Brute force BTCrecovery only use a char once how to ?

[Noobcoin1337]

Hi guys,

I've read https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md many times but can't seem to rap my head around it. I've look into it Expanding Wildcards.

Could someone with more experience advice me.

It there away to brute force using one character/digit upper/lower only once. like once you use it don't anymore to generate a password.

if i write + ^%1,6in 

is there a way to exclude  AAAAA BBBB CCCC !!!!  etc... it would help decrease the password list size by alot

and also is there away to make generate password that have only the char once in it like : Qwerty  once you use Q don't use it again in any generation

thank you for your future advice


 

[1715575872]

1715575872

[1715575872]

1715575872

[1715575872]

1715575872

[1715575872]

1715575872

[1715575872]

1715575872

[1715575872]

1715575872

[PawGo]

Maybe:
https://btcrecover.readthedocs.io/en/latest/tokenlist_file/

I think if you define letter as a token, it would be the answer.

Code:

A
B
C
...

[Noobcoin1337]

Maybe:
https://btcrecover.readthedocs.io/en/latest/tokenlist_file/

I think if you define letter as a token, it would be the answer.

Code:

A
B
C
...

The problem with that is if i write it that way it would create me a list of password like A B C etc...

say the password is Qwerty

We would be losing a lot of time on trials like :  A -AB - AbCd etc...
Would there be then away to say start with at least 5 or 6 characters/digits/upper/lower ?

I've tried playing around with Contracting Wildcards and Max Typos by Type but was unsuccessful.

Guess what i'm looking for is a kind of limiter on a wildcard.

something like generate a wild card of say 5-9 characters without repeating a letter/digit/upper/lower more then once.
it's losing a lot time with unnecessary trials .

[PawGo]

Maybe combination of:
https://bitcointalk.org/index.php?topic=5161461.msg51702894#msg51702894
and
https://github.com/gurnec/btcrecover/issues/137
?

[nc50lc]

-snip-
Guess what i'm looking for is a kind of limiter on a wildcard.

You can use --min-tokens 5 --max-tokens 6 plus PawGo's suggestion above to limit the tokens to 5 to 6 and since each characters are tokens, it wont reuse them.
But it will still try ABCDE, ABCDEF.... UVWXYZ; besides that's what bruteforcing using random charcters is all about if you have no idea about the possible characters.
Otherwise, exclude the character(s) from the token list.

Token Counts: github.com/3rdIteration/btcrecover/blob/master/docs/tokenlist_file

[o_e_l_e_o]

nc50lc is right. There is no easy way to do this using btcrecover. You will need to create a token list with every character on its own line, and then limit the length using --min-tokens and --max-tokens. If you only want a letter to be considered once, regardless of if it is upper or lower case, then typed both characters on the same line. So for example:

Code:

A a
B b
C c
...
Y y
Z z
0
1
2
3
4
5
6
7
8
9

If you also want to include symbols, then you will need to also include a new line for each and every symbol you want to use. The easiest way to do this would be to use the following as many times as needed, replacing x with the symbol in question:

Code:

%[x]

[Noobcoin1337]

Thanks guys, that helps. I was reading your post over and over and then i remember i did a keyboard pattern without typing the same key twice (maybe i hit shift for the first and a letter or digit for the first two characters) i did manage to find and old note with the last 5 characters + digits and i believe there is like like a 16 or 17 characters passwords

hence i would be looking at a map file for this pattern, pattern.txt + the last 5 characters digits

but can someone walk me through this ? i get the concept of wildcard and btcrecover-tokens-auto.txt

but pattern.txt is new to me. Do i create another file pattern.txt ? Do i have to write the pattern myself or can it be auto generated ?

like "With this map file, and the following token, all combinations which follow this pattern between 4 and 6 characters long would be tried: %a%3,5;pattern.txt;b "

i get the %a the %3,5;  but  "  ;pattern.txt;b " do i put that also in btcrecover-tokens-auto.txt

like i'm not sure where i should write this and how to proceed

[Noobcoin1337]

Thanks guys,

i've manage to get the code running for the test i'll paste it below but it will be too long to brute force it like in years, so i'll have to go the pattern method " %a%3,5;pattern.txt;b "

here is the code for testing only one letter upper / lower only once with the min and max that you put in the cmd console

this goes into btcrecover-tokens-auto.txt

Code:

A a
B b
C c
D d
E e
F f
G g
H h
I i
J j
K k
L l
M m
N n
O o
P p
Q q
R r
S s
T t
U u
V v
W w
X x
Y y
Z z
0
1
2
3
4
5
6
7
8
9

and this goes into cmd terminal

Code:

btcrecover.py --min-tokens 12 --max-tokens 12

can someone explain me the pattern.txt and how to make it work please ?

i get the %a the %3,5;  but  "  ;pattern.txt;b " do i put that also in btcrecover-tokens-auto.txt

like i'm not sure where i should write this and how to proceed

hey look at me my first time that i've posted with code   i'm starting to understand how this works   thanks guys.


Edit: 
still don't know how the pattern.txt;b works
BUT !!!! i'm sooooooo proud of me i wanted to share with you guys

manage to get a dictionary yourock.txt to give it a try  (by George i'm not that stupid <3, see mom !!!! see dad !!! I'M NOT RETARDED !!! lol)

Code:

btcrecover.py --wallet wallet.dat --enable-gpu --passwordlist rockyou.txt

and make sure the rockyou.txt is in the same folder as btcrecover-tokens-auto.txt

man i'm so happy, probably will not work but understanding is part of the fun.

thanks again guys 

[HCP]

i've manage to get the code running for the test i'll paste it below but it will be too long to brute force it like in years, so i'll have to go the pattern method " %a%3,5;pattern.txt;b "
...
can someone explain me the pattern.txt and how to make it work please ?

i get the %a the %3,5;  but  "  ;pattern.txt;b " do i put that also in btcrecover-tokens-auto.txt

like i'm not sure where i should write this and how to proceed

You need to create a pattern.txt file that maps how the keyboard "walking" goes. In the example provided, they say that the typist only moves up-right, or down-right (note that this is not the only pattern that can be defined)... which results in a pattern.txt that looks like this:

Code:

q 2a
a wz
z s
2 w
w 3s
...

Starting from "q" the only keys (up-right or down-right) on a standard qwerty keyboard are "2" or "a" (red arrows below)... from "a" you have "w" or "z" (blue arrows)... from "z" you only have "s" (orange arrow) etc.

Hopefully this pic explains that a little more clearly:



so given:

Code:

%a%3,5;pattern.txt;b

What it is doing is selecting "a single ASCII lowercase letter"... the %a... this is then followed by selecting an additional 3-5 characters ( the %3,5)... which are defined by following the instructions in ";pattern.txt;"

The "b" at the end is the backreference, which instructs the program to place the characters derived from pattern.txt into the (%3,5) part.

So, if the program starts with "a" as the first "%a" character, it would then look in the pattern.txt and find that "a" is followed by "w" or "z"... so:

Code:

aw..
az..

"w" is followed by "3" or "s"... "z" is followed by "s"... so that leads to:

Code:

aw3.
aws.
azs.

"3" can be followed by "e"... "s" can be followed by "e" or "x":

Code:

aw3e
awse
awsx
azse
azsx
....

And that is how it will start to build up the list of possible passwords. Hopefully that makes things a little bit clearer as to how the keyboard walking works.



In any case, you need to create the pattern.txt file to match the pattern that you think you may have used when creating your password.

[Noobcoin1337]

[/quote]
And that is how it will start to build up the list of possible passwords. Hopefully that makes things a little bit clearer as to how the keyboard walking works.
[/quote]

ok that make way more sense. and could add the pattern the 5 digits/characters that i know ended the password.
that is so cool can't wait to finish the dictionary brute force (i know i can stop it but out of curiosity i want to see it it finds anything- it won't but meh just for fun.)

anyways the wallet has only 0.00000275BTC (not even sure if it covers the price of a coffee cup at McDonalds at today bitcoin price value).
But it's the learning and trying that is fun 

I'll give it a try a report later see how it goes.
Thank you so much for the explanation makes way more sense the way you say it.

Makes me wounder if someone has posted a walking pattern.txt keyboard dictionary like you know a dictionary of keyboard most common patterns. hum... i'll google that. 

[HCP]

Makes me wounder if someone has posted a walking pattern.txt keyboard dictionary like you know a dictionary of keyboard most common patterns. hum... i'll google that. 

Honestly not sure there is such a thing as a dictionary of "common patterns"... I had never really even considered it until I started digging into the keyboard walking while reading this thread. Although, given human nature, it would not surprise me in the least that someone has thought of things like this:
- Characters in a single keyboard row
- Characters in a single keyboard row, backwards
- Alternating characters from 2 rows
- Alternating characters from 2 rows, backwards
etc etc.

I'm just not sure anyone will have actually created/published these maps. Do let us know if you find anything!

[nc50lc]

anyways the wallet has only 0.00000275BTC (not even sure if it covers the price of a coffee cup at McDonalds at today bitcoin price value).
But it's the learning and trying that is fun 

If it's just for experience and test, I'd recommend you to use a wallet with known weak password instead
so that you can easily confirm that your commands work without waiting for hours in each try.

Just create a new wallet file in Bitcoin Core, set a weak password and get its wallet.dat file from the folder with the same wallet name in the wallets folder in bitcoin data directory.
Then in BTCRecover, just assume that you don't know some of the characters in the password and try to bruteforce it using the available methods.

[HCP]

If it's just for experience and test, I'd recommend you to use a wallet with known weak password instead

+1 on this advice... it'll help provide confidence that your setup is working as intended.

I would also recommend trying the --listpass option that just generates a list of password candidates. This way you can quickly double check to see that it is actually constructing password candidates in the format you expect it to.

[o_e_l_e_o]

Trying just the 12 random letters or numbers tokensfile you have given above gives 36!/24! possibilities. Even if you could check 10,000,000 possibilities a second, you are looking at 1,900 years to exhaust the search space. There is no point trying that, let alone adding a walking pattern on top of it, especially not for 275 sats.

Fun to experiment with, sure, but don't burn out your hardware trying to crack this.

If it's just for experience and test, I'd recommend you to use a wallet with known weak password instead

Yeah, this is unnecessary. Just use --listpass as HCP has said to either print attempts in the terminal window or save them to a text file.

[Noobcoin1337]

anyways the wallet has only 0.00000275BTC (not even sure if it covers the price of a coffee cup at McDonalds at today bitcoin price value).
But it's the learning and trying that is fun  

If it's just for experience and test, I'd recommend you to use a wallet with known weak password instead
so that you can easily confirm that your commands work without waiting for hours in each try.

Just create a new wallet file in Bitcoin Core, set a weak password and get its wallet.dat file from the folder with the same wallet name in the wallets folder in bitcoin data directory.
Then in BTCRecover, just assume that you don't know some of the characters in the password and try to bruteforce it using the available methods.

I would and that is what a sane person would do.
But then i wouldn't get the joyful pleasure of smashing my head against the wall and crying in the corner that my method didn't manage to break the code.
And that i'm a complete failure and i should be ashamed of myself.  
Where would be the fun in that ?
Aaaaaand also it prevents me from having a bias by having the solution and hence leading more toward it.
Plus it makes it a little harder and closer to real life application concept and it is 275 sats after all !!  

so i did a small test today didn't manage to break it but it was fun to it work

pattern.txt

Code:

p lo
l o
o ki
k i
i ju
j u
u hy
h y
y gt
g t
t fr
f r
r de
d e
e sw
s w
w aq
a q

and then in btcrecover-tokens.auto.txt

Code:

+ %ia%8,9;pattern.txt;b

you can also add

Code:

+ in 

below to + %ia%8,9;pattern.txt;b to make it search for a single digit, lower or uppercase letter
like you can mix and match stuff, it's so fun to play around with it

didn't manage to find a dictionary of pattern yet, i'll go make some coffee.
this is fun

[HCP]

I would and that is what a sane person would do.
But then i wouldn't get the joyful pleasure of smashing my head against the wall and crying in the corner that my method didn't manage to break the code.
And that i'm a complete failure and i should be ashamed of myself. 
Where would be the fun in that ?
Aaaaaand also it prevents me from having a bias by having the solution and hence leading more toward it.
Plus it makes it a little harder and closer to real life application concept and it is 275 sats after all !! 

I mean, if you really want... I could create a wallet with a password that is unknown to you for you to practice on... hell, I could even create a few with varying levels of difficulty so you can try out different tokens and/or btcrecover functionality (typo's etc.)

didn't manage to find a dictionary of pattern yet, i'll go make some coffee.
this is fun

Mate... as long as you have coffee and you're having fun, then enjoy!