locks and this is the way how I've got into bitcoin in the first place (bought miners from a miner who was selling miners after the first halving). Sadly, since the amount is only 1 BTC it is not worth my time to try to crack it, maybe in the future when a bitcoin is so valuable that it would justify wasting hash power on it. Edit: OK you don't have a wallet.dat but you have an encrypted private key so I am not sure about hashcat, it was a couple of years since last time I've used it for Bitcoin so you need to verify this info. |
|
|
|
|
|
BitcoinSupremo
|
|
August 29, 2016, 03:30:46 PM |
|
Interesting challenge. So I am assuming I am real safe since my password to all of my desktop wallets is the same , 2 words linked together who make sense only to me plus a few numbers who make sense only to me and some special characters who I always use . 13 letters password, upper and lower case plus special character should take 331 years to crack since one 6 random character password needs 31.34 year to get cracked. |
|
|
|
|
mmitech
Legendary
Offline
Activity: 1148
Merit: 1001
things you own end up owning you
|
|
August 29, 2016, 03:42:27 PM |
|
Interesting challenge. So I am assuming I am real safe since my password to all of my desktop wallets is the same , 2 words linked together who make sense only to me plus a few numbers who make sense only to me and some special characters who I always use . 13 letters password, upper and lower case plus special character should take 331 years to crack since one 6 random character password needs 31.34 year to get cracked. Humans are horrible when it comes to randomness thus are horrible with generating a safe and random password (if it make sense to you than it could be guessed), not to mention that if you use the same password multiple times for multiple things the risk of being "hacked" becomes really high, it would just take a key-logger or some site/service being hacked (assuming the hacker gets the hashing/salting keys) and they can have access to every place that has the same password. Usually hackers do hack for the reason of: - There is a justified financial gain. - To send a statement. - Just prove it can be done. - Show off their skills (mostly young hackers). Just try to do the best security practices, even then you are not 100% safe. |
|
|
|
|
Timelord2067
Legendary
Offline
Activity: 3668
Merit: 2217
💲🏎️💨🚓
|
|
September 08, 2016, 05:58:29 AM |
|
Interesting challenge. So I am assuming I am real safe since my password to all of my desktop wallets is the same , 2 words linked together who make sense only to me plus a few numbers who make sense only to me and some special characters who I always use . 13 letters password, upper and lower case plus special character should take 331 years to crack since one 6 random character password needs 31.34 year to get cracked.
1234567890123Coincidence? I think not...  |
|
|
|
LoyceV
Legendary
Offline
Activity: 3304
Merit: 16599
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
September 08, 2016, 06:33:49 AM |
|
Humans are horrible when it comes to randomness thus are horrible with generating a safe and random password (if it make sense to you than it could be guessed) I can very easily create a very random password: r7z3gfJ$g)lf*?~3' I just press the keyboard a few times without looking, to make it more random I used my left hand on my right hand's position too. No way anybody could guess this with a dictionary attack. But once I create a decent password like this, I can't remember it. And if I can, I will for sure forget it if I don't use it every day. I'm also "struggling" with the idea how to securely store Bitcoins. Even a hardware wallet ultimately comes down to storing a backup passphrase on a piece of paper. And that piece of paper can be stolen. Bitcoin Brain Wallets are a special case, you don't need access to any files to be able to brute force it, and you can search for all wallets at the same time. Can you believe the brain wallet thequickbrownfoxjumpedoverthelazydog has received 106 BTC in total? Thenextweb.com shows some of the brain wallets found by researchers: 1. say hello to my little friend
4. party like it’s 1999
5. yohohoandabottleofrum
9. {1summer2leo3phoebe
13. blablablablablablabla I show these Just to show adding a few numbers to words is not enough to stop a brute force attack. |
|
|
|
mmitech
Legendary
Offline
Activity: 1148
Merit: 1001
things you own end up owning you
|
|
September 08, 2016, 06:56:40 AM |
|
Humans are horrible when it comes to randomness thus are horrible with generating a safe and random password (if it make sense to you than it could be guessed) I can very easily create a very random password: r7z3gfJ$g)lf*?~3' I just press the keyboard a few times without looking, to make it more random I used my left hand on my right hand's position too. No way anybody could guess this with a dictionary attack. But once I create a decent password like this, I can't remember it. And if I can, I will for sure forget it if I don't use it every day. I'm also "struggling" with the idea how to securely store Bitcoins. Even a hardware wallet ultimately comes down to storing a backup passphrase on a piece of paper. And that piece of paper can be stolen. Bitcoin Brain Wallets are a special case, you don't need access to any files to be able to brute force it, and you can search for all wallets at the same time. Can you believe the brain wallet thequickbrownfoxjumpedoverthelazydog has received 106 BTC in total? Thenextweb.com shows some of the brain wallets found by researchers: 1. say hello to my little friend
4. party like it’s 1999
5. yohohoandabottleofrum
9. {1summer2leo3phoebe
13. blablablablablablabla I show these Just to show adding a few numbers to words is not enough to stop a brute force attack. When I said humans are horrible at generating random passwords, I've already took in considerations the definition of a password, which is a string that grant you access and which you suppose to be the only one (and the trusted second party and maybe a third party) to know. No one asked you if you can generate a random string (even then, there is a question about your ability to generate great randomness) btw, hardware wallets are maybe the safest thing we have for now, and of course there is nothing 100% secure/safe, when you break things down there is always a point of failure, but your job is to make the possibility of that happening as low as possible. BTW, I wouldn't recommend brain wallet for anyone. For a hardware wallet, you can write half of the words on one paper the other half on another paper and just keep them separated. |
|
|
|
|
|
pvaspecialist
|
|
September 08, 2016, 10:10:29 AM |
|
It took ~20 hours on three n1-highcpu-16 machines on Google Compute. Each one did ~50 passwords per second, 150 total.
It cost around $38 overall.
At this rate it would take up to 4 years to crack the Third password. At $38 for 20 hours it's clearly not worth it. Here is a small password hint: If you divide the number of UPPERCASE letters by the number of lowercase letters you get an integer.
So that means: 0 UP 6 low: 0/6=0: integer 1 UP 5 low: 1/5: nope 2 UP 4 low: 2/4: nope 3 UP 3 low: 3/3=1: integer 4 UP 2 low: 4/2=2: integer 5 UP 1 low: 5/1=5: integer Hints is not enough to find the password.It would very hard to find the password.I divided the number of UPPERCASE letters by the number of lowercase letters I got some numbers.I think password will be UPPERCASE letters and lowercase letters with integers.Well I will try. |
|
|
|
|
|
