anonymousminer (OP)
Legendary
 Offline
Activity: 1456
Merit: 1242
|
 |
August 29, 2020, 04:31:38 PM |
|
The site has been live for a month now.....
|
|
|
|
|
anonymousminer (OP)
Legendary
Offline
Activity: 1456
Merit: 1242
|
|
November 01, 2020, 12:48:58 AM |
|
Over 3 Months.... nearly 27.5k
|
|
|
|
|
MoparMiningLLC
aka Stryfe
Legendary
 Online
Activity: 2254
Merit: 2409
EIN: 82-3893490
|
|
November 01, 2020, 01:27:30 AM |
|
no one is going to crack the passphrase for the one or the private key for the other - unless one of the workers has access but per Bobby all that data is deleted so that means no one is gonna get it.
|
|
|
|
|
daburone
|
|
November 01, 2020, 09:25:13 AM |
|
no one is going to crack the passphrase for the one or the private key for the other - unless one of the workers has access but per Bobby all that data is deleted so that means no one is gonna get it.
But how do we know that one of the workers doesn't have it? Just because they didn't take it today or tomorrow.... It just confirms that they haven't gone rogue yet. Nobody really knows. So far so good and let's hope it stays that way. But let's not put too much stock in these marketing gimmicks. And 2BTC? Seriously? A reward for ants? |
|
|
|
|
MoparMiningLLC
aka Stryfe
Legendary
Online
Activity: 2254
Merit: 2409
EIN: 82-3893490
|
|
November 01, 2020, 03:36:16 PM |
|
no one is going to crack the passphrase for the one or the private key for the other - unless one of the workers has access but per Bobby all that data is deleted so that means no one is gonna get it.
But how do we know that one of the workers doesn't have it? Just because they didn't take it today or tomorrow.... It just confirms that they haven't gone rogue yet. Nobody really knows. So far so good and let's hope it stays that way. But let's not put too much stock in these marketing gimmicks. And 2BTC? Seriously? A reward for ants? And for those with that concern there is the pro series - the real series are really just to get people started and should not be used as a permanent hodl location. I have heard Bobby say something similar. Also worth noting no one has made a claim that their funds have been taking - this is same risk as a casa or lealana coin or any of the other prefunded or items with the private key already in place. You have to have trust for the maker |
|
|
|
anonymousminer (OP)
Legendary
Offline
Activity: 1456
Merit: 1242
|
|
December 16, 2020, 02:29:15 PM |
|
Over 4.5 months and still going......
|
|
|
|
|
jl33213
Newbie
Offline
Activity: 9
Merit: 0
|
|
January 21, 2023, 08:46:08 AM |
|
i have found the confirmation code for the top one just dont know how to derive the bip38 passphrase from it with the privaye key. also i have scanned the qrs u posted and in app it lets me verify the wallet that u shared the passphrase on but it only works with the entropy of it if i try to vrify with whole passphrase it tells me its incorrect. can u follow up pls ty. could reallt use the btc rn have been trying hard as hell to crack both of these :/
|
|
|
|
|
MoparMiningLLC
aka Stryfe
Legendary
Online
Activity: 2254
Merit: 2409
EIN: 82-3893490
|
|
January 21, 2023, 04:33:58 PM |
|
i have found the confirmation code for the top one just dont know how to derive the bip38 passphrase from it with the privaye key. also i have scanned the qrs u posted and in app it lets me verify the wallet that u shared the passphrase on but it only works with the entropy of it if i try to vrify with whole passphrase it tells me its incorrect. can u follow up pls ty. could reallt use the btc rn have been trying hard as hell to crack both of these :/
based on the screen shot you sent me - you messed up part of the passphrase. I would like to know how you came across the intermediate code. |
|
|
|
jl33213
Newbie
Offline
Activity: 9
Merit: 0
|
|
January 21, 2023, 11:37:48 PM |
|
i sent u a email showing you where i tried the other passphrase u told me it was and it also didnt work. and i showed u how i got the intermediate code:)
|
|
|
|
|
MoparMiningLLC
aka Stryfe
Legendary
Online
Activity: 2254
Merit: 2409
EIN: 82-3893490
|
|
January 22, 2023, 12:46:03 AM |
|
i sent u a email showing you where i tried the other passphrase u told me it was and it also didnt work. and i showed u how i got the intermediate code:)
I saw and that makes sense - however you still not use it to get the key. |
|
|
|
jl33213
Newbie
Offline
Activity: 9
Merit: 0
|
|
January 22, 2023, 01:12:25 AM |
|
no one is going to crack the passphrase for the one or the private key for the other - unless one of the workers has access but per Bobby all that data is deleted so that means no one is gonna get it.
But how do we know that one of the workers doesn't have it? Just because they didn't take it today or tomorrow.... It just confirms that they haven't gone rogue yet. Nobody really knows. So far so good and let's hope it stays that way. But let's not put too much stock in these marketing gimmicks. And 2BTC? Seriously? A reward for ants? a reward for ants?? hell 1 btc would save my life rn lol :/ |
|
|
|
|
crewchill
Newbie
Offline
Activity: 5
Merit: 0
|
|
July 31, 2023, 02:35:34 PM |
|
import itertools
import sys
import string
import datetime
import scrypt
import threading
from binascii import unhexlify
from Crypto.Cipher import AES
from simplebitcoinfuncs import normalize_input, b58d, hexstrlify, dechex, privtopub, compress, pubtoaddress, b58e, multiplypriv
from simplebitcoinfuncs.ecmath import N
from simplebitcoinfuncs.hexhashes import hash256
def simple_aes_decrypt(msg, key):
assert len(msg) == 16
assert len(key) == 32
cipher = AES.new(key, AES.MODE_ECB)
msg = hexstrlify(cipher.decrypt(msg))
while msg[-2:] == '7b': # Can't use rstrip for multiple chars
msg = msg[:-2]
for i in range((32 - len(msg)) // 2):
msg = msg + '7b'
assert len(msg) == 32
return unhexlify(msg)
def bip38decrypt(password, encpriv, outputlotsequence=False):
password = normalize_input(password, False, True)
encpriv = b58d(encpriv)
assert len(encpriv) == 78
prefix = encpriv[:4]
assert prefix == '0142' or prefix == '0143'
flagbyte = encpriv[4:6]
if prefix == '0142':
salt = unhexlify(encpriv[6:14])
msg1 = unhexlify(encpriv[14:46])
msg2 = unhexlify(encpriv[46:])
scrypthash = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 64))
key = unhexlify(scrypthash[64:])
msg1 = hexstrlify(simple_aes_decrypt(msg1, key))
msg2 = hexstrlify(simple_aes_decrypt(msg2, key))
half1 = int(msg1, 16) ^ int(scrypthash[:32], 16)
half2 = int(msg2, 16) ^ int(scrypthash[32:64], 16)
priv = dechex(half1, 16) + dechex(half2, 16)
if int(priv, 16) == 0 or int(priv, 16) >= N:
if outputlotsequence:
return False, False, False
else:
return False
pub = privtopub(priv, False)
if flagbyte in COMPRESSION_FLAGBYTES:
privcompress = '01'
pub = compress(pub)
else:
privcompress = ''
address = pubtoaddress(pub, '00')
try:
addrhex = hexstrlify(address)
except:
addrhex = hexstrlify(bytearray(address, 'ascii'))
addresshash = hash256(addrhex)[:8]
if addresshash == encpriv[6:14]:
priv = b58e('80' + priv + privcompress)
if outputlotsequence:
return priv, False, False
else:
return priv
else:
if outputlotsequence:
return False, False, False
else:
return False
else:
owner_entropy = encpriv[14:30]
enchalf1half1 = encpriv[30:46]
enchalf2 = encpriv[46:]
if flagbyte in LOTSEQUENCE_FLAGBYTES:
lotsequence = owner_entropy[8:]
owner_salt = owner_entropy[:8]
else:
lotsequence = False
owner_salt = owner_entropy
salt = unhexlify(owner_salt)
prefactor = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 32))
if lotsequence is False:
passfactor = prefactor
else:
passfactor = hash256(prefactor + owner_entropy)
if int(passfactor, 16) == 0 or int(passfactor, 16) >= N:
if outputlotsequence:
return False, False, False
else:
return False
passpoint = privtopub(passfactor, True)
password = unhexlify(passpoint)
salt = unhexlify(encpriv[6:14] + owner_entropy)
encseedb = hexstrlify(scrypt.hash(password, salt, 1024, 1, 1, 64))
key = unhexlify(encseedb[64:])
tmp = hexstrlify(simple_aes_decrypt(unhexlify(enchalf2), key))
enchalf1half2_seedblastthird = int(tmp, 16) ^ int(encseedb[32:64], 16)
enchalf1half2_seedblastthird = dechex(enchalf1half2_seedblastthird, 16)
enchalf1half2 = enchalf1half2_seedblastthird[:16]
enchalf1 = enchalf1half1 + enchalf1half2
seedb = hexstrlify(simple_aes_decrypt(unhexlify(enchalf1), key))
seedb = int(seedb, 16) ^ int(encseedb[:32], 16)
seedb = dechex(seedb, 16) + enchalf1half2_seedblastthird[16:]
assert len(seedb) == 48 # I want to except for this and be alerted to it
try:
factorb = hash256(seedb)
assert int(factorb, 16) != 0
assert not int(factorb, 16) >= N
except:
if outputlotsequence:
return False, False, False
else:
return False
priv = multiplypriv(passfactor, factorb)
pub = privtopub(priv, False)
if flagbyte in COMPRESSION_FLAGBYTES:
privcompress = '01'
pub = compress(pub)
else:
privcompress = ''
address = pubtoaddress(pub, '00')
try:
addrhex = hexstrlify(address)
except:
addrhex = hexstrlify(bytearray(address, 'ascii'))
addresshash = hash256(addrhex)[:8]
if addresshash == encpriv[6:14]:
priv = b58e('80' + priv + privcompress)
if outputlotsequence:
if lotsequence is not False:
lotsequence = int(lotsequence, 16)
sequence = lotsequence % 4096
lot = (lotsequence - sequence) // 4096
return priv, lot, sequence
else:
return priv, False, False
else:
return priv
else:
if outputlotsequence:
return False, False, False
else:
return False
def testPassword(pwd):
try:
if bip38decrypt(pwd, encryptedSecret) != False:
pwdLenth = 22 + len(pwd)
print("\n\n" + "#" * pwdLenth + "\n## PASSWORD FOUND: {pwd} ##\n".format(pwd=pwd) + "#" * pwdLenth + "\n")
global flag
flag = 1
except:
pass
finally:
td.release()
if __name__ == '__main__':
COMPRESSION_FLAGBYTES = ['20', '24', '28', '2c', '30', '34', '38', '3c', 'e0', 'e8', 'f0', 'f8']
LOTSEQUENCE_FLAGBYTES = ['04', '0c', '14', '1c', '24', '2c', '34', '3c']
encryptedSecret = "6PnQmAyBky9ZXJyZBv9QSGRUXkKh9HfnVsZWPn4YtcwoKy5vufUgfA3Ld7"
threadNum = 32
pwdCharacters = string.ascii_uppercase + string.digits
maxCombination = 20
maxLength = 23
positions = [4, 9, 14, 19]
td = threading.BoundedSemaphore(int(threadNum))
threadlist = []
print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
num = 0
flag = 0
for pwd in itertools.product(pwdCharacters, repeat=maxCombination):
if flag == 1:
break
password = "".join(pwd)
if len(password) <= int(maxLength):
formatted_pwd = list(password)
for pos in positions:
formatted_pwd.insert(pos, '-')
formatted_pwd = ''.join(formatted_pwd)
num += 1
msg = 'Test Password {num} , {password}'.format(num=num, password=formatted_pwd)
sys.stdout.write('\r' + msg)
sys.stdout.flush()
td.acquire()
t = threading.Thread(target=testPassword, args=(formatted_pwd,))
t.start()
threadlist.append(t)
for x in threadlist:
x.join()
print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')) if you're interested in finding the password for challenge #1, I'll leave a simple code here.this code will search for 36^20 combinations sequentially. good luck. |
|
|
|
|
Steeley
Sr. Member
Offline
Activity: 1191
Merit: 270
Byzantine Generals' Problem solved,Prosperity Next
|
|
July 31, 2023, 04:24:20 PM |
|
Saying this for the first time. I have always thought Ballet is the best, easiest wallet to use and I give them to beginners because of this. However, I never mention this because of the fud I see anytime Ballet comes up (not here, but on other public places like Reddit, etc.). This hack challenge is a great idea and will give some concrete verification to the security when it comes up in the future.
|
Beware of scammers. I will never discuss the sale of Collectibles on Telegram or any other messaging client outside the forum.
|
|
|
rsincognito
Copper Member
Full Member
Offline
Activity: 630
Merit: 113
|
|
August 02, 2023, 06:53:50 PM |
|
Agree, im a big fan of Ballet, I hand them out loaded to my employees all the time , when a newbie holds a loaded ballet wallet during a bull run it creates and instant orange pill lol
|
|
|
|
|
nomachine
Member
Offline
Activity: 476
Merit: 35
|
|
August 07, 2023, 07:40:16 AM
Last edit: August 09, 2023, 03:35:02 PM by nomachine |
|
import itertools
import sys
import string
import datetime
import scrypt
import threading
from binascii import unhexlify
from Crypto.Cipher import AES
from simplebitcoinfuncs import normalize_input, b58d, hexstrlify, dechex, privtopub, compress, pubtoaddress, b58e, multiplypriv
from simplebitcoinfuncs.ecmath import N
from simplebitcoinfuncs.hexhashes import hash256
def simple_aes_decrypt(msg, key):
assert len(msg) == 16
assert len(key) == 32
cipher = AES.new(key, AES.MODE_ECB)
msg = hexstrlify(cipher.decrypt(msg))
while msg[-2:] == '7b': # Can't use rstrip for multiple chars
msg = msg[:-2]
for i in range((32 - len(msg)) // 2):
msg = msg + '7b'
assert len(msg) == 32
return unhexlify(msg)
def bip38decrypt(password, encpriv, outputlotsequence=False):
password = normalize_input(password, False, True)
encpriv = b58d(encpriv)
assert len(encpriv) == 78
prefix = encpriv[:4]
assert prefix == '0142' or prefix == '0143'
flagbyte = encpriv[4:6]
if prefix == '0142':
salt = unhexlify(encpriv[6:14])
msg1 = unhexlify(encpriv[14:46])
msg2 = unhexlify(encpriv[46:])
scrypthash = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 64))
key = unhexlify(scrypthash[64:])
msg1 = hexstrlify(simple_aes_decrypt(msg1, key))
msg2 = hexstrlify(simple_aes_decrypt(msg2, key))
half1 = int(msg1, 16) ^ int(scrypthash[:32], 16)
half2 = int(msg2, 16) ^ int(scrypthash[32:64], 16)
priv = dechex(half1, 16) + dechex(half2, 16)
if int(priv, 16) == 0 or int(priv, 16) >= N:
if outputlotsequence:
return False, False, False
else:
return False
pub = privtopub(priv, False)
if flagbyte in COMPRESSION_FLAGBYTES:
privcompress = '01'
pub = compress(pub)
else:
privcompress = ''
address = pubtoaddress(pub, '00')
try:
addrhex = hexstrlify(address)
except:
addrhex = hexstrlify(bytearray(address, 'ascii'))
addresshash = hash256(addrhex)[:8]
if addresshash == encpriv[6:14]:
priv = b58e('80' + priv + privcompress)
if outputlotsequence:
return priv, False, False
else:
return priv
else:
if outputlotsequence:
return False, False, False
else:
return False
else:
owner_entropy = encpriv[14:30]
enchalf1half1 = encpriv[30:46]
enchalf2 = encpriv[46:]
if flagbyte in LOTSEQUENCE_FLAGBYTES:
lotsequence = owner_entropy[8:]
owner_salt = owner_entropy[:8]
else:
lotsequence = False
owner_salt = owner_entropy
salt = unhexlify(owner_salt)
prefactor = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 32))
if lotsequence is False:
passfactor = prefactor
else:
passfactor = hash256(prefactor + owner_entropy)
if int(passfactor, 16) == 0 or int(passfactor, 16) >= N:
if outputlotsequence:
return False, False, False
else:
return False
passpoint = privtopub(passfactor, True)
password = unhexlify(passpoint)
salt = unhexlify(encpriv[6:14] + owner_entropy)
encseedb = hexstrlify(scrypt.hash(password, salt, 1024, 1, 1, 64))
key = unhexlify(encseedb[64:])
tmp = hexstrlify(simple_aes_decrypt(unhexlify(enchalf2), key))
enchalf1half2_seedblastthird = int(tmp, 16) ^ int(encseedb[32:64], 16)
enchalf1half2_seedblastthird = dechex(enchalf1half2_seedblastthird, 16)
enchalf1half2 = enchalf1half2_seedblastthird[:16]
enchalf1 = enchalf1half1 + enchalf1half2
seedb = hexstrlify(simple_aes_decrypt(unhexlify(enchalf1), key))
seedb = int(seedb, 16) ^ int(encseedb[:32], 16)
seedb = dechex(seedb, 16) + enchalf1half2_seedblastthird[16:]
assert len(seedb) == 48 # I want to except for this and be alerted to it
try:
factorb = hash256(seedb)
assert int(factorb, 16) != 0
assert not int(factorb, 16) >= N
except:
if outputlotsequence:
return False, False, False
else:
return False
priv = multiplypriv(passfactor, factorb)
pub = privtopub(priv, False)
if flagbyte in COMPRESSION_FLAGBYTES:
privcompress = '01'
pub = compress(pub)
else:
privcompress = ''
address = pubtoaddress(pub, '00')
try:
addrhex = hexstrlify(address)
except:
addrhex = hexstrlify(bytearray(address, 'ascii'))
addresshash = hash256(addrhex)[:8]
if addresshash == encpriv[6:14]:
priv = b58e('80' + priv + privcompress)
if outputlotsequence:
if lotsequence is not False:
lotsequence = int(lotsequence, 16)
sequence = lotsequence % 4096
lot = (lotsequence - sequence) // 4096
return priv, lot, sequence
else:
return priv, False, False
else:
return priv
else:
if outputlotsequence:
return False, False, False
else:
return False
def testPassword(pwd):
try:
if bip38decrypt(pwd, encryptedSecret) != False:
pwdLenth = 22 + len(pwd)
print("\n\n" + "#" * pwdLenth + "\n## PASSWORD FOUND: {pwd} ##\n".format(pwd=pwd) + "#" * pwdLenth + "\n")
global flag
flag = 1
except:
pass
finally:
td.release()
if __name__ == '__main__':
COMPRESSION_FLAGBYTES = ['20', '24', '28', '2c', '30', '34', '38', '3c', 'e0', 'e8', 'f0', 'f8']
LOTSEQUENCE_FLAGBYTES = ['04', '0c', '14', '1c', '24', '2c', '34', '3c']
encryptedSecret = "6PnQmAyBky9ZXJyZBv9QSGRUXkKh9HfnVsZWPn4YtcwoKy5vufUgfA3Ld7"
threadNum = 32
pwdCharacters = string.ascii_uppercase + string.digits
maxCombination = 20
maxLength = 23
positions = [4, 9, 14, 19]
td = threading.BoundedSemaphore(int(threadNum))
threadlist = []
print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
num = 0
flag = 0
for pwd in itertools.product(pwdCharacters, repeat=maxCombination):
if flag == 1:
break
password = "".join(pwd)
if len(password) <= int(maxLength):
formatted_pwd = list(password)
for pos in positions:
formatted_pwd.insert(pos, '-')
formatted_pwd = ''.join(formatted_pwd)
num += 1
msg = 'Test Password {num} , {password}'.format(num=num, password=formatted_pwd)
sys.stdout.write('\r' + msg)
sys.stdout.flush()
td.acquire()
t = threading.Thread(target=testPassword, args=(formatted_pwd,))
t.start()
threadlist.append(t)
for x in threadlist:
x.join()
print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')) if you're interested in finding the password for challenge #1, I'll leave a simple code here.this code will search for 36^20 combinations sequentially. good luck. pybip38 has not been updated over 8 years. You can speed up this script calculations by about 10 times by adding gmpy2. |
bc1qdwnxr7s08xwelpjy3cc52rrxg63xsmagv50fa8
|
|
|
anonymousminer (OP)
Legendary
Offline
Activity: 1456
Merit: 1242
|
|
August 09, 2023, 01:27:25 PM |
|
be VERY careful... newbies posting code.... or anyone for that matter.... could be malicious.... i would not use it, but if you do... do it at your own risk.
STILL LIVE AFTER 3+ YEARS!! Just about $60k as i type this....
Good luck!
|
|
|
|
|
nomachine
Member
Offline
Activity: 476
Merit: 35
|
|
August 09, 2023, 03:21:47 PM |
|
To give you some perspective, with current technology, brute forcing a 20-character password with a mix of upper case letters, numbers, could take an incredibly long time, likely beyond the lifetime of the universe. No luck there at all.  |
bc1qdwnxr7s08xwelpjy3cc52rrxg63xsmagv50fa8
|
|
|
krogothmanhattan
Cypher Hodl LLC
Legendary
Offline
Activity: 2702
Merit: 3490
The Stone the masons rejected was the cornerstone.
|
|
August 09, 2023, 08:14:35 PM |
|
To give you some perspective, with current technology, brute forcing a 20-character password with a mix of upper case letters, numbers, could take an incredibly long time, likely beyond the lifetime of the universe. No luck there at all. SO true it is indeed quite impossible to crack. I placed this stamp online in 2017 with an exposed public and private keys! The private addy is BIP38 encrypted and the password must be over 100 characters as I just randomly punched the keyboard. It was loaded with 0.02BTC and still is...nobody has every swept it!  |
|
|
|
|
Drawesome
|
|
September 29, 2023, 08:58:07 AM |
|
So we all agree that this isn't any puzzle or real challenge, but marketing. It's fun though, and I agree that these Ballet Wallets are a nice way to introduce a BTC paper money solution that's easy for people to use. A third party must be trusted, but I trust Bobby doesn't want to go to jail, and the system generating 2 entropies in different places is a fair enough security measure. Just for fun, I'll share some calculations (let me know if I missed something): About the first wallet (the second one is just as difficult as guessing any random wallet and makes no sense to be considered a game challenge at all): He gives us for free the "-" characters, so we just need to guess 20 characters (uppercase and numbers) so we have 36^20 possible outcomes. In decimal, it is: 13367494538843734067838845976576 (1.34 * 10^31). The nearest power of 2 is: 2^103 = 10141204801825835211973625643008 ("low" compared to the 2^256 of the second wallet) Let's compute how many guesses per second we need to crack this wallet for sure in 10 years: total_possibilities = 36**20
time_in_years = 10
time_in_seconds = time_in_years * 365 * 24 * 60 * 60
guesses_per_second = total_possibilities / time_in_seconds
print(f'Guesses per second needed: {guesses_per_second}')
Guesses per second needed: 4.2388047117084395e+22 Instead, to crack it on average within 10 years, we just divide by 2: 2.1194023558542198e+22 guesses per second. I think Bobby can sleep well. SO true it is indeed quite impossible to crack. I placed this stamp online in 2017 with an exposed public and private keys! The private addy is BIP38 encrypted and the password must be over 100 characters as I just randomly punched the keyboard. It was loaded with 0.02BTC and still is...nobody has every swept it! In your case, the entropy from a human randomly punching keys might be easier to crack. I believe some methods could assist in guessing pseudo-random human keyboard punching, although 100 characters are quite a lot, haha. You can sleep well too! |
|
|
|
|
|
Gatorelf
|
|
September 29, 2023, 12:42:35 PM |
|
I believe you would need access to an AI infused Quantum computer running 24/7
|
|
|
|
|
|
