Bitcoin Core passphrase problem

[phantitox]

So i have and old wallet.dat that i recover from a damage hard drive, but dont remember the passphrase, here is the thing before the hard drive was damage i dump the private key on the bitcoin core client, but i try to import it to blockchain.info and  it only show me 1 address and i think the btc that i want to recover are in another address but from the same wallet, i have options here or this is a total lost?

[1714545453]

1714545453

[1714545453]

1714545453

[1714545453]

1714545453

[1714545453]

1714545453

[OmegaStarScream]

So i have and old wallet.dat that i recover from a damage hard drive, but dont remember the passphrase, here is the thing before the hard drive was damage i dump the private key on the bitcoin core client, but i try to import it to blockchain.info and  it only show me 1 address and i think the btc that i want to recover are in another address but from the same wallet, i have options here or this is a total lost?

Yes they are lost , if you don't have the pass-phrase then it's totally impossible to open encrypted wallet.dat from Bitcoin Core . Unless the password is easy and you try to crack it (not sure how though)

[achow101]

There are tools to crack wallets but they only work if you have some idea of what the password is.

[tspacepilot]

Out of curiousity, and I think it's relevant here, what sort of encryption does bitcoin-core use to encrypt wallets?  I would guess that it's going to be something in the aes suite.  I guess I'm just imagining if I had to make a cracker for my own wallet, what would I put in the shell script.  Here's pseudocode:

Code:

for guess in guesses.next(); do
  # run some command to try decryption
  openssl -d ?? -i wallet.dat.encrypted
  # test for success, maybe just $?, or is there a magic number in wallet.dat to look for
  if $?==0; then
    echo "we win!"
    break
done

So, really, I have two questions?  What's the encryption algo?  And what's the test for success?
 

[shorena]

Out of curiousity, and I think it's relevant here, what sort of encryption does bitcoin-core use to encrypt wallets?  I would guess that it's going to be something in the aes suite.  I guess I'm just imagining if I had to make a cracker for my own wallet, what would I put in the shell script.  Here's pseudocode:

Code:

for guess in guesses.next(); do
  # run some command to try decryption
  openssl -d ?? -i wallet.dat.encrypted
  # test for success, maybe just $?, or is there a magic number in wallet.dat to look for
  if $?==0; then
    echo "we win!"
    break
done

So, really, I have two questions?  What's the encryption algo?  And what's the test for success?
 

Depending on your python you should find the answer here -> https://github.com/gurnec/btcrecover

IIRC its AES 256 bit

Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change). Although the underlying code supports multiple encrypted copies of the same master key (and thus multiple passphrases) the client does not yet have a method to add additional passphrases.

https://en.bitcoin.it/wiki/Wallet_encryption

[unholycactus]

FYI, wallets usually have more than one address.
If you only exported one private key, that key is only valid for one address. Next time, you should make sure you have the private keys of every single address that has funds.

There are indeed tools to more or less brute force your password.
It is highly unlikely you'll be able to recover your wallet unless you have a vague idea of your passphrase or it's a really weak one.

[tspacepilot]

Out of curiousity, and I think it's relevant here, what sort of encryption does bitcoin-core use to encrypt wallets?  I would guess that it's going to be something in the aes suite.  I guess I'm just imagining if I had to make a cracker for my own wallet, what would I put in the shell script.  Here's pseudocode:

Code:

for guess in guesses.next(); do
  # run some command to try decryption
  openssl -d ?? -i wallet.dat.encrypted
  # test for success, maybe just $?, or is there a magic number in wallet.dat to look for
  if $?==0; then
    echo "we win!"
    break
done

So, really, I have two questions?  What's the encryption algo?  And what's the test for success?
 

Depending on your python you should find the answer here -> https://github.com/gurnec/btcrecover

IIRC its AES 256 bit

Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change). Although the underlying code supports multiple encrypted copies of the same master key (and thus multiple passphrases) the client does not yet have a method to add additional passphrases.

https://en.bitcoin.it/wiki/Wallet_encryption

Thanks, Shorena, it definitely seems to be a lot more complex than just descrypting the wallet file.  You may be right that the specific question I'm curious about is answered somewhere in the source for the btcrecover tool (thanks for the link!).  Just looking at that paragraph from the bitcoin wiki, I'm imagining that you know the passphrase (say), so you'd hash it with sha512 and you'd have to see what this EVP_BytesToKey gives you, then you'd have to gues at how many rounds might have been used?  After that I guess you have the "master key" and you can use that to decrypt individual private keys with AES-256-CBC.  There must be somewhere that you can tell how many rounds have been used.  Anyway, to be clear, I don't need to do this right now, I'm just curous about the procedure.

[shorena]

Out of curiousity, and I think it's relevant here, what sort of encryption does bitcoin-core use to encrypt wallets?  I would guess that it's going to be something in the aes suite.  I guess I'm just imagining if I had to make a cracker for my own wallet, what would I put in the shell script.  Here's pseudocode:

Code:

for guess in guesses.next(); do
  # run some command to try decryption
  openssl -d ?? -i wallet.dat.encrypted
  # test for success, maybe just $?, or is there a magic number in wallet.dat to look for
  if $?==0; then
    echo "we win!"
    break
done

So, really, I have two questions?  What's the encryption algo?  And what's the test for success?
 

Depending on your python you should find the answer here -> https://github.com/gurnec/btcrecover

IIRC its AES 256 bit

Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change). Although the underlying code supports multiple encrypted copies of the same master key (and thus multiple passphrases) the client does not yet have a method to add additional passphrases.

https://en.bitcoin.it/wiki/Wallet_encryption

Thanks, Shorena, it definitely seems to be a lot more complex than just descrypting the wallet file.  You may be right that the specific question I'm curious about is answered somewhere in the source for the btcrecover tool (thanks for the link!).  Just looking at that paragraph from the bitcoin wiki, I'm imagining that you know the passphrase (say), so you'd hash it with sha512 and you'd have to see what this EVP_BytesToKey gives you, then you'd have to gues at how many rounds might have been used?  After that I guess you have the "master key" and you can use that to decrypt individual private keys with AES-256-CBC.  There must be somewhere that you can tell how many rounds have been used.  Anyway, to be clear, I don't need to do this right now, I'm just curous about the procedure.

AFAIK the number of rounds is stored in the wallet.dat. Its not meant to be secret anyway, similar to a salt. Do you look at the wallet.dat with pywallet?

[tspacepilot]

Out of curiousity, and I think it's relevant here, what sort of encryption does bitcoin-core use to encrypt wallets?  I would guess that it's going to be something in the aes suite.  I guess I'm just imagining if I had to make a cracker for my own wallet, what would I put in the shell script.  Here's pseudocode:

Code:

for guess in guesses.next(); do
  # run some command to try decryption
  openssl -d ?? -i wallet.dat.encrypted
  # test for success, maybe just $?, or is there a magic number in wallet.dat to look for
  if $?==0; then
    echo "we win!"
    break
done

So, really, I have two questions?  What's the encryption algo?  And what's the test for success?
 

Depending on your python you should find the answer here -> https://github.com/gurnec/btcrecover

IIRC its AES 256 bit

Wallet encryption uses AES-256-CBC to encrypt only the private keys that are held in a wallet. The keys are encrypted with a master key which is entirely random. This master key is then encrypted with AES-256-CBC with a key derived from the passphrase using SHA512 and OpenSSL's EVP_BytesToKey and a dynamic number of rounds determined by the speed of the machine which does the initial encryption (and is updated based on the speed of a computer which does a subsequent passphrase change). Although the underlying code supports multiple encrypted copies of the same master key (and thus multiple passphrases) the client does not yet have a method to add additional passphrases.

https://en.bitcoin.it/wiki/Wallet_encryption

Thanks, Shorena, it definitely seems to be a lot more complex than just descrypting the wallet file.  You may be right that the specific question I'm curious about is answered somewhere in the source for the btcrecover tool (thanks for the link!).  Just looking at that paragraph from the bitcoin wiki, I'm imagining that you know the passphrase (say), so you'd hash it with sha512 and you'd have to see what this EVP_BytesToKey gives you, then you'd have to gues at how many rounds might have been used?  After that I guess you have the "master key" and you can use that to decrypt individual private keys with AES-256-CBC.  There must be somewhere that you can tell how many rounds have been used.  Anyway, to be clear, I don't need to do this right now, I'm just curous about the procedure.

AFAIK the number of rounds is stored in the wallet.dat. Its not meant to be secret anyway, similar to a salt. Do you look at the wallet.dat with pywallet?

That makes sense, I figured it ought to be stored there.  I haven't looked at any particular wallet in this moment, I was just interested in it for the principle---the education.  I'll take a closer look for myself before I ask any further questions.  Thanks Sho.