Bitcoin Forum
January 19, 2019, 05:29:56 AM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Lost 3 out of 24 words of my passphrase. Bruteforce possible?  (Read 164 times)
pcmbtc
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
January 05, 2018, 03:00:53 PM
 #1

Hello everyone.

I went through some of my older private keys and in one of them i've seem to have lost 3 out of the 24 words of my passphrase. I'll spare you the details of my idiocy  Undecided. There wasn't really that much money in there but I was wondering if bruteforcing these 3 words is possible since I have the other 21. I don't really know how this stuff works but if it is possible, how would I go about doing this?

thx in advance.
"You Asked For Change, We Gave You Coins" -- casascius
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
SopaXT
Full Member
***
Offline Offline

Activity: 161
Merit: 109


View Profile
January 05, 2018, 03:09:27 PM
 #2

First of all, do you have them in order (first, second, third...)?

If yes, then the problem lies in simply brute-forcing the 3 words, which is about 8 billion tries.
This number may look scary, but in fact it's doable even on an average PC in a few days at most.

How exactly did you lose the last words?
If you still have some parts of them left, this will make the brute-forcing process easier by several orders of magnitude.

LoyceV
Legendary
*
Offline Offline

Activity: 1372
Merit: 2610


Self-made Legendary!


View Profile WWW
January 05, 2018, 04:04:37 PM
 #3

I'll spare you the details of my idiocy  Undecided.
No, please don't spare us, entertain me, I'm curious how you managed to lose 3 but keep the other 21.
How did you create these 24 words in the first place? Usually it comes with a (hardware) wallet: did you destroy that too?

Quote
There wasn't really that much money
Any idea how much we're talking about here? It makes a difference if it's $10 or $1000, especially if you'll end up getting a specialist to do it for you.

If yes, then the problem lies in simply brute-forcing the 3 words, which is about 8 billion tries.
8 billion means you're extremely unlucky Tongue

exander77
Newbie
*
Offline Offline

Activity: 32
Merit: 0


View Profile
January 05, 2018, 04:07:14 PM
 #4

If you know the order and the position of the missing ones it may be possible...
bob123
Hero Member
*****
Offline Offline

Activity: 798
Merit: 805



View Profile WWW
January 05, 2018, 04:27:46 PM
 #5

If yes, then the problem lies in simply brute-forcing the 3 words, which is about 8 billion tries.

2048^3 conforms 8.589.934.592 different combinations. On average you need to search half of the space [1] (= 4.294.967.296).
The last word is a checksum. This makes it much easier to test whether the seed is valid or not. This makes it pretty easy for a halfway modern pc to bruteforce the seed.


I went through some of my older private keys and in one of them i've seem to have lost 3 out of the 24 words of my passphrase. I'll spare you the details of my idiocy  Undecided. There wasn't really that much money in there but I was wondering if bruteforcing these 3 words is possible since I have the other 21. I don't really know how this stuff works but if it is possible, how would I go about doing this?

I would recommend to take a look at btcrecover (https://github.com/gurnec/btcrecover/blob/master/docs/Seedrecover_Quick_Start_Guide.md).
This tool gives you the opportunity to bruteforce the missing words of your seed. You'll need python to run it. There are quite a few tutorials on the internet on how to install python.
If you'll need some help doing so, feel free to ask further questions.


~snip~
No, please don't spare us, entertain me, I'm curious how you managed to lose 3 but keep the other 21.
~snip~

He may stored those 24 words seperated in 24 different places? In shoes, jackets, .. Over time he may have lost / can't remember where he stored the missing 3. Just my guess  Roll Eyes





[1] For further information read more about the birthday paradox here https://en.wikipedia.org/wiki/Birthday_problem and here https://en.wikipedia.org/wiki/Birthday_attack.

Accessence
Newbie
*
Offline Offline

Activity: 41
Merit: 0


View Profile
January 05, 2018, 04:53:48 PM
 #6

If you're referring to a seed then just look at the source code for your wallet and identify the possible words that could have been used.
pcmbtc
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
January 05, 2018, 05:30:36 PM
 #7

Well, I had the words written down on a notebook. Don't quite recall why but some time ago I wrote something on the verse of the page and ripped that part off, not realizing the words were on the other side. Only noticed it today when looking for it. Either way, it has no BTC in it, I moved it a couple of months ago, but I could use it to recover some pocket change worth of BCD.

I do know the position of all the words, as well as the last 2 letters in one of the lost ones. I'll take a look at btcrecover and the python tutorials and see if I can figure it out.

Thanks a lot guys! I'll keep you posted.
LoyceV
Legendary
*
Offline Offline

Activity: 1372
Merit: 2610


Self-made Legendary!


View Profile WWW
January 05, 2018, 05:56:26 PM
 #8

I wrote something on the verse of the page and ripped that part off
Cool story Cheesy

Quote
I do know the position of all the words, as well as the last 2 letters in one of the lost ones
Those 2 letters help you a LOT!
If you share those 2 letters, I'll shorten the full list for you. Of course, don't share the other words, but 2 letters should be fine.

pcmbtc
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
January 05, 2018, 06:00:04 PM
 #9

Last 2 letters of one of the words are "re". The other word's last letter is "t" and I can sort of make out the letter before that, it's either an "r" or and "f"
LoyceV
Legendary
*
Offline Offline

Activity: 1372
Merit: 2610


Self-made Legendary!


View Profile WWW
January 05, 2018, 06:05:45 PM
 #10

Last 2 letters of one of the words are "re".
Code:
acquire
aware
before
core
culture
ensure
entire
expire
feature
figure
fire
future
genre
gesture
glare
hire
ignore
inspire
lecture
leisure
measure
mixture
more
nature
obscure
picture
prepare
rare
require
retire
scare
share
spare
sphere
square
sure
there
unaware
venture
warfare
where
wire

Quote
The other word's last letter is "t" and I can sort of make out the letter before that, it's either an "r" or and "f"
Words ending on rt:
Code:
airport
alert
apart
art
cart
comfort
concert
depart
desert
dirt
divert
effort
heart
hurt
report
short
skirt
smart
sort
sport
start

Words ending on ft:
Code:
craft
draft
drift
gift
left
lift
shaft
shift
soft
swift

This limits your search to 2048*42*31, or 2.6 million possibilities.

pcmbtc
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
January 05, 2018, 06:23:35 PM
 #11

Seems quite reasonable! I'll try to get this btcrecover working and I'll get back to you
pcmbtc
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
January 05, 2018, 09:17:21 PM
 #12

Ok, so the recovery tool is quite simple but I ran into a wall. When asked to input a public adress, it was giving me this error: "An entered address is invalid (not a bitcoin p2pkh adress; version byte is 0x05)". Did some research and apparently this has to do with the fact that this was an segwit address, which uses a different format, and this recovery tool still doesn't support. This was the only address I had in this wallet.

Any ideas? Otherwise I guess I'll have to wait till they implement this.
HCP
Legendary
*
Offline Offline

Activity: 854
Merit: 1036

<insert witty quote here>


View Profile
January 06, 2018, 05:13:33 AM
 #13

Theoretically, it should be possible to modify the seed_recovery tool to generate SegWit addresses to test against... the algorithm for creation of P2SH-P2WPKH addresses is fairly straight forward (https://bitcoincore.org/en/segwit_wallet_dev/#creation-of-p2sh-p2wpkh-address)

pcmbtc
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
January 06, 2018, 01:17:03 PM
 #14

waaaaay beyond my expertise. On the issues section of the github, the dev says it's planned for the future but unlikely to be implemented this month. Oh well, I suppose I'll recover it eventually.
UNOE
Sr. Member
****
Offline Offline

Activity: 540
Merit: 250



View Profile
January 06, 2018, 03:59:05 PM
 #15

Simple google search brought me to this https://github.com/jonathancross/segwit-p2sh I think this might be a thing you are looking for, get back to us if that helps, if not I might even take time to modify the code myself
Felics
Newbie
*
Offline Offline

Activity: 30
Merit: 0


View Profile
January 06, 2018, 10:31:12 PM
 #16

Let us know how you get on! I'd be interested in seeing if you manage to get into in in the end
SanderM2
Newbie
*
Offline Offline

Activity: 24
Merit: 6


View Profile
January 13, 2018, 03:18:47 PM
 #17

Did you finally manage to recover it?
Pages: [1]
  Print  
 
Jump to:  

Bitcointalk.org is not available or authorized for sale. Do not believe any fake listings.
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!