Dear all,
in the past there have been affected users who lost their passwords to their wallet *.keys file, if you got the mnemoic seed you are fine -hopefully-, if not then you are truly scrued...
Please keep in mind and be advised, that cracking a wallet *.keys file is
ONLY legitimate if it is
YOUR wallet *.keys file, all other operations in that manner would be
ILLEGAL!!! This "how-to" is intended to safely get back
YOUR password to
YOUR wallet *.keys file.
Let me introduce you to
John-the-ripper, also known as
JtR, which is a password cracking tool intended for ethical -also called "white-hat"- hacking and penetration testing.
Official homepage with a mailing list for updates. Please read the documentation before you start working with JtR, hence i will take no responsibility if you brake your own system or another system and i will not be held liable for any other damage that may arise out of this tutorial.
https://www.openwall.com/Official mailing list for JtR users
https://www.openwall.com/lists/john-users/This "how-to" is largely based on the work of this kind user, who made a very good introduction into this topic, so this "how-to" is more or less just a quick summary of the great work! Please feel free to read all 5 sites built, i will serve you with the landing page of that topic
https://miloserdov.org/?p=4961In order to make use of the module that we need, we need the community driven branche of JtR, also called
JUMBO.
As you may notice, i will base this on UNIX system, to be more specific, on a Debian based distribution.
For UNIX users you will have to compile that for your own system, there are no real binaries for your system.
You need some libraries for compiling on your system
apt install build-essential libssl-dev yasm libgmp-dev libpcap-dev libnss3-dev libkrb5-dev pkg-config
Installing video drivers for NVIDIA on Linux
apt install -y ocl-icd-libopencl1 nvidia-driver nvidia-cuda-toolkit
If your CPU supports OpenCL, then install the following packages:
apt install firmware-misc-nonfree intel-opencl-icd
Get the source files, either by downloading the zip archive and unzipping the archive or by pulling the git.
wget https://github.com/openwall/john/archive/bleeding-jumbo.zip
unzip bleeding-jumbo.zip
Navigate into the source files
cd john-bleeding-jumbo/src/
Compile the source for your binaries
If all went without any errors, navigate into the binaries folder
Do a test, to see, if you have a running binary
The module that we are looking for, is called
Assuming that we work in the JtR JUMBO /run folder, the wallet *.keys file is in the home folder,
~/ is mandatory
Place the wallet *.keys in to your home folder. You need to work in the
../run folder in JtR JUMBO
Issue the command in down below, in order to turn the wallet.keys file into a hash file for JtR JUMBO to work on
./monero2john.py ~/wallet.keys > ~/monerowallet.hash
Find a offer in down below, tested, not checked if legitimate. Watch out, you need to
upload your wallet *.keys file in order to get the hash for JtR to work on.
USE AT YOUR OWN RISK! This is NOT a recommendation! -->
https://www.onlinehashcrack.com/tools-monero-hash-extractor.phpIn this example we know, that the password has 4 lower lever alpha characters, thank fully. JtR JUMBO can crack passwords without knowing how many and what characters the password has, but as you can imagine, the longer and more complex the password is, the more time and ressources are needed. In order be efficient, it is good to know, how many digits your password has.
./john is the command to run the binary
--mask is an option by which passwords are generated (lower case alpha only, upper case alpha only, numbers, specials and umlauts)
--min-length and
--max-length are parameters of how many characters your password has. Doesn't have to be exact, you can also define a range, but later more to that.
--progress gives you an output of the actual process, interval defined in seconds
--session is a name for the procedure you are running. If you have to stop the procedure you can resume to the session without losing the work your system has already done
/path/to/file in this example
~/monerowallet.hashLet's start and give it a try. Please be informed, that with this hash, JtR JUMBO will not stop when a password is found, due to the possibility of finding more than one password.
Issue the command for a known lower level alpha 4 character password
./john --mask=?l --min-length=4 --max-length=4 --progress=10 --session=monerowallet ~/monerowallet.hash
Note: This format may emit false positives, so it will keep trying even after finding a possible candidate.
Using default input encoding: UTF-8
Loaded 1 password hash (monero, monero Wallet [Pseudo-AES / ChaCha / Various 32/64])
Will run 12 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:10 0.06% (ETA: 19:13:03) 0g/s 27.82p/s 27.82c/s 27.82C/s idaa..hdaa
0g 0:00:00:20 0.12% (ETA: 19:18:40) 0g/s 27.68p/s 27.68c/s 27.68C/s pfaa..owaa
0g 0:00:00:30 0.18% (ETA: 19:24:33) 0g/s 27.53p/s 27.53c/s 27.53C/s wrea..slea
...
...
...
0g 0:04:30:20 97.20% (ETA: 19:26:42) 0g/s 27.38p/s 27.38c/s 27.38C/s bass..nass
pass (wallet.keys)
1g 0:04:30:30 97.26% (ETA: 19:26:43) 0.000061g/s 27.38p/s 27.38c/s 27.38C/s yyss..zyss
...
...
...
1g 0:04:38:00 DONE (2021-02-05 19:26) 0.000059g/s 27.39p/s 27.39c/s 27.39C/s wqqq..qqqq
Session completed.
Parallel to that, you can monitor the progress in the log file of JtR JUMBO
tail -f john.log
0:00:00:00 Starting a new session
0:00:00:00 Loaded a total of 1 password hash
0:00:00:00 Command line: ./john --mask=?l --min-length=4 --max-length=4 --progress-every=10 /home/user/monerowallet.hash
0:00:00:00 - UTF-8 input encoding enabled
0:00:00:00 - Passwords will be stored UTF-8 encoded in .pot file
0:00:00:00 - Hash type: monero, monero Wallet (min-len 0, max-len 41 [worst case UTF-8] to 125 [ASCII])
0:00:00:00 - Algorithm: Pseudo-AES / ChaCha / Various 32/64
0:00:00:00 - Will reject candidates longer than 4 bytes
0:00:00:00 Proceeding with mask mode
0:00:00:00 - Candidate passwords will be buffered and tried in chunks of 12
0:00:00:00 - No stacked rules
0:04:30:20 + Cracked wallet.keys
0:04:38:00 Session completed
Cracked passwords can also be shown with this command. This command can be issued any time in the process in another terminal output
./john --show ~/monerwallet.hash
wallet.keys:pass
1 password hash cracked, 0 left
The cracked passwords are also in the pot file from the JtR, find it always at the end after the
:cat john.pot
$monero$0*a45874325b336f22f48c0c093cae8a87645438ff27f587e2fad1c57a3b2c7ba2273a81578765468095fa96e8c17fa7b948eb243434793744b51b3c6c81b7a47909e2a69533e5c81edbef71bdf17d393e698fbd4bc76644fa9bc5f9b2248466847684686c00d6fe7b88db7422ff38e23b58765468465876546d2c54537d350a3f40201f0öyldfkg5sdf87g43dsfg19a74ea72151246f46fd374f05fc9a765e682be3d9f72fa24546c7004a105bf78b2bebdf4d4f259992cae90025cb1d59cd879e0138fc128feb115fde69041b04eed51a606da6bdd6eab0e7543a0708d6lyjdfg58fdgsd6f874sdfgs6d84df6gsd6f8dsfg04f40d91278e9f20c136e8967416e57684a9971d7ed5fd73564df9964c1919c421d3caab54684dsdfg5686dsfg3698dsfg326df98g5df6g85dsgfed931aa534bdc94268a503021c954355ea5dc2472760440520ce52abb17a879b154fcb8435f1ef7c6c54497f7f2cf0d53945e93fa05cec659e5385d25165eb47e327717eff7c5aefc4f9bc7090abc615ceb60cb25e2f9b241efe24f03d8d76491e1b2177ba073ecbbc51a2646fd6090f9$SOURCE_HASH$940018746546847a94ae17f5e1eb132f86:pass
As mentioned, we crakced a lower level 4 charater long alpha password only. If you for example do not remember the actual length of your password, you can also define a range of characters
./john --mask=?l --min-length=3 --max-length=5 --progress=10 --session=monerowallet ~/monerowallet.hash
You can also define the --mask option to try
ALL known ASCI II characters for your 4 character password
./john --mask=?A --min-length=4 --max-length=4 --progress=10 --session=monerowallet ~/monerowallet.hash
You can also define a range for the length of your password
./john --mask=?A --min-length=3 --max-length=5 --progress=10 --session=monerowallet ~/monerowallet.hash
As you can imagine, the length and complexity of your password is the biggest impact for cracking the password, the duration is bottle necked by the ressources you have, so go and rescue your password and get back a hold of your Monerujo
If you did find this "how-to" helpful and you managed to restore your password to your wallet *.keys file, consider a donation
88SuJgiZvsaFVSJ9BwwQsNAn8QzB6HxvW7mxS4iYC6cP4RcbP3DLBZPUZiR2mPF7emSpds6E2jhEVQfSXM1YPKvW2CRxrjk
If you need any further assistance beyond this "how-to", for example computing power, drop me a PN
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.10.8
Comment: https://openpgpjs.org
xjMEYDJt4xYJKwYBBAHaRw8BAQdATdxsb39AeQhjBI6JxwE9vtgrDg+al6Eg
Ac+4am1hh+7NN2xhbmRpbmdAcmVzdG9yZW15bW9uZXJvLmV1IDxsYW5kaW5n
QHJlc3RvcmVteW1vbmVyby5ldT7CjwQQFgoAIAUCYDJt4wYLCQcIAwIEFQgK
AgQWAgEAAhkBAhsDAh4BACEJEKv++VH2eu69FiEEClcJjtjIDll43Odqq/75
UfZ67r3N/AD5AKlIuq4W0E6CclC3vnztRNEW8h9t4Tdwn7yGKUQiurQBAJsZ
JfBe8hREKZF9Sb30thHlccSW6mwU6EydXVihsxcOzjgEYDJt4xIKKwYBBAGX
VQEFAQEHQGTlNFtEjSFddR17o0uOTXwWminTP+uuT0PrT2JmEZkOAwEIB8J4
BBgWCAAJBQJgMm3jAhsMACEJEKv++VH2eu69FiEEClcJjtjIDll43Odqq/75
UfZ67r2NnAEAvYa8Z1pY3Y/+VN0iqlZGy3668QboHItkJamyRaedJE0BAMKZ
vx1swADAi8s48xLSyNd9/+97wsCNR6WD/8VM5HMF
=NL/x
-----END PGP PUBLIC KEY BLOCK-----
