btcrecover token.txt file

[olzeH!]

So I have a wallet.dat file from a family member that has passed away. I am trying to unlock the wallet. But since they have passed away I cant really put in any tokens because I have zero idea what the password to the wallet would be. like literally at all. what would anyone recommend me putting into the file for tokens, for the best possible outcome??

Thanks for yall's time.

[1714645769]

1714645769

[1714645769]

1714645769

[1714645769]

1714645769

[1714645769]

1714645769

[1714645769]

1714645769

[BitMaxz]

That would be a long journey before you can get the right password.

Check this post below you might get some idea on how to build your own token list.

- https://bitcointalk.org/index.php?topic=5161461

And check this video guide on building your own token list or how to use the token file
- https://www.youtube.com/watch?v=MKd4I5fMoNE


Adding this
If you fail to recover the wallet password, you can use a well-known service to recover it.

Here's the link
- https://walletrecoveryservices.com

Their old official thread here
- https://bitcointalk.org/index.php?topic=240779.0

[olzeH!]

Yes I just read through it all and have tried a few times. there are too many combinations. it tells me its reached its max time. Of 168 hours. What would you recommend?

[o_e_l_e_o]

what would anyone recommend me putting into the file for tokens, for the best possible outcome??

I wouldn't. I would recommend trying to find the seed phrase for the wallet instead. With absolutely nothing to go on, your chances of brute-forcing the wallet password are slim unless he used an incredibly basic password.

If you want to go ahead with the tokens file, I would initially use something like this:

Code:

%1,6P

This will search every combination of letters, numbers, symbols, and special characters between 1 and 6 characters in length. If that doesn't work, then you can change to:

Code:

%7P

To search 7 character passwords, and so on. Bear in mind that this is a huge number of possibilities even for such a short password length.

[olzeH!]

Even only having that simple token in, it max's out the run time, before its able to actually run the attack. what would you reccomend?

Any other software for not knowing any password combination at all?

[HCP]

Any other software for not knowing any password combination at all?

Yes, you can try using hashcat: https://hashcat.net/hashcat/

You can extract the "hash" that hashcat uses to test password guesses by using the JohnTheRipper script "Bitcoin2John.py": https://github.com/openwall/john/blob/bleeding-jumbo/run/bitcoin2john.py

And then you can try "mask" attacks (or maybe even wordlists): https://hashcat.net/wiki/doku.php?id=mask_attack


This (rather enthusiastic) youtube tutorial explains the basics fairly well and should be a good starting point: https://www.youtube.com/watch?v=d1Y6TPGzVn0


Note: If you don't have a fairly decent GPU (ideally a highend GTX 10,20 or 30 series, ie. 1080, 2080, 3080 etc), attempting to bruteforce the password is going to be incredibly slow regardless of what program you attempt to use.

An option is to use the "hash" generated by Bitcoin2John.py and getting someone else to attempt to crack it for you using their system (with powerful GPU(s))... Note that they can't get your coins from just the hash, all they can do is find the correct wallet password.

So, NEVER give the wallet.dat to anyone... only give the extracted hash!

[nc50lc]

Even only having that simple token in, it max's out the run time, before its able to actually run the attack. what would you reccomend?

You need to have a very huge RAM in order to preload all of the combinations,
with that "simple" all-characters/symbols 7-character password token, a 32GB RAM wont still be enough (increasing page file would help).
Anyways, bruteforce without any clue of the password is a total waste of time, recovery services wont even accept it if you'll say that you don't have a clue on the password.

Just look for notes and papers that may contain the password for his wallet.dat, Bitcoin core doesn't have a recovery phrase BTW.

[o_e_l_e_o]

Even only having that simple token in, it max's out the run time, before its able to actually run the attack. what would you reccomend?

Try adding the options --no-eta and --no-dupchecks to your command line entry. It should just start attacking the wallet without calculating the run time. You can also change the token file to only check passwords of 1 character, then 2 characters, then 3 characters, and so on, rather than running a range in one go.

As I said above though, this is a near impossible task.

[bob123]

Unfortunately the only way for this to succeed is indeed if he has used an extremely weak password.

You'd probably be better off searching for the mnemonic code or even the password somewhere around the desk/computer/etc.
Most people actually still write down passwords, and he most likely has written down the mnemonic code.

I mean, there definitely speaks nothing against trying out all combinations up to a 6 or 7 char password. But anything beyond that is practically not possible (yet).

[olzeH!]

So I ended up going with hashcat. I ran bitcoin2john with my wallet file. I got the string of has that begins with $bitcoin$ when I put it in my hash.txt file and try to run the following:

hashcat -a 3 -m 11300 hash.txt ?!?!?!?!?!?!?!?!?!?! --force

I get:

Hashfile 'hash.txt' on line 1 ($bitco...$10cb87989a39ef71$60692$2$00$2$0): Token length exception
No hashes loaded.


Now i'm unsure what's wrong with it. there are no spaces in the hash, no extra lines. I even rand the bitcoin2john again and got the same ash and did it again, and I constantly get the same error. 

[NotATether]

So I ended up going with hashcat. I ran bitcoin2john with my wallet file. I got the string of has that begins with $bitcoin$ when I put it in my hash.txt file and try to run the following:

hashcat -a 3 -m 11300 hash.txt ?!?!?!?!?!?!?!?!?!?! --force

I get:

Hashfile 'hash.txt' on line 1 ($bitco...$10cb87989a39ef71$60692$2$00$2$0): Token length exception
No hashes loaded.


Now i'm unsure what's wrong with it. there are no spaces in the hash, no extra lines. I even rand the bitcoin2john again and got the same ash and did it again, and I constantly get the same error. 

Your hash is not valid, it should look like this:

$bitco...$10cb87989a39ef71$60692$2$00$2$00

You're missing a zero at the end.

[sirstevie6]

Hi

If you are using brute force methods e.g
 Hashcat or John The Ripper than sadly you could be there for many centuries.
If you are sending someone your wallet.dat
For analysis them you have to trust them
100 percent, it's a tough one.
If it helps I have been running password recovery
Services for over 20 years as a hobby, overall
My success rate is 90+ percent, however when
It comes to wallet.dat files my success rate drops
To around 20 percent.
I would try brute force with everything going up to
6 or 7 characters using a powerful pc with
Decent GPU, if this does not yield the password
Then is be happy to try and help, but no
Guarantees.
Thanks
Stephen

[NotATether]

If you are using brute force methods e.g
 Hashcat or John The Ripper than sadly you could be there for many centuries.
...
I would try brute force with everything going up to
6 or 7 characters using a powerful pc with
Decent GPU

Are you basically offering to brute force this character combo for OP while admitting that this isn't feasible?

When I was running bitcoin hashes on a Tesla T4, the largest I could do in a reasonable amount of days is 5 characters. Unless you have something like one of those 4x RTX 3000/2000 servers or a Nvidia DGX A100 you're going to experience similar results as me.

[sirstevie6]

Hi
Ii have access to a lots of crunch power
in the shape of a huge amount of GPU rigs, but
As I mentioned my success rate with wallet.dat files
Is around 1 in 5.
Hope this helps.
Thanks

[bob123]

Whatever you do, don't answer to scammer like this one:

~snip~

There are tons of stupid people here around posting such nonsense trying to steal BTC.
Don't listen to them and don't answer them.

Whatever you do, do not run any commands you don't understand without asking others here in this forum.

[Black_Pawn]

A lot has been said so far but here's my two cents on what you could try.


1. Try to access any of his other passwords. Laptop, PC, paper trail. Try to find physical evidence. See if the same passwords were used on multiple platforms.

2. Is there anyone closer to him than you? Can you ask them if the password was shared? What was their fav thing? Any children? DOB's? Loved places...

3. Forget about brute forcing unless you are convinced that the password is only a few chars long.

4. Don't trust people offering you any recovery service. Unless they are group of verifiable scientists - there might be a few willing to try and help.

5. Learn if the wallet has actually anything of value in it. Check bank statements for deposits to exchanges. He might have bought some coins and transferred them for safe keeping. If you can access an exchange on his behalf you can find the receiving/withdraw  address and check if it has any unspent funds.


Good luck!

BP

[NotATether]

1. Try to access any of his other passwords. Laptop, PC, paper trail. Try to find physical evidence. See if the same passwords were used on multiple platforms.

2. Is there anyone closer to him than you? Can you ask them if the password was shared? What was their fav thing? Any children? DOB's? Loved places...

Don't forget to try simple passwords like "123456", that was how I was able to access a relative's laptop. You'll be surprised to hear how many people are using these for their OS login since password managers don't work that far.

[nc50lc]

Open Wallet in Bitcoin Core and look at the transaction history to get an idea of when wallet was created.
If it was created more recently then I can tell you that without any hints you will never solve.
-snip-

Is there any difference if the wallet was created long ago?
Because based from the context, it sounds like newer wallets are harder to crack compared to old ones.

[nc50lc]

Is there any difference if the wallet was created long ago?
Because based from the context, it sounds like newer wallets are harder to crack compared to old ones.

Years ago people used very simple passwords, usually kids names with birth year or something stupid like that or password123.
As the years went on and the Hackers kept stealing people started making more complex passwords with special characters.

So wallets created in 2013 that have not been touched most likely have more general passwords like in the Rockyou list.

Actually, I expected more but you have a point. So the reason is not technical then.

@OP / Others, In case you're looking for help, I strongly suggest you to follow the second post instead; and please ignore any PMs offering "services" or "help".

[BASE16]

Hello please also see https://weakpass.com/