0.1 BTC prize - Find Electrum pass by knowing both unecrypted+encrypted wallet?

[seoincorporation]

I already find the password, i will message it to you right now, feel free to send the BTC to the bitcoin addy i have in my profile. As proof i will leave the screenshot here:

You may have determined the encryption key, but that's not proof.

Sorry guys, i didn't understand the mechanic but since i could add the wallet with only the seed and 'bitcoin' password i think for a moment i found the right password, maybe a screenshot isn't proof enough, but i will post the private keys from the addies we see on the Unencrypted test wallet : https://pastebin.com/yemmF3Te

Code:

lies and more lies

Since i got access to those private keys i assume i got access to the wallet, maybe the method i used was wrong or i get confused, sorry to waste your time guys.

Why do you continue lying? Those are not the private keys for those addresses. Some of them aren't even valid private keys (the first one, for example).

I don't understand why do you hate me so much, but if you want to try the keys feel free to use a service like https://brainwalletx.github.io/

Get Address From: Private Key
Point Conversion: Compressed

And then post the private key to verify them as you can see in the next image:



So, hope you can remove the negative trust, I'm not lying when I say I got access to those addys, I already apologize and as I say before, I didn't get the price because my answer was wrong, so, I don't understand why all this hate from your side. But i don't deserve a negative trust since I don't scam anyone and I'm talking with the truth.

[seoincorporation]

...
Since i got access to those private keys i assume i got access to the wallet, maybe the method i used was wrong or i get confused, sorry to waste your time guys.

You have access to the private keys because you were given the seed.

Since you update the post i will reply again, i don't want to spam this thread, i just want to recovery my neutral trust. i'm not a scammer odolvlobo and you are making a mistake here, i say it again, my answer was wrong and i didn't get the price, i make the mistake when i think the password was bitcoin because as you say i already have seed.

I was thinking we need the seed and the password to get access to those keys, and when i try with bitcoin password it worked, but maybe it does because was the password Electrum asked to configure the wallet. Then when i get access to those private keys i think for a moment i solve the puzzle and i posted here.

But cmon odolvlobo, it was just a try, i recognize my mistake, but i'm not a bad guy, i'm not here trying to scam, i'm the kind of guys who like to help others on the community and even sometimes i like to make giveaways to attract more people in the spanish community as you can see on the next post:

https://bitcointalk.org/index.php?topic=5104776.0
https://bitcointalk.org/index.php?topic=5083430.0
https://bitcointalk.org/index.php?topic=5126071.0
https://bitcointalk.org/index.php?topic=5117693.0

Hope you can forgive my mistake.

[HCP]

I was thinking we need the seed and the password to get access to those keys, and when i try with bitcoin password it worked, but maybe it does because was the password Electrum asked to configure the wallet. Then when i get access to those private keys i think for a moment i solve the puzzle and i posted here.

Electrum doesn't use the password to generate keys... it only uses the seed mnemonic. The wallet file password is only used to encrypt the data stored in the wallet file. You can setup a wallet without a password using that same seed and it will generate the same addresses/keys.

In any case, it seems you have missed the point of the OP. They were looking for a reliable method to be able to use an unencrypted Electrum wallet to determine the password of an encrypted version of that same Electrum wallet file. They were not simply asking you to "guess" or bruteforce the password for the wallet that they linked.

And it would appear that odolvlobo has taken pity on you and removed their feedback.

[marko10921]

To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

[HCP]

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

I thought that was made fairly clear by the first reply in this thread... and then the subsequent follow up from achow

Note that they are specifically talking about the AES-256 encryption used by Electrum... other encryptions may be susceptible to "known plaintext attacks".

[keychainX]

To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

Well, theoretically its possible if you could store the decryption process in an ARM processor. There are ways to decrypt the AES key with tools such as the chipwhisperer, using methods like power consumption detection.

I was just attending the Blackhat Las Vegas forum last week where we did this hands on with python scripts. You can do this both for AES-128 and AES-256. The tool I'm talking about is this: https://newae.com/tools/chipwhisperer/

I'm not going to argue wheather its possible with your specific case, but wanted to throw in my 5 cents on technologies out there which are available and theoretically could prove what you are trying to solve.

/KX

[PrimeNumber7]

To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

Well, theoretically its possible if you could store the decryption process in an ARM processor. There are ways to decrypt the AES key with tools such as the chipwhisperer, using methods like power consumption detection.

What you describing might allow someone to determine the private key being used to decrypt something when an attacker has physical access to the computer.

It is not possible to look at a decrypted and encrypted version of a file and determine the decryption key.

[keychainX]

To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

Well, theoretically its possible if you could store the decryption process in an ARM processor. There are ways to decrypt the AES key with tools such as the chipwhisperer, using methods like power consumption detection.

What you describing might allow someone to determine the private key being used to decrypt something when an attacker has physical access to the computer.

It is not possible to look at a decrypted and encrypted version of a file and determine the decryption key.

Thats why I wrote IF you can store the decryption process in a ARM processor, which is whats "having physical access" would simulate.

/KX

[Stedsm]

To this day no one replied to me with the password for the test encryption.

Apparently it is not possible to reverse a given encryption to it's known unecrypted state and find the password in the process.

How can someone even bruteforce it when you've already claimed it to be a very heavy password with at least 19 chars having everything from alphabets to numbers to symbols and even non alphabetical characters!

Why don't you try Dave's service as directed by LoyceV? We're literally not capable of getting your password to you because if it'd be so easy to get one, it'd be called a defect as well as defeat to the properties of cryptography and show that even this genre can't be trusted in terms of keeping our data/digital money safe. We don't have quantum computing technologies with us, else that prize would have been distributed till now.

Thanks to OP for this thread actually because this thing has made one thing clear to me (I was too confused about), that when you've got your seed phrase with you but you forget your password, it means that you've lost your chance on seeing your BTC again until you remember it or just get the privkeys if ever stored anywhere out of the wallet.

[HCP]

Thanks to OP for this thread actually because this thing has made one thing clear to me (I was too confused about), that when you've got your seed phrase with you but you forget your password, it means that you've lost your chance on seeing your BTC again until you remember it or just get the privkeys if ever stored anywhere out of the wallet.

What? Are you referring to the BIP39 passphrase? or the wallet password?

If you're talking about the BIP39 passphrase, then yes... the seed mnemonic alone is not enough... you need mnemonic+passphrase to be able to recover your wallet. If you're talking about the wallet password, that is completely irrevelant, as you can simply restore your wallet from the seed mnemonic and put whatever new wallet password that you want.

[bartekjagoda]

If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?

[AdolfinWolf]

If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?

If he could do it he would've already done it and ran with the "Large amount of money" that is supposedly stored on the wallet.

alas, he can't do it.

[marko10921]

If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?

If he could do it he would've already done it and ran with the "Large amount of money" that is supposedly stored on the wallet.

alas, he can't do it.

Guys calm down, im waiting rockyou.txt

Edit : seed is already avaible in unencrpyted wallet, i mean no need to money transfer etc, its just password challange.

Edit2 : i tried opencl with 7 gpu bruteforce ; 1024 iteration sha512 decrypt not efficient even if opencl. Also password not in the rockyou.txt list.

I've made a random password similar to something like this: KdR.72.G@$.1eeFug.1@#s!
Just something random that you will never find in any password lists or anything, so don't even try to find it, you'll just lose your time, the whole point was to find someone capable of retrieving the password from the encrypted and decrypted file, not to bruteforce it cause it was pointless.

Again as outlined earlier by other bt members "known plaintext attacks" are not possible

I have looked at the amount again and it's laughing at me back with an evil smile, and I can never access it. I guess it's the power of encryption and the universe.

I am thinking of bruteforcing it more and more, probably the length of the password is not that high, who knows, but I don't have the tools or computers required for the job, might be a dead end eventually.


LATER EDIT: THE PASSWORD TO THE PUZZLE WAS: AFS.ss4.19doEE1!wt1

One can easily verify, but since no one posted it or messaged it to me, I find this lead a dead end. I will go the bruteforce way

[keychainX]

If your goal is detect password and if u accept bruteforce method yes ; i can proof it.

Then why don't you post it here so everyone knows you are not just talking?

If he could do it he would've already done it and ran with the "Large amount of money" that is supposedly stored on the wallet.

alas, he can't do it.

Guys calm down, im waiting rockyou.txt

Edit : seed is already avaible in unencrpyted wallet, i mean no need to money transfer etc, its just password challange.

Edit2 : i tried opencl with 7 gpu bruteforce ; 1024 iteration sha512 decrypt not efficient even if opencl. Also password not in the rockyou.txt list.

I've made a random password similar to something like this: KdR.72.G@$.1eeFug.1@#s!
Just something random that you will never find in any password lists or anything, so don't even try to find it, you'll just lose your time, the whole point was to find someone capable of retrieving the password from the encrypted and decrypted file, not to bruteforce it cause it was pointless.

Again as outlined earlier by other bt members "known plaintext attacks" are not possible

I have looked at the amount again and it's laughing at me back with an evil smile, and I can never access it. I guess it's the power of encryption and the universe.

I am thinking of bruteforcing it more and more, probably the length of the password is not that high, who knows, but I don't have the tools or computers required for the job, might be a dead end eventually.


LATER EDIT: THE PASSWORD TO THE PUZZLE WAS: AFS.ss4.19doEE1!wt1

One can easily verify, but since no one posted it or messaged it to me, I find this lead a dead end. I will go the bruteforce way

You cannot, If the password is anything close to 10+ characters you will not make it in lifetine with todays speed of computers.

/KX