Bitcoin Forum
April 28, 2015, 02:26:33 PM *
News: Latest stable version of Bitcoin Core: 0.10.1 [Torrent] (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 »
  Print  
Author Topic: Encrypted wallet.dat, lost password, any solutions?  (Read 111252 times)
Etlase2
Hero Member
*****
Offline Offline

Activity: 798


View Profile

Ignore
June 05, 2012, 03:51:21 AM
 #21

The encrypted wallet format only encrypts the seckeys, nothing else.

That's strange. From the standpoint of privacy, shouldn't the pubkeys be encrypted as well?

1430231193
Hero Member
*
Offline Offline

Posts: 1430231193

View Profile Personal Message (Offline)

Ignore
1430231193
Reply with quote  #2

1430231193
Report to moderator
1430231193
Hero Member
*
Offline Offline

Posts: 1430231193

View Profile Personal Message (Offline)

Ignore
1430231193
Reply with quote  #2

1430231193
Report to moderator
coin palace Get BONUS UP TO 1 BTC! Limited offer! CLAIM NOW!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1430231193
Hero Member
*
Offline Offline

Posts: 1430231193

View Profile Personal Message (Offline)

Ignore
1430231193
Reply with quote  #2

1430231193
Report to moderator
1430231193
Hero Member
*
Offline Offline

Posts: 1430231193

View Profile Personal Message (Offline)

Ignore
1430231193
Reply with quote  #2

1430231193
Report to moderator
Revalin
Hero Member
*****
Offline Offline

Activity: 728


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 03:57:40 AM
 #22

Keeping the pubkeys in plaintext encourages people to do their daily read-only operations (verifying received coins) without having to keep the decrypted private keys or password in memory.

The point of encryption is to prevent stolen coins, not to protect your identity.  If you want identity protection use a separate whole-file encryption system such as GPG or TrueCrypt.

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
TangibleCryptography
Sr. Member
****
Offline Offline

Activity: 476


Tangible Cryptography LLC


View Profile WWW

Ignore
June 05, 2012, 03:58:41 AM
 #23

The encrypted wallet format only encrypts the seckeys, nothing else.

That's strange. From the standpoint of privacy, shouldn't the pubkeys be encrypted as well?

That would require user's password to be entered and wallet kept unlock for any action.  Mining for example would require keeping the wallet unlocked continuously and subject to theft.  Checking your balance, verifying a tx cleared, checking # of confirmations would all require the password.

By only encrypting the private keys funds can be kept secure and the password is only needed to either send funds or sign a message.
ez1btc
Newbie
*
Offline Offline

Activity: 14


View Profile

Ignore
June 05, 2012, 04:11:20 AM
 #24

Much gratitude for all the help. If I can free my BTC I will pay a lot of you Smiley

I have spent several hours trying figure out my password mistake. Many hours feeling like a complete fool, in fact.  Looking for a brute force script that I can guide in the right direction using the nearly-correct password which I remember.

Any script authors or white hats interested in making a hundred BTC or so, send me a message.

Thanks!
riX
Sr. Member
****
Offline Offline

Activity: 327



View Profile

Ignore
June 05, 2012, 05:38:23 AM
 #25

I did the same thing two weeks ago, mistyped my 30-char pwd twice, although that was on a 7-zip archive.
I made a script that tried all combinations of the keyboard keys surrounding the ones that should be correct, and also upper/lower case combinations for the characters that were adjacent to those that were supposed to be capitals.
Found the password in about 3 secs...

I have the script, but it's for 7-zip, but it's not hard to fix..

Revalin
Hero Member
*****
Offline Offline

Activity: 728


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 05:52:42 AM
 #26

Here, I whipped up something quick and dirty.  Just fill in your passphrase as close as you can remember, and make sure bitcoind is in the current dir.  It should print lots of "The wallet passphrase entered was incorrect" if it's working.


Code:
#!/usr/bin/ruby -w

passphrase = "oops"
characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  end
end

# transpose adjacent chars
(passphrase.length - 1).times do |i|
  testphrase = passphrase.dup
  testphrase[i] = passphrase[i+1]
  testphrase[i+1] = passphrase[i]
  test testphrase
end

# delete one char
passphrase.length.times do |i|
  testphrase = passphrase.dup
  testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
  test testphrase
end

# substitutute one char
passphrase.length.times do |i|
  characters.chars.each do |c|
    testphrase = passphrase.dup
    testphrase[i] = c
    test testphrase
  end
end

# insert one char
(passphrase.length + 1).times do |i|
  characters.chars.each do |c|
    testphrase = passphrase.dup
    testphrase.insert(i, c)
    test testphrase
  end
end


puts "No luck."
exit 1


Good luck!

edit: This also requires a running bitcoind.
1. set "rpcpassword=somerandomcrap" in .bitcoin/bitcoin.conf
2. run "./bitcoind -daemon"
3. run "./bitcoind getinfo" until it starts returning data instead of errors
4. then run the script above.

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
Stephen Gornick
Legendary
*
Offline Offline

Activity: 1582



View Profile WWW

Ignore
June 05, 2012, 07:10:25 AM
 #27

Less than a year ago:

Quote
So why didn't we encrypt it up the wazoo and require that you type six passwords to unlock it? Well, two major reasons:

First, losing your wallet or forgetting your password is (arguably) as big a threat as theft. There is a reason every online service has some 'recover/reset lost password' feature.

 - http://gavinthink.blogspot.com/2011/06/why-arent-bitcoin-wallets-encrypted.html

Revalin
Hero Member
*****
Offline Offline

Activity: 728


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 07:49:11 AM
 #28

Here's an updated version which will try double substitutions.  This is a large keyspace and will take a long time - figure about a month for a 30 character password at 10 guesses per second.  Beyond there you'll have to use either riX's approach where you assume that fumbles will be to adjacent keys, or employ a GPU for more brute force.

Code:
#!/usr/bin/ruby -w

passphrase = "oops"

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  end
end

def scramble(passphrase)
  characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
  list = []

  # transpose adjacent chars
  (passphrase.length - 1).times do |i|
    testphrase = passphrase.dup
    testphrase[i] = passphrase[i+1]
    testphrase[i+1] = passphrase[i]
    list << testphrase
  end

  # delete one char
  passphrase.length.times do |i|
    testphrase = passphrase.dup
    testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
    list << testphrase
  end

  # substitutute one char
  passphrase.length.times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase[i] = c
      list << testphrase
    end
  end

  # insert one char
  (passphrase.length + 1).times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase.insert(i, c)
      list << testphrase
    end
  end

  return list.uniq
end

list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}

puts "No luck."
exit 1

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
riX
Sr. Member
****
Offline Offline

Activity: 327



View Profile

Ignore
June 05, 2012, 07:52:50 AM
 #29


Code:
characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"

You might want to reorder that to make it find adjacent _keys_ on the keyboard, not adjacent letters in the alphabet.


Edit: noticed you posted that just before..

When I get home from work I can post my script unless you have it figured out by then.

Revalin
Hero Member
*****
Offline Offline

Activity: 728


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 08:13:28 AM
 #30

You might want to reorder that to make it find adjacent _keys_ on the keyboard, not adjacent letters in the alphabet.

Just reordering the string won't help.  It would need to generate groups by adjacency, which will require a considerably more clever algorithm than the double-nested-loop exhaustive search above.  By all means post it if you have one.  I'm done for the day.  Smiley

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
dooglus
Legendary
*
Offline Offline

Activity: 1400



View Profile

Ignore
June 05, 2012, 10:14:49 AM
 #31

Any script authors or white hats interested in making a hundred BTC or so, send me a message.

I sent you a PM.

I've since discovered that it's possible to test whether I've cracked your password without having any of your encrypted keys.

If you can just give us your encrypted master key, the salt, the number of iterations, and your best guess at what you think the passphrase is, we can attempt to find a passphrase that decrypts the master key and know when we've done it, but without getting access to any of your funds.

To get the information we need, get a copy of Gavin's bitcointools: https://github.com/gavinandresen/bitcointools and make the following change in wallet.py:

Code:
-      print("Master Key %d"%(d['nID']) + ": 0x"+ short_hex(d['crypted_key']) +
-            ", Salt: 0x"+ short_hex(d['salt']) +
+      print("Master Key %d"%(d['nID']) + ": 0x"+ long_hex(d['crypted_key']) +
+            ", Salt: 0x"+ long_hex(d['salt']) +

Then close bitcoin-qt and run:

Code:
./dbdump.py --wallet | grep Master.Key

from the bitcointools directory.

It should print a single line, like this:

Code:
Master Key 1: 0x47994851532eb7479886f5dc3c923df2d8a57d1f687d0d41808dee394b50259b209e587f677a3b69db1448ecb18e0d39, Salt: 0xa66b5e971bbd8106. Passphrase hashed 95913 times with method 0 with other parameters 0x

Using this, and bitcoin-qt's crypter.cpp, anyone can verify that the passphrase is 'abc'.  But since nobody has a copy of the wallet I encrypted with 'abc', nobody has access to the coins in the wallet.

ribuck
Donator
Legendary
*
Offline Offline

Activity: 1316


View Profile

Ignore
June 05, 2012, 10:24:55 AM
 #32

I don't suppose you have a backup from before you encrypted the wallet?
dooglus
Legendary
*
Offline Offline

Activity: 1400



View Profile

Ignore
June 05, 2012, 10:26:00 AM
 #33

I don't suppose you have a backup from before you encrypted the wallet?

Ha!

That's the first thing I thought of when I saw this thread, but forgot it in all the technical details.

flatfly
Hero Member
*****
Offline Offline

Activity: 882


View Profile

Ignore
June 05, 2012, 12:38:28 PM
 #34

It may be worth trying to scan your hard disk for remnants of deleted copies of the wallet. To do that, I highly recommend the portable version of Recuva. It's very simple to use. If you're lucky, you could find one that is unencrypted (until recently, Bitcoin-Qt had a bug that sometimes left the wallet file partially unencrypted on the hard disk).

Enable deep scan mode, and look for any recoverable DAT files that are similar in size to your wallet file.

1111127SpvabYpoeDoiz5L7QPkfiSh2Q. Only donate if you have a reason to.
interlagos
Hero Member
*****
Offline Offline

Activity: 496


View Profile

Ignore
June 05, 2012, 01:02:45 PM
 #35

Since you mistyped it twice it's unlikely that you made the same mistake.
I would check the version with inversed capitalization in case you had CapsLock On and didn't notice.
Or if you have multiple languages on your computer try changing the language.
payb.tc
Hero Member
*****
Offline Offline

Activity: 812



View Profile

Ignore
June 05, 2012, 11:03:04 PM
 #36

Since you mistyped it twice it's unlikely that you made the same mistake.

that's what i would have normally thought, but as i mentioned, a bad keyboard can easily have that effect.
malaimult
Hero Member
*****
Offline Offline

Activity: 616



View Profile

Ignore
June 06, 2012, 03:58:52 AM
 #37

i can point you to some Russian forums, they are very good in this kind of encryption mysql injection etc, but i don't know how you stay with russian language.
someone helped me with a bigger problem in the past 
riX
Sr. Member
****
Offline Offline

Activity: 327



View Profile

Ignore
June 15, 2012, 01:17:15 PM
 #38

Problem solved...  Wink

interlagos
Hero Member
*****
Offline Offline

Activity: 496


View Profile

Ignore
June 15, 2012, 02:06:02 PM
 #39

Problem solved...  Wink

What was it? We are curious! Smiley
riX
Sr. Member
****
Offline Offline

Activity: 327



View Profile

Ignore
June 15, 2012, 03:43:03 PM
 #40

He had indeed mistyped the password, but I cracked it.. 52 char pwds are not always good, easy to mistype =)

Pages: « 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!