20% - 30 bitcoins is a lot of money to just give away.
Fair enough... but another way to look at it is that at the moment, you effectively have
0 bitcoins... which is better 0
BTC or 120
BTC?
When I try to start this, nothing happens.
How to run a hashcat on a processor?
Ok, so what do you mean by "nothing happens"?
To run hashcat, you need:
1. The password hash generated by the "bitcoin2john.py" script
2. Some idea of what your password is
hashcat.exe -m 11300 -a 3 <$bitcoin_hash_goes_here> <password mask goes here>
For example you can test using the
example hash from here that has the password 'hashcat':
hashcat.exe -m 11300 -a 3 $bitcoin$96$d011a1b6a8d675b7a36d0cd2efaca32a9f8dc1d57d6d01a58399ea04e703e8bbb44899039326f7a00f171a7bbc854a54$16$1563277210780230$158555$96$628835426818227243334570448571536352510740823233055715845322741625407685873076027233865346542174$66$625882875480513751851333441623702852811440775888122046360561760525 hash?l?l?l
== bitcoin wallet.dat format
-a 3 == bruteforce attack mode (word lists probably are not of use to you if you think you have a good idea of what your password actually is)
hash?l?l?l == password mask of text 'hash'+lowercase letter+lowercase letter+lowercase letter
That command should "quickly" find that the password is: hashcat
$bitcoin$96$d011a1b6a8d675b7a36d0cd2efaca32a9f8dc1d57d6d01a58399ea04e703e8bbb44899039326f7a00f171a7bbc854a54$16$1563277210780230$158555$96$628835426818227243334570448571536352510740823233055715845322741625407685873076027233865346542174$66$625882875480513751851333441623702852811440775888122046360561760525:hashcat
Session..........: hashcat
Status...........: Cracked
Hash.Name........: Bitcoin/Litecoin wallet.dat
Hash.Target......: $bitcoin$96$d011a1b6a8d675b7a36d0cd2efaca32a9f8dc1d...760525
Time.Started.....: Tue May 05 11:02:14 2020 (4 secs)
Time.Estimated...: Tue May 05 11:02:18 2020 (0 secs)
Guess.Mask.......: hash?l?l?l [7]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........: 4581 H/s (1.43ms) @ Accel:4 Loops:64 Thr:1024 Vec:1
Recovered........: 1/1 (100.00%) Digests
Progress.........: 17576/17576 (100.00%)
Rejected.........: 0/17576 (0.00%)
Restore.Point....: 0/17576 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:158528-158554
Candidates.#1....: hashana -> hashqxq
Hardware.Mon.#1..: Temp: 51c Fan: 28% Util: 94% Core:1860MHz Mem:4513MHz Bus:16
Started: Tue May 05 11:02:07 2020
Stopped: Tue May 05 11:02:20 2020
Your issue will be defining the 'mask'... you need to know how many characters in your password, and the characters used... ie. lower case, uppercase, numbers, symbols etc, then you can build a mask using the following table:
- [ Built-in Charsets ] -
? | Charset
===+=========
l | abcdefghijklmnopqrstuvwxyz
u | ABCDEFGHIJKLMNOPQRSTUVWXYZ
d | 0123456789
h | 0123456789abcdef
H | 0123456789ABCDEF
s | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
a | ?l?u?d?s
b | 0x00 - 0xff
So, say you think your password is 8 chars long, and uses a mix of lower, UPPER, numbers and symbols... you would use: ?a?a?a?a?a?a?a?a
If you are 100% of the characters at a position, ie. you
know 100% the password starts with WOW, you could use: WOW?a?a?a?a?a
or if you know it has 2 numbers on the end: ?a?a?a?a?a?a?d?d
Obviously, the more specific you can be with your mask, the smaller the keyspace that needs to be searched and the less time it will take to find.
Refer here for more info regarding mask attack:
https://hashcat.net/wiki/doku.php?id=mask_attackNOTE: if you find you are getting "Token Length Exception" errors when trying to run hashcat, try using the BETA version from here:
https://hashcat.net/beta/
