j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
March 23, 2016, 12:30:23 PM |
|
Hi,
I wrote my private key on the paper, and i tried to retrieve the btc from the address recently, but found my private key only contain 50 characters! It is my mistake when record down the private key!!
The private key format is WIF without any compressed, base58, start with "5". I've 50 characters on hand, is there any brute force tools to calculate the key in quick way?
Thank you.
|
|
|
|
|
|
|
|
|
Even in the event that an attacker gains more than 50% of the network's
computational power, only transactions sent by the attacker could be
reversed or double-spent. The network would not be destroyed.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4623
|
|
March 23, 2016, 12:52:50 PM |
|
Hi,
I wrote my private key on the paper, and i tried to retrieve the btc from the address recently, but found my private key only contain 50 characters! It is my mistake when record down the private key!!
The private key format is WIF without any compressed, base58, start with "5". I've 50 characters on hand, is there any brute force tools to calculate the key in quick way?
Thank you.
If you're sure that you are only missing 1 character, and that you got ALL the other characters correct, then you have less than 3,000 possibilities to try. A computer program could probably try all the possibilities in less than a second. Do not give your private key to anybody else to try for you (unless you are VERY CERTAIN that they are trustworthy). And be VERY careful about any programs anybody else gives you (since they could be trying to trick you into running wallet stealing software).
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4919
https://merel.mobi => buy facemasks with BTC/LTC
|
|
March 23, 2016, 12:55:21 PM |
|
Pretty easy to hack something together in bash or perl, just loop trough all the characters, add them to the end of your private key, and try to import them using JSON-RPC, either into bitcoin core or to blockchain.info
|
|
|
|
j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
March 23, 2016, 12:59:39 PM |
|
i'm sorry i'm not a programmer , any open source tool available to do that?
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4919
https://merel.mobi => buy facemasks with BTC/LTC
|
|
March 23, 2016, 01:04:51 PM |
|
i'm sorry i'm not a programmer , any open source tool available to do that? Do you have bitcoind running on a linux server? In that case, something like this might work: for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourkey"$i ; done
|
|
|
|
j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
March 23, 2016, 01:11:40 PM |
|
i'm sorry i'm not a programmer , any open source tool available to do that? Do you have bitcoind running on a linux server? In that case, something like this might work: for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourkey"$i ; done
Bravo! Many thanks! , i don't have bitcoind running now, but i will get one to do so.
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1075
Ian Knowles - CIYAM Lead Developer
|
|
March 23, 2016, 01:16:06 PM |
|
i'm sorry i'm not a programmer , any open source tool available to do that? Do you have bitcoind running on a linux server? In that case, something like this might work: for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourkey"$i ; done
Bravo! Many thanks! , i don't have bitcoind running now, but i will get one to do so. That will only guess a final character (i.e. is assuming you missed the very last character only). If you are not certain which character you missed then you'd need to basically repeat like this: for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "y"$i"ourkey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yo"$i"urkey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "you"$i"rkey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "your"$i"key" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourk"$i"ey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourke"$i"y" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourkey"$i ; done
(hope that makes sense and of course the first character is always going to be the 5)
|
|
|
|
j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
March 23, 2016, 01:21:04 PM |
|
i'm sorry i'm not a programmer , any open source tool available to do that? Do you have bitcoind running on a linux server? In that case, something like this might work: for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourkey"$i ; done
Bravo! Many thanks! , i don't have bitcoind running now, but i will get one to do so. That will only guess a final character (i.e. is assuming you missed the very last character only). If you are not certain which character you missed then you'd need to basically repeat like this: for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "y"$i"ourkey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yo"$i"urkey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "you"$i"rkey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "your"$i"key" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourk"$i"ey" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourke"$i"y" ; done for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli importprivkey "yourkey"$i ; done
(hope that makes sense and of course the first character is always going to be the 5) Indeed, i'm going to do so. The missing character is not really the last character but somewhere inside the 50. Your guys are awesome.
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4919
https://merel.mobi => buy facemasks with BTC/LTC
|
|
March 23, 2016, 01:51:08 PM |
|
Indeed, i'm going to do so. The missing character is not really the last character but somewhere inside the 50. Your guys are awesome.
Sorry, i wrongfully assumed it was the last character that went missing (wrong copy/paste), but like CIYAM already said, you can repeat the step 50 times EDIT: btw: you can get the bitcoin-cli binary, connect it to blockchain.info's JSON-RPC API in case you don't want to sync the whole blockchain: for i in `perl -e '$,=" ";print +(A..Z),(a..z),(0..9)'` ; do bitcoin-cli -rpcconnect=rpc.blockchain.info -rpcport=443 -rpcssl -rpcuser=YourWalletIdentifier -rpcpassword=YourPassword importprivkey "yourkey"$i ; done Just be carefull: i'm not sure if blockchain will ban your ip after x ammount of tries ALSO: sweep your wallet and move your funds to a secure wallet once you've used blockchain's API, i would personally not trust an online wallet.... (btw: the approach is untested)
|
|
|
|
j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
April 15, 2016, 05:58:29 AM |
|
I'm using perl in window, and encounter an error as below. Do i have to define the variables like i='(A..Z)' ?? C:\Strawberry\perl\test>perl test.pl Missing $ on loop variable at test.pl line 1. for i in `perl -e '$,=" "; print +(A..Z),(a..z),(0..9)'`;
|
|
|
|
dserrano5
Legendary
Offline
Activity: 1974
Merit: 1029
|
|
April 15, 2016, 06:30:38 AM |
|
I'm using perl in window, and encounter an error as below. Do i have to define the variables like i='(A..Z)' ?? C:\Strawberry\perl\test>perl test.pl Missing $ on loop variable at test.pl line 1. for i in `perl -e '$,=" "; print +(A..Z),(a..z),(0..9)'`; "for i in something; do something; done" is not perl. It's bash, and I don't think you get that in stock windows boxes even today. Install cygwin and try there.
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4919
https://merel.mobi => buy facemasks with BTC/LTC
|
|
April 15, 2016, 06:33:47 AM |
|
I'm using perl in window, and encounter an error as below. Do i have to define the variables like i='(A..Z)' ?? C:\Strawberry\perl\test>perl test.pl Missing $ on loop variable at test.pl line 1. for i in `perl -e '$,=" "; print +(A..Z),(a..z),(0..9)'`; "for i in something; do something; done" is not perl. It's bash, and I don't think you get that in stock windows boxes even today. Install cygwin and try there. ^^ this is correct... I'm running on a linux box (and i wrongly assumed so were you), so it's basically a combination between bash and perl (which is installed by default on 90+% of the linux distros, but not on windows... you need something like mobaXterm or cygwin with some addons to do this task)... Did you get this solved, or do i have to rewrite it in pure perl?
|
|
|
|
vlamer
Member
Offline
Activity: 101
Merit: 11
N.E.E.T
|
|
April 15, 2016, 06:35:01 AM |
|
maybe you can use crunch - wordlist generator https://sourceforge.net/projects/crunch-wordlist/./crunch 52 52 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz -t L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY@ -o found.txt
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4919
https://merel.mobi => buy facemasks with BTC/LTC
|
|
April 15, 2016, 06:36:38 AM |
|
it's a nice tool... I didn't know that one, seems like a really cool tool to use in the future. Thanks for the link
|
|
|
|
j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
April 15, 2016, 07:05:28 AM |
|
cool tool, i give a try
|
|
|
|
j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
April 15, 2016, 07:12:50 AM |
|
I'm using perl in window, and encounter an error as below. Do i have to define the variables like i='(A..Z)' ?? C:\Strawberry\perl\test>perl test.pl Missing $ on loop variable at test.pl line 1. for i in `perl -e '$,=" "; print +(A..Z),(a..z),(0..9)'`; "for i in something; do something; done" is not perl. It's bash, and I don't think you get that in stock windows boxes even today. Install cygwin and try there. ^^ this is correct... I'm running on a linux box (and i wrongly assumed so were you), so it's basically a combination between bash and perl (which is installed by default on 90+% of the linux distros, but not on windows... you need something like mobaXterm or cygwin with some addons to do this task)... Did you get this solved, or do i have to rewrite it in pure perl? I'm using perl in window, and encounter an error as below. Do i have to define the variables like i='(A..Z)' ?? C:\Strawberry\perl\test>perl test.pl Missing $ on loop variable at test.pl line 1. for i in `perl -e '$,=" "; print +(A..Z),(a..z),(0..9)'`; "for i in something; do something; done" is not perl. It's bash, and I don't think you get that in stock windows boxes even today. Install cygwin and try there. thanks dude, i will run it in cygwin
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4919
https://merel.mobi => buy facemasks with BTC/LTC
|
|
April 15, 2016, 09:11:58 AM |
|
thanks dude, i will run it in cygwin If you cannot get it fixed, let us know and i'll rewrite it in perl (not much work, but i won't do it if it's not needed)
|
|
|
|
j55rrt (OP)
Newbie
Offline
Activity: 16
Merit: 1
|
|
April 15, 2016, 12:13:05 PM |
|
thanks dude, i will run it in cygwin If you cannot get it fixed, let us know and i'll rewrite it in perl (not much work, but i won't do it if it's not needed) that will be great if you can rewrite it in perl. i just ran it in the cygwin, same error
|
|
|
|
deepceleron
Legendary
Offline
Activity: 1512
Merit: 1028
|
|
April 17, 2016, 09:21:04 AM |
|
The wallet import format has a checksum in it just like Bitcoin addresses. It is possible to quickly determine if a candidate "recovered" key is valid: WIF checksum checking1 - Take the Wallet Import Format string 5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ 2 - Convert it to a byte string using Base58Check encoding 800C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D507A5B8D 3 - is the beginning byte string 0x80? If not, invalid. 4 - Drop the last 4 checksum bytes from the byte string 800C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D 5 - Perform SHA-256 hash on the shortened string 8147786C4D15106333BF278D71DADAF1079EF2D2440A4DDE37D747DED5403592 6 - Perform SHA-256 hash on result of SHA-256 hash 507A5B8DFED0FC6FE8801743720CEDEC06AA5C6FCA72B07C49964492FB98A714 7 - Take the first 4 bytes of the second SHA-256 hash, this is the checksum 8 - Is #7 the same as the last 4 bytes of #2? If not, invalid. If we have such a checking routine that can try hundreds of WIF key checksums per second, then all we need to do is feed different text possibilities into the validator logically. It may be possible to programmatically find the private key with several characters mistranscribed or missing: - Starts with "5"? No? Add "5" if missing characters; substitute "5" if right length; add "5" and drop other characters if right length; - Correct Length: substitute alternate upper/lower case for one character, check all positions for one character wrong, then iterate for increasing numbers of multiple incorrect cases, incorrect letters, etc; - Missing one character? Try adding all Base58 characters at all positions. Missing two characters? It becomes a slightly harder problem. Adding two characters in all possible positions = 3,956,064 possibilities (if the 5 at the start is correct). Single-threaded python does about 300,000 SHA256 hashes a second on my PC, so probably less than a minute to try all. This might be an interesting programming project, but I wouldn't bother until it's actually going to recover some Bitcoins.
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3388
Merit: 4919
https://merel.mobi => buy facemasks with BTC/LTC
|
|
April 18, 2016, 05:49:06 AM |
|
@deepceleron: thanks for the info, i never tought about the problem like that.
Since it seems to be an interesting problem, i'll try to write a perl script to take a private key in WIF format with x missing letters as input, and permutate all allowed characters in this string, test if the permutated pk is valid and write all the valid keys to a logfile (or import them in bitcoin core directly).
Since this is a bit more difficult, and i can only work on the problem during my luchbreak, it might take a couple of days tough.
|
|
|
|
|