Written down password doesn't unlock wallet.dat, how to setup typo brute-force

[AvacadoAvoider]

I have a wallet.dat created in August 2017 with Bitcoin Core. The public key starts with "1K" and is 34 characters long.
When setting up the wallet, I have written down the password on a paper, but it doesn't unlock the wallet anymore.
I'm 100% sure that no one has changed the password.
It's likely that I have somehow mistyped the password when initially setting it up, maybe typed a wrong letter somewhere, maybe added/removed extra space or punctuation somewhere between the words, maybe changed "they are" to "they're" and such, and maybe added a few known words at the very end of it which I didn't write down on the paper.
My password is a long sentence, about 100 characters long.

I'm no stranger to command line, Linux, programming, python, pip, etc. but I have never used any password cracking tools and the speed with which my own python script was trying the passwords was very slow.
I heard that you can somehow do this on GPU with hashcat or some other program, which is supposed to be a lot faster than doing it on CPU?
Is there a guide on how to GPU brute-force a bitcoin wallet?
Also, is it possible to give it just my long sentence password and tell it to derive the actual passwords for it to try by creating typos and adding a set of pre-defined strings to it at the end, so that I wouldn't have to provide it with a list of all possible passwords I want it to try?
I could write a python script that generates a list of all possible passwords, but I'm afraid I will miss some of possible typos and the list will be incomplete, I'd rather rely on some more time-proven typo-implanting algorithm than on my own.

[1713550037]

1713550037

[1713550037]

1713550037

[1713550037]

1713550037

[1713550037]

1713550037

[bob123]

My password is a long sentence, about 100 characters long.

Wow.. this definitely is overkill..

If you are using lower case letters only, a password with the length of 20 is already more than secure enough.
If you add special characters to it (which you have in your password), you get the same level of security with 16 chars (note that this is calculated without numbers in the password; only lower case letter and special characters).

100 chars is way too long, this just makes it more error-prone. Effectively, it doesn't protect your private keys 'more'.
You should rather focus more on the security of the computer / network instead of a password which is insanely long.

[AvacadoAvoider]

btcrecover looks just what I was looking for, thanks!

I'm starting to regret having picked a 115-character long password.
I get over 330,000,000,000 possible passwords with just 3 typos and several variations of a few words, all words being in a strict order.
That alone will take 1.3 years to run on my laptop's GTX 1070, assuming I can get 8kP/s out of it - haven't tried yet.
I know I could speed it up by building a rig with multiple GPUs, getting to 30kP/s with 3 overclocked 1080TIs, but given how it's not guaranteed that I will find the password at all, it's not worth for me to spend a lot of money on a btcrecover rig.
Also, I just got a new laptop two years ago. If my computer was many years old and due for an upgrade, I'd probably bite the bullet, as buying one extra graphics card would be just a small % of a new PC build cost.

I will try with 2 typos first, that gives about 650,000,000 passwords, which I should be able to check under a day, again, assuming I can get 8kP/s out of HP Omen's GTX 1070.

[DaCryptoRaccoon]

btcrecover looks just what I was looking for, thanks!

I'm starting to regret having picked a 115-character long password.
I get over 330,000,000,000 possible passwords with just 3 typos and several variations of a few words, all words being in a strict order.
That alone will take 1.3 years to run on my laptop's GTX 1070, assuming I can get 8kP/s out of it - haven't tried yet.
I know I could speed it up by building a rig with multiple GPUs, getting to 30kP/s with 3 overclocked 1080TIs, but given how it's not guaranteed that I will find the password at all, it's not worth for me to spend a lot of money on a btcrecover rig.
Also, I just got a new laptop two years ago. If my computer was many years old and due for an upgrade, I'd probably bite the bullet, as buying one extra graphics card would be just a small % of a new PC build cost.

I will try with 2 typos first, that gives about 650,000,000 passwords, which I should be able to check under a day, again, assuming I can get 8kP/s out of HP Omen's GTX 1070.

Your laptop will burn out before your crack it i'm guessing.
Best try do any cracking like this on a desktop or something a bit more beefy than laptop.

I don't fancy the chances you will recover something 115-characters long that is quite the amount of entropy.

[AvacadoAvoider]

Will be trying different --global-ws and --local-ws arguments. Going to play with it on Monday.
Don't understand why btcrecover doesn't have a utility that would find the best --global-ws and --local-ws for you, given how easy it is to just try different ones, but how time consuming it is to do so manually.

Running laptop GPU 24/7 is indeed not the best idea.
Luckily with just 2 typos it should be done within about a day.
I will try 4-5 different 2-typo variations first in hope that my password is not that different from what I have written down on the paper, should be finished with them under a week, which is a lot faster than running 3-typo variation for 1.3 years, which is the last resort.

I don't fancy the chances you will recover something 115-characters long that is quite the amount of entropy.

It's not a random password, it's a sentence, a piece of a well-known text.
If anything, it should be easy to crack the password as you could dictionary-attack it easily, if I didn't mess it up.
It being so long, however, means that

Code:

--typos-swap --typos-repeat --typos-delete --typos-closecase --typos-map typos\us-with-shifts-map.txt

produces so much more password variations I need to try than if it was shorter.

[DaCryptoRaccoon]

Good Luck. 
I hope you recover your wallet.   

[AvacadoAvoider]

Wow, getting btcrecover to work on Windows was a struggle.

I can get around 6.4 kP/s at most with a ~103,000 sha512 iteration password.
However, that renders the laptop unusable, so I have settled on around 5.2 kP/s.
This allows me to browse the web comfortably, watch 1080p@60 youtube videos, etc.
Although 5.2 kP/s is lot less than the expected 8 kP/s, I can live with it.
Trying various variations of the token file with 2 typos will take a few days longer, which is not a big deal.
3 typos variations were out of reach either way, even if I got the expected password checking speed.

[AvacadoAvoider]

So, I have ran btcrecover today and found the password in 3 hours!
The

Code:

--typos-delete

option helped a lot, as it turns out I had a hard to press key on the keyboard I used back then, so it didn't register the 2 times it occurred in the password.
I got lucky that this happened only 2 times, it's unlikely I'd run btcrecover with more than 2 typos.

[HCP]

Good to hear you had a positive outcome. I often wonder why people choose such long passwords? Is it because you get a feeling of increased security?

As it would appear that it really is a case of diminishing returns in terms of "security" vs. increased risk to "safety" after you exceed 20 or so characters. The chances of mis-typing something in a 115 character password is "quite high" compared to a shorter and arguably just as "brute-force proof" password