Testing encrypted private keys

[PC_M@niac]

Hello. I'm have some broken wallet.dat, restored from raw drive image. Wallet made by Bitcoin core v0.15-0.16 (as I know).
Tested in different restore/brutforce software. All scripts stuck while opening file. Bitcoin Core says that file was broken and sweep isn't possible.
But if I open this file using basic text editor, it's contain addresses in plaintext and all other data looks like normal wallet.dat.

I'm tried to understand raw file structure, but only find some high level tools/libs.

I think it is possible to recover private keys from this file, but I need some tool to check/decrypt raw data from wallet.

Anyone know how in low level does private keys stored and encrypted in this file?

Maybe exist some tool that can test provided data (bitcoin address, encryption password, some raw string) by all encryption methods that used in different versions of Bitcoin Core software? So I can scan all this file, cut it on chunks length of encrypted private key, and test it by this tool.

Maybe not a ready to use tool, but some low level libs.

[ABCbits]

If the wallet really encrypted, you won't able to find private key/master private key (xprv) on the raw file.
There are several wallet.dat format, but the one i know use PBKDF2 where PBKDF2 private key used to encrypt master private key & PBKDF2 private key is encrypted with user's password.

There are few tools to brute-force Bitcoin core (such as https://github.com/glv2/bruteforce-wallet), but i've no idea if it's works with broken/corrupt wallet.
Personally i'd recommend professional recovery services (such as https://walletrecoveryservices.com/) in this case.

[PC_M@niac]

If the wallet really encrypted, you won't able to find private key/master private key (xprv) on the raw file.
There are several wallet.dat format, but the one i know use PBKDF2 where PBKDF2 private key used to encrypt master private key & PBKDF2 private key is encrypted with user's password.

There are few tools to brute-force Bitcoin core (such as https://github.com/glv2/bruteforce-wallet), but i've no idea if it's works with broken/corrupt wallet.
Personally i'd recommend professional recovery services (such as https://walletrecoveryservices.com/) in this case.

It is not HD wallet. Addresses started with "1". Keys encrypted independently or in some big chunk? This PBKDF2 key stored in some fixed place? It is possible to find them manually?