Bounty 10000$ Who can help me recall password!

[walletrecovery]

Are you sure "ca" should be excluded: only Ca?

- Yes, I'm sure. All "ca" passwords must be rename as "Ca"

Thanks!

Let start checking with your special dictionary now!

I will post here Hashcat log data results:

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$*****************************************
Time.Started.....: Tue Mar 29 23:14:23 2022 (2 hours, 48 mins)
Time.Estimated...: Wed Mar 30 02:03:21 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (f:\hashcat\wallet\weakpass_3a_Ca_walletrecovery.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:     1862 H/s (0.19ms) @ Accel:1024 Loops:16 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 18872859/18872859 (100.00%)
Rejected.........: 0/18872859 (0.00%)
Restore.Point....: 18872859/18872859 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: CaZZy2206 -> Caя┐╜я┐╜vamos
Hardware.Mon.#1..: Temp: 41c Fan: 45% Util: 67% Core:1199MHz Mem:6794MHz Bus:16

Let's try other dictionaries, these passwords are not suitable.

"LoyceV" - Can you create another dictionary from this list? https://weakpass.com/wordlist

[LoyceV]

"LoyceV" - Can you create another dictionary from this list? https://weakpass.com/wordlist

Which one? How about you create a list of all the .torrent files you want me to download. My Seedbox expires in a few days, so don't wait too long as I don't want to download those huge files elsewhere.
Update: I'm currently extracting the 153 GB I've downloaded already. I'm (ab)using all CPU cores, but the Seedbox is still quite empty so I hope they won't kick me off. I'll post the links when done.

Currently extracting:

Code:

cyclone.hashesorg.hashkiller.combined.txt.7z
dicassassin.7z
dictionary_private.dic.7z
hashesorg2019.gz
Hashes.org.7z
HashesOrg.gz
hashkiller-dict.txt.7z
rockyou2021.7z
weakpass_1.gz
weakpass_2a.gz
weakpass_2.gz
weakpass_3.7z
weakpass_3p.7z
xsukax-Wordlist-All.7z

Update
See: http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/ for the files.

There's a total of 99,601,845 passwords in there. I've added allinone.txt: it doesn't include duplicates and is reduced to 41,399,595 passwords.

[walletrecovery]

Update: I'm currently extracting the 153 GB I've downloaded already. I'm (ab)using all CPU cores, but the Seedbox is still quite empty so I hope they won't kick me off. I'll post the links when done.

ThankYou! LoyceV
Doesn't "Google drive" provide space for free?
I've decided to reward you with 50 BitcoinHD (BHD) just for helping me, tell me your wallet address.
https://github.com/btchd/btchd/releases

If successful our password story, I will transfer you additionally $10,000 (USDT TRC-20)

[LoyceV]

Doesn't "Google drive" provide space for free?

I think it's 15 GB, that's no use

I've decided to reward you with 50 BitcoinHD (BHD) just for helping me, tell me your wallet address.

I have no idea what that is, and I don't have any use for it. I also don't install unknown software. If you can convert it to a low fee common altcoin or BTC-LN I'll accept it.

If successful our password story, I will transfer you additionally $10,000 (USDT TRC-20)

This is Bitcointalk

I've updated my previous post (sorting the data took long). See allinone.txt, that has all data.

If you want to try more:

create a list of all the .torrent files you want me to download.

[walletrecovery]

I have no idea what that is, and I don't have any use for it. I also don't install unknown software. If you can convert it to a low fee common altcoin or BTC-LN I'll accept it.

The transfer of any coins from the exchange is very expensive, a very large commission.
I offered BitcoinHD coins or I also have Litecoin Cash (they are stored on QT wallets).
Of course, these are probably shitty coins, but I believe that they will rise in value.

Dictionary cache built:
* Filename..: f:\hashcat\wallet\allinone.txt
* Passwords.: 41399595
* Bytes.....: 524143144
* Keyspace..: 41399592
* Runtime...: 3 secs

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$*******************************************
Time.Started.....: Thu Mar 31 10:54:16 2022 (3 hours, 56 mins)
Time.Estimated...: Thu Mar 31 14:50:47 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (f:\hashcat\wallet\allinone.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:     2917 H/s (0.25ms) @ Accel:256 Loops:16 Thr:256 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 41399592/41399592 (100.00%)
Rejected.........: 0/41399592 (0.00%)
Restore.Point....: 41399592/41399592 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: CaZZy06 -> Caш╝ЭчЯ│
Hardware.Mon.#1..: Temp: 60c Fan: 62% Util: 73% Core:1886MHz Mem:6794MHz Bus:16

Let's try other dictionaries, these passwords are not suitable.

"LoyceV" - Can you create another dictionary from this list? https://weakpass.com/wordlist

[seoincorporation]

I think it would be better if you generate the password list, that way you can verify all the possible passwords.

A great tool that I recommend is Crunch:

Code:

:~$ crunch 5 5 ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz -t Ca@@@
Crunch will now generate the following amount of data: 1429968 bytes
1 MB
0 GB
0 TB
0 PB
Crunch will now generate the following number of lines: 238328 

As example with that command, we can generate al the combinations for the 5 Chars password including Caps and Numbers.

If we want to generate a dictionary for 6 chars then we should use:

 

Code:

:~$ crunch 6 6 ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz -t Ca@@@@

I hope this helps:

https://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/

[LoyceV]

"LoyceV" - Can you create another dictionary from this list? https://weakpass.com/wordlist

Which one? Give me the Torrent links you want, there are far too many files there for me to check all of them.

Code:

:~$ crunch 6 6 ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz -t Ca@@@@

Nice one! I made them in different lengths:
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/5.txt
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/6.txt
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/7.txt (still uploading, I can't install crunch on this server)
http://le6-1-93ghostman.pulsedmedia.com/public-loyceclu/8.txt (476 GB, I'm creating the file on one server and saving it to this location. At the rate it's going it'll take at least half a day to complete. Chances are something will break before it's done) Update: After 235 GB, it exceeded it's disk quota. This server will be wiped in 5 days.

[walletrecovery]

I think it would be better if you generate the password list, that way you can verify all the possible passwords.

...
I don’t know the password and I don’t have a list, I only know that the first 2 letters are “Ca”
and I don’t even know if this is one word or several identical words or is it a phrase written without space characters and so on.
So my hope is that someone stole this password from some server or somewhere else since 2015 when the wallet was encrypted in early March.

When trying to encrypt a wallet for the first time, you may see a recommendation on the screen that
the password must be 10 characters long or a few words long.

Therefore, we cannot hope and use the brute force method, there are no such resources on the planet yet,
but we can hope that the password was once stolen and a match will be found.

[walletrecovery]

"LoyceV" - Can you create another dictionary from this list? https://weakpass.com/wordlist[/quote]
Which one? Give me the Torrent links you want, there are far too many files there for me to check all of them.

...
Also I try HASH attack by MASK
for example: Ca******
as can you see all 8 symbols passwords we check (BruteForce) and no results...

Let's go to finding all passwords, contains 10 and 10+ symbols please...

Please use any archiver
ARJ
ZIP
7zip
and servers for temporary and free files storage.

[PawGo]

2.-We read all the files and send all the passwords that start with 'Ca' to a new file:

Code:

cat *.txt | grep '^Ca*' >> my_dic.txt

Shouldn't it be:

Code:

 grep '^Ca.*$'

?
Your regex in grep returned all lines starting with "C", second character was not limited to 'a'.

I have prepared 4 files for you: 2 based on openwall, 1 from rocktastic12a and 1 from weakpass3w:
https://easyupload.io/ognas8

[LoyceV]

Shouldn't it be:

Code:

 grep '^Ca.*$'

I used this:

Code:

grep "^Ca"

[PawGo]

I think it would be better if you generate the password list, that way you can verify all the possible passwords.

A great tool that I recommend is Crunch:

As example with that command, we can generate al the combinations for the 5 Chars password including Caps and Numbers.

OK, but why?
As he is using hashcat, he may use masks which do the same inside program.
He may also configure mixed mode, where each word from the list could be internally modified, something may be appended etc. And honestly speaking I think he should use this, as relying on pure words list could be not enough.

The only advantage of using crunch I see, is that having precalculated passwords you may externally control the work done, otherwise you must rely on checkpoints saved by hashcat.,

[walletrecovery]

I have prepared 4 files for you: 2 based on openwall, 1 from rocktastic12a and 1 from weakpass3w:
https://easyupload.io/ognas8
[/quote]

That's great, you're in the $10,000 race too...

Dictionary cache built:
* Filename..: f:\hashcat\wallet\Ca\Ca1openwall.txt
* Passwords.: 1697
* Bytes.....: 17001
* Keyspace..: 1697
* Runtime...: 0 secs

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$****************************************
Time.Started.....: Fri Apr 01 12:43:11 2022 (2 mins, 10 secs)
Time.Estimated...: Fri Apr 01 12:45:21 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (f:\hashcat\wallet\Ca\Ca1openwall.txt)
Guess.Queue......: 1/4 (25.00%)
Speed.#1.........:       13 H/s (0.34ms) @ Accel:1024 Loops:32 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 1697/1697 (100.00%)
Rejected.........: 0/1697 (0.00%)
Restore.Point....: 1697/1697 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: Cayce -> Cazzie
Hardware.Mon.#1..: Temp: 43c Fan: 46% Util: 74% Core:1199MHz Mem:6794MHz Bus:16

Dictionary cache built:
* Filename..: f:\hashcat\wallet\Ca\Ca2openwall.txt
* Passwords.: 3754
* Bytes.....: 41038
* Keyspace..: 3754
* Runtime...: 0 secs

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$*******************************************
Time.Started.....: Fri Apr 01 12:45:21 2022 (2 mins, 41 secs)
Time.Estimated...: Fri Apr 01 12:48:02 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (f:\hashcat\wallet\Ca\Ca2openwall.txt)
Guess.Queue......: 2/4 (50.00%)
Speed.#1.........:       23 H/s (0.17ms) @ Accel:1024 Loops:16 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 3754/3754 (100.00%)
Rejected.........: 0/3754 (0.00%)
Restore.Point....: 3754/3754 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: Causeries du Lundi -> Cazzie
Hardware.Mon.#1..: Temp: 41c Fan: 46% Util: 63% Core:1199MHz Mem:6794MHz Bus:16

Dictionary cache built:
* Filename..: f:\hashcat\wallet\Ca\Ca3Rocktastic12a.txt
* Passwords.: 4236653
* Bytes.....: 51778356
* Keyspace..: 4236653
* Runtime...: 1 sec

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$**************************************
Time.Started.....: Fri Apr 01 12:48:03 2022 (45 mins, 32 secs)
Time.Estimated...: Fri Apr 01 13:33:35 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (f:\hashcat\wallet\Ca\Ca3Rocktastic12a.txt)
Guess.Queue......: 3/4 (75.00%)
Speed.#1.........:     1551 H/s (0.16ms) @ Accel:1024 Loops:16 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 4236653/4236653 (100.00%)
Rejected.........: 0/4236653 (0.00%)
Restore.Point....: 4236653/4236653 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: Cazzyy@3 -> Cardiff2025!
Hardware.Mon.#1..: Temp: 41c Fan: 45% Util: 62% Core:1199MHz Mem:6794MHz Bus:16

Dictionary cache built:
* Filename..: f:\hashcat\wallet\Ca\Ca4weakpass3w.txt
* Passwords.: 1227107
* Bytes.....: 14385707
* Keyspace..: 1227107
* Runtime...: 0 secs

Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 11300 (Bitcoin/Litecoin wallet.dat)
Hash.Target......: $bitcoin$64$***************************************
Time.Started.....: Fri Apr 01 13:33:35 2022 (13 mins, 34 secs)
Time.Estimated...: Fri Apr 01 13:47:09 2022 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (f:\hashcat\wallet\Ca\Ca4weakpass3w.txt)
Guess.Queue......: 4/4 (100.00%)
Speed.#1.........:     1507 H/s (0.17ms) @ Accel:1024 Loops:16 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 1227107/1227107 (100.00%)
Rejected.........: 0/1227107 (0.00%)
Restore.Point....: 1227107/1227107 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1
Candidate.Engine.: Device Generator
Candidates.#1....: Cazzones -> Cazzzzoduro1000
Hardware.Mon.#1..: Temp: 42c Fan: 46% Util: 60% Core:1199MHz Mem:6794MHz Bus:16


Let's go to finding all passwords, contains 10 and 10+ symbols please...

Please use any archiver
ARJ
ZIP
7zip
and servers for temporary and free files storage.

[seoincorporation]

...
Let's go to finding all passwords, contains 10 and 10+ symbols please...
...

10 chars passwords are huge for brute force, I try with crunch without symbols and we are talking about a 2 PB file:

Code:

bitcoin@forum:~$ crunch 10 10 ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz -t Ca@@@@@@@@
Crunch will now generate the following amount of data: 2401741161433856 bytes
2290478860 MB
2236795 GB
2184 TB
2 PB
Crunch will now generate the following number of lines: 218340105584896 

Another good option could be to run crunch direct in the cracking command with HashCat. That way you generate the passwords at the moment without loading them from a huge file.

This article explains how to do that:

https://saketupadhyay.medium.com/pipe-brute-force-attack-via-password-generator-2dcaab91e88e

[walletrecovery]

10 chars passwords are huge for brute force, I try with crunch without symbols and we are talking about a 2 PB file:

Thanks for your research. Indeed, we do not deal with the brute force method for guessing a password.
We know the first 2 letters are "Ca" and therefore we extract all passwords with a length of 10 or more characters from dictionaries already available on the network.

For example password is: Ca******** = 10 characters and more... Only by such a template you need to extract passwords from dictionaries.

Let's try other dictionaries, these passwords are not suitable.

"LoyceV" & "PawGo" - Can you create another dictionary from this list? https://weakpass.com/wordlist

[PawGo]

I think you have enough passwords. Do not have hope that someone else used the same. In my opinion you should launch a hybrid attack. Think what you would like to append (or prepend) to existing password and prepare the correct mask.
https://hashcat.net/wiki/doku.php?id=hybrid_attack
https://hashcat.net/wiki/doku.php?id=rule_based_attack

[alexeyneu]

but what we really have here? you're talkin that someone lost the password from 7k bucks wallet. Then he told second guy that first symbols are c a and gave him this wallet.and this second guy has -2 trust already . idk what else to say

[walletrecovery]

I think you have enough passwords. Do not have hope that someone else used the same. In my opinion you should launch a hybrid attack. Think what you would like to append (or prepend) to existing password and prepare the correct mask.
https://hashcat.net/wiki/doku.php?id=hybrid_attack
https://hashcat.net/wiki/doku.php?id=rule_based_attack

You don’t understand that I didn’t use dictionaries from this site: https://weakpass.com/wordlist
because I can’t pull out passwords whose first two letters are “Ca”, so I don’t have passwords,
there is only your work, what you send me and this the only hope is to find the correct password.
If you are tired and lazy, then do not participate in this process. Write here which dictionaries
You have used and downloaded so that other people do not do the same job twice. Thank You!

[walletrecovery]

but what we really have here? you're talkin that someone lost the password from 7k bucks wallet. Then he told second guy that first symbols are c a and gave him this wallet.and this second guy has -2 trust already . idk what else to say

There are bitcoins in the wallet, but there are not many of them. What $7,000 are you talking about, are you delusional?
My trust is "-2" just because one idiot thought I had a multi-account, and another thought that we were not qualified enough to work in this business, but he idiot is not our client! Our "-2" trust is irrelevant to this case and means nothing. Just like the "+2" trust.
The fact is that there is a genuine wallet and there is reliable information that the password starts with the first letters "Ca", there are many passwords on the site with a collection of dictionaries, but there is no time to check them all and there is no point.
There are a couple of guys here who downloaded large dictionaries and somehow managed to pull out all the passwords that start with the first two letters "Ca", but I checked with the "Hashcat" program and these passwords could not open the wallet.
We need to make a list of dictionaries that we have already checked and download other dictionaries in order to check all the passwords that are on the site. What is not clear here, in what language to write here, I don’t understand, asking such stupid questions is some kind of nightmare.


For example password is: Ca******** = 10 characters and/or more...
Only by such a template we need to extract passwords from dictionaries.
Who want and can CONTINUE to create another dictionaries from this list?
https://weakpass.com/wordlist

[LoyceV]

For example password is: Ca******** = 10 characters and/or more...
Only by such a template we need to extract passwords from dictionaries.
Who want and can CONTINUE to create another dictionaries from this list?
https://weakpass.com/wordlist

I can continue, but like I said: you'll have to select which .torrents to download by yourself. There are 107 pages on that site, each with 15 download links. If you select them, I'll get you anything that starts with Ca. But I'll need a list that I can easily process.
The Download link itself seems to work fine too, I get 70 MB/s which is even easier than the Torrent. I can pipe the download to extract it and only save the result.
Example:

Code:

wget -O- https://download.weakpass.com/wordlists/1326/b0n3z-sorted-wordlist.gz | gunzip | grep -a "^Ca" > b0n3z-sorted-wordlist.txt

This 23 GB file takes 7 minutes to process.

If you get me a list of all ~1500+ links, I'll extract them all. But I'm not going to copy that many links myself.
I'll even remove duplicates for you