With regards to item #1... What happens if you enter the following URL into your webbrowser:
https://blockchain.info/wallet/ENTER-YOUR-WALLET-ID-HERE?format=jsonfor example:
https://blockchain.info/wallet/9bb4c672-563e-4806-9012-a3e8f86a0eca?format=jsonDoes the system prompt you to authorise the login attempt via Email? Do you get sent an email asking to confirm the login? If so, click authorise and try and load the URL again. You should see the wallet.aes.json text which you can copy/paste to a text file in preparation for using btcrecover.
Do you have the email address originally used to register the wallet? If so, you *might* be able to get the Blockchain.info support people to supply you with the wallet.aes.json... which will contain the encrypted "payload" data for your wallet... You'd just need to run the gauntlet of ID verification etc. But I've heard it is possible.
Hello,
I tried out your method, I received the confirmation email, however when returning to the previous tab it did not display the wallet.aes.json data, it remained the same.
Any other suggestions?
Did you have any luck downloading the blockchain.info json payload?
I've had no success for a wallet for which I have lost the password. Using the URL
https://blockchain.info/wallet/<WalletID>?format=json only works for wallets that I've already accessed from the machine I'm using to access the URL. In other words, it is cached. If I try to access a wallet ID that isn't cached (I've never accessed it from the machine I'm using), I'm given a message stating that an auth email has been sent. Even when I receive the email and click to approve auth, the browser still won't load the json showing the payload... I just get the same message stating an email has been sent. Clearing cache, etc., doesn't help.
Anyone else have luck obtaining the wallet.aes.json information?
I managed to retrieve the wallet using the recover wallet function in btcrecover, modifying the URL directly did not work.
I decided to test just to see if I can duplicate the problem.
First,
https://blockchain.info/wallet/ENTER-YOUR-WALLET-ID-HERE?format=jsonThis only works if you're either logged in already or have access to the email address to allow clicking on the allow link or if no email was setup.
Assuming you have access to one of the three above, you can download the wallet.aes.json
To ensure this works, I created a new wallet:
04c51acb-cd25-443b-b476-24596510743b with a password of Internet123
Going to
https://blockchain.info/wallet/04c51acb-cd25-443b-b476-24596510743b?format=jsonI get:
{"extra_seed":"9aad9898377c0512d95937251218be88f6819aea118b7b84f0285c489f8848bb8fdc96aa120e16ccb23aaff30470a8fedb01f0fa35b69a031d9f84b2e9b30cd0","auth_type":0,"initial_success":"Reminder: Verify your email.","real_auth_type":0,"payload":"{\"pbkdf2_iterations\":5000,\"version\":3,\"payload\":\"wKMW8TesJrvop+ZNVKN6VeW+9vjFUxunjNdif7i8VE9EA6CquuR\/70j0cP\/oa7tbEjqp2G\/qIJaHStaytIJOkUHYZT8yPMjnj9O0zlRMijN9x7P1JnH0tDVuCZwRSp6ZgYAbVBfdFYqb+j8JWgN3gZIwFttyt+uOHQTZ8PgFkJqKu1DJzU8gMDAYesCRywtIgeUslkPf7xMu78kMYPzQ07mbGagmGmCL0ICoK4VZP+NO8igEZZYwfMcSGG0lawoWpObvon+EwDZ1KIvD6ob3m3wjD+RECeOKpwQT1K04WbplGarrJfX2Nup89\/l0uWEITQIU3Sc4AxbY7BAhHh1nyctv6Ttt+Xtko7l77JjAQ8gYl5s+4jFB5VtUj5MGuS00B\/gPbiqZZKtGMJan2JopX9Wk7ydOiR4mXa94sZxU5jfhiCAaUO3cEd0ssEEeQce6mIqLbVjYbdUytRxV2+n+6fP4PEEDeWtKpFMzYIR4iWMYChJ8mKiKybBSEEGYvVHQYvQbahx9tMuNIQo4voTFn4LUovLMmANFsj0lufHbN4nI7yuEPY5etwZL0wt2dw5cuFKUqY+P8GiGl1WhcFfouD8Y5cVaGL\/Sp3Nqx8sk6hR8zyrcXqrO7WFDaX+kY4dAH\/HnBWUVZ5AI9sgKLJviwt9PgKoZzq4kSYXOnAQE8F+PxJOt7sCZsrsxjFgdj8auZpCTj3OuEH\/Ula8CJSr52iDx1ZmqtjrnVXgzE5nB7Nu9B2f2+XK3qO2DNS1Qljcr9+uJvEymjklmArro1sDBUMGRORT+cENbTgkX8mRr75cA6T7KlVBd+wwVbouLvScBUizlgfx3bNZFGMJCbR5MAnF1ivKpxnokMsBHfl6l9bACiBHjdgFAF69o3yfAT9sIQiXsPK9bpuKvZT\/nJalI81ksBD+9+ELSQ+sqH9CtbKYCXxdIA63EEVANfPROEjHPgkrz4YZHan5jiaKXy+LN0dQCTKZbrAiK2ZmDFqTqfnxiOhLaie5yhDjbUjrznWPwoa0ZNF2ckBzo3CcCr0hvi3CfmpDqDKieWnRRDxmJRfqmu\/rj\/iJPDUMZD\/ElQOsiJNaZrG4eunEbYDd7KE6rtx8Ir51ijrtMlbQonhr6WQTNZdLPmfWzLLvt8H1a9dsmwgjvQwPn+v8K9YFpholXSKCGhceJjNy\/5VBlltoYU5L3Rh6FrADAZBFrPt\/xeHrYrrViOvTxlQffeJSIqlpUfs1uqZ7Xw+XoWHOhjKPVvWRULDBaKYo+sTfVtQsjh0CzTQ64TOYHQQd82Dk3jBZRfw0NO7lZLjMog2UZt70rOKFw39cYRYIaFLuV8zqgh+Z5hwsM7VIUsXjiaBamjSDo3yg33i9iI34tpZTJKrjJvqD3bcwK1FqYkjyV6JFgi6IHxFjIpqBOUyF67Rnw3uATq1vgxo4o\/GY0cUSH46x\/6\/5UWLp\/jccUpfjqq+r41WOsRDoy0RDX9t3iq0K0gjGa8+C8KyZ2hTegcUZX25YkMJgJNv8audvXV840l+T1EZKZvnd88FaIoa09jSvwnp4o+KuZIXizMnDTSDsuiPVFAylcGU1dDlIq6dRseSeUqPsb\/9Ehok9GUucrMxeDLS3P2CwYazvt6V3E6nKC388SndLMyYPIuj6klBjfbiCEziPbjGBVGRsqmMEiIbo4MqS6E5\/eXiIeO4xGI1hdfS1o+VYaXYjt8VaJFTjI0XDL98XJ1tQfa4weVTPKtULJP61aiDq85Xwzhmcm3QXuzRsttcMT9yAPPe5nsiufBIZ83cz9AP4M\/PNXYhmr1guAfnOlJz2NJjWZxunXonIqKq1\/rCE3jigLtoeuoX43kFJ39gkx7tPoKom8\/ccWdcDEaljE8M9F6ZM1LA0AA6GpiPPnIAw=\"}","symbol_local":{"symbol":"$","code":"USD","symbolAppearsAfter":false,"name":"U.S. dollar","local":true,"conversion":5677.96942186},"guid":"04c51acb-cd25-443b-b476-24596510743b","payload_checksum":"ee1b621250d9a4c616b6fe11f55b10def49883b35fdfc5345807d9194238713e","war_checksum":"8f7d54ba8f9fcc75","language":"en","symbol_btc":{"symbol":"BTC","code":"BTC","symbolAppearsAfter":true,"name":"Bitcoin","local":false,"conversion":100000000.00000000},"sync_pubkeys":false}
And, using the download script, I get:
E:\btcrecover-master\extract-scripts>download-blockchain-wallet.py
Please enter your wallet's ID (e.g. 9bb4c672-563e-4806-9012-a3e8f86a0eca)
> 04c51acb-cd25-443b-b476-24596510743b
Wallet file saved as 04c51acb-cd25-443b-b476-24596510743b
which contains:
{"pbkdf2_iterations":5000,"version":3,"payload":"wKMW8TesJrvop+ZNVKN6VeW+9vjFUxunjNdif7i8VE9EA6CquuR/70j0cP/oa7tbEjqp2G/qIJaHStaytIJOkUHYZT8yPMjnj9O0zlRMijN9x7P1JnH0tDVuCZwRSp6ZgYAbVBfdFYqb+j8JWgN3gZIwFttyt+uOHQTZ8PgFkJqKu1DJzU8gMDAYesCRywtIgeUslkPf7xMu78kMYPzQ07mbGagmGmCL0ICoK4VZP+NO8igEZZYwfMcSGG0lawoWpObvon+EwDZ1KIvD6ob3m3wjD+RECeOKpwQT1K04WbplGarrJfX2Nup89/l0uWEITQIU3Sc4AxbY7BAhHh1nyctv6Ttt+Xtko7l77JjAQ8gYl5s+4jFB5VtUj5MGuS00B/gPbiqZZKtGMJan2JopX9Wk7ydOiR4mXa94sZxU5jfhiCAaUO3cEd0ssEEeQce6mIqLbVjYbdUytRxV2+n+6fP4PEEDeWtKpFMzYIR4iWMYChJ8mKiKybBSEEGYvVHQYvQbahx9tMuNIQo4voTFn4LUovLMmANFsj0lufHbN4nI7yuEPY5etwZL0wt2dw5cuFKUqY+P8GiGl1WhcFfouD8Y5cVaGL/Sp3Nqx8sk6hR8zyrcXqrO7WFDaX+kY4dAH/HnBWUVZ5AI9sgKLJviwt9PgKoZzq4kSYXOnAQE8F+PxJOt7sCZsrsxjFgdj8auZpCTj3OuEH/Ula8CJSr52iDx1ZmqtjrnVXgzE5nB7Nu9B2f2+XK3qO2DNS1Qljcr9+uJvEymjklmArro1sDBUMGRORT+cENbTgkX8mRr75cA6T7KlVBd+wwVbouLvScBUizlgfx3bNZFGMJCbR5MAnF1ivKpxnokMsBHfl6l9bACiBHjdgFAF69o3yfAT9sIQiXsPK9bpuKvZT/nJalI81ksBD+9+ELSQ+sqH9CtbKYCXxdIA63EEVANfPROEjHPgkrz4YZHan5jiaKXy+LN0dQCTKZbrAiK2ZmDFqTqfnxiOhLaie5yhDjbUjrznWPwoa0ZNF2ckBzo3CcCr0hvi3CfmpDqDKieWnRRDxmJRfqmu/rj/iJPDUMZD/ElQOsiJNaZrG4eunEbYDd7KE6rtx8Ir51ijrtMlbQonhr6WQTNZdLPmfWzLLvt8H1a9dsmwgjvQwPn+v8K9YFpholXSKCGhceJjNy/5VBlltoYU5L3Rh6FrADAZBFrPt/xeHrYrrViOvTxlQffeJSIqlpUfs1uqZ7Xw+XoWHOhjKPVvWRULDBaKYo+sTfVtQsjh0CzTQ64TOYHQQd82Dk3jBZRfw0NO7lZLjMog2UZt70rOKFw39cYRYIaFLuV8zqgh+Z5hwsM7VIUsXjiaBamjSDo3yg33i9iI34tpZTJKrjJvqD3bcwK1FqYkjyV6JFgi6IHxFjIpqBOUyF67Rnw3uATq1vgxo4o/GY0cUSH46x/6/5UWLp/jccUpfjqq+r41WOsRDoy0RDX9t3iq0K0gjGa8+C8KyZ2hTegcUZX25YkMJgJNv8audvXV840l+T1EZKZvnd88FaIoa09jSvwnp4o+KuZIXizMnDTSDsuiPVFAylcGU1dDlIq6dRseSeUqPsb/9Ehok9GUucrMxeDLS3P2CwYazvt6V3E6nKC388SndLMyYPIuj6klBjfbiCEziPbjGBVGRsqmMEiIbo4MqS6E5/eXiIeO4xGI1hdfS1o+VYaXYjt8VaJFTjI0XDL98XJ1tQfa4weVTPKtULJP61aiDq85Xwzhmcm3QXuzRsttcMT9yAPPe5nsiufBIZ83cz9AP4M/PNXYhmr1guAfnOlJz2NJjWZxunXonIqKq1/rCE3jigLtoeuoX43kFJ39gkx7tPoKom8/ccWdcDEaljE8M9F6ZM1LA0AA6GpiPPnIAw="}
Strange... The information for both is different. So, let's see what extracting the data gives:
E:\btcrecover-master\extract-scripts>extract-blockchain-main-data.py 04c51acb-cd25-443b-b476-24596510743b
Blockchain first 16 encrypted bytes, iv, and iter_count in base64:
Yms65b72+MVTG6eM12J/uLxUT8CjFvE3rCa76KfmTVSjelWIEwAArdyA3Q==
E:\btcrecover-master\extract-scripts>extract-blockchain-main-data.py wallet-from-http.txt
Blockchain first 16 encrypted bytes, iv, and iter_count in base64:
Yms65b72+MVTG6eM12J/uLxUT8CjFvE3rCa76KfmTVSjelWIEwAArdyA3Q==
So, either method you use, the data extracted is the same. This is good in knowing that either way results in the same extracted data.
So, now let's try to crack in via tokens.
I created a basic token file. (basic.txt) which only contains: Internet123 (Yes, the exact password - just to prove the wallet can be cracked if it gets the right password)
E:\btcrecover-master>btcrecover.py --tokenlist basic.txt --data-extract
Starting btcrecover 0.17.9 on Python 2.7.13 64-bit, 16-bit unicodes, 32-bit ints
Please enter the data from the extract script
> Yms65b72+MVTG6eM12J/uLxUT8CjFvE3rCa76KfmTVSjelWIEwAArdyA3Q==
Wallet difficulty: 5,000 PBKDF2-SHA1 iterations
Using 8 worker threads
0 of 1 [----------------------------------------------] 0:00:00, ETA: --:--:--
Password found: 'Internet123'
Very nice. It works.
Let's try with a couple of variables.... I change the token in basic.txt to:
Without going into a long explaination, this will try passwords like:
internet0, Internet232, 2nternet1, 0nternet999, Anternet1, nternet00, and so on.
E:\btcrecover-master>btcrecover.py --tokenlist basic.txt --data-extract
Starting btcrecover 0.17.9 on Python 2.7.13 64-bit, 16-bit unicodes, 32-bit ints
Please enter the data from the extract script
> Yms65b72+MVTG6eM12J/uLxUT8CjFvE3rCa76KfmTVSjelWIEwAArdyA3Q==
Wallet difficulty: 5,000 PBKDF2-SHA1 iterations
Using 8 worker threads
96855 of 116602 [###############################-------] 0:02:30, ETA: 0:00:30
Password found: 'Internet123'
I wont go into anymore combinations as I only wanted to point out that it works.
To bad I still haven't cracked the password to my friends account which he lost the password to years ago. It was only about .05 BTC though. Maybe try again in a few more years.