Bitcoin Forum
April 18, 2014, 12:13:53 AM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23  All
  Print  
Author Topic: Encrypted wallet.dat, lost password, any solutions?  (Read 62773 times)
Etlase2
Hero Member
*****
Offline Offline

Activity: 756


View Profile

Ignore
June 05, 2012, 03:51:21 AM
 #21

The encrypted wallet format only encrypts the seckeys, nothing else.

That's strange. From the standpoint of privacy, shouldn't the pubkeys be encrypted as well?

    mBitCASINOWIN BITCOINS IN OUR
24/7 LIVE DEALER CASINO

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1397780033
Hero Member
*
Offline Offline

Posts: 1397780033

View Profile Personal Message (Offline)

Ignore
1397780033
Reply with quote  #2

1397780033
Report to moderator
Revalin
Hero Member
*****
Offline Offline

Activity: 700


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 03:57:40 AM
 #22

Keeping the pubkeys in plaintext encourages people to do their daily read-only operations (verifying received coins) without having to keep the decrypted private keys or password in memory.

The point of encryption is to prevent stolen coins, not to protect your identity.  If you want identity protection use a separate whole-file encryption system such as GPG or TrueCrypt.

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
TangibleCryptography
Sr. Member
****
Offline Offline

Activity: 476


Tangible Cryptography LLC


View Profile WWW

Ignore
June 05, 2012, 03:58:41 AM
 #23

The encrypted wallet format only encrypts the seckeys, nothing else.

That's strange. From the standpoint of privacy, shouldn't the pubkeys be encrypted as well?

That would require user's password to be entered and wallet kept unlock for any action.  Mining for example would require keeping the wallet unlocked continuously and subject to theft.  Checking your balance, verifying a tx cleared, checking # of confirmations would all require the password.

By only encrypting the private keys funds can be kept secure and the password is only needed to either send funds or sign a message.
ez1btc
Newbie
*
Offline Offline

Activity: 14


View Profile

Ignore
June 05, 2012, 04:11:20 AM
 #24

Much gratitude for all the help. If I can free my BTC I will pay a lot of you Smiley

I have spent several hours trying figure out my password mistake. Many hours feeling like a complete fool, in fact.  Looking for a brute force script that I can guide in the right direction using the nearly-correct password which I remember.

Any script authors or white hats interested in making a hundred BTC or so, send me a message.

Thanks!
riX
Sr. Member
****
Offline Offline

Activity: 326



View Profile

Ignore
June 05, 2012, 05:38:23 AM
 #25

I did the same thing two weeks ago, mistyped my 30-char pwd twice, although that was on a 7-zip archive.
I made a script that tried all combinations of the keyboard keys surrounding the ones that should be correct, and also upper/lower case combinations for the characters that were adjacent to those that were supposed to be capitals.
Found the password in about 3 secs...

I have the script, but it's for 7-zip, but it's not hard to fix..

Revalin
Hero Member
*****
Offline Offline

Activity: 700


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 05:52:42 AM
 #26

Here, I whipped up something quick and dirty.  Just fill in your passphrase as close as you can remember, and make sure bitcoind is in the current dir.  It should print lots of "The wallet passphrase entered was incorrect" if it's working.


Code:
#!/usr/bin/ruby -w

passphrase = "oops"
characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  end
end

# transpose adjacent chars
(passphrase.length - 1).times do |i|
  testphrase = passphrase.dup
  testphrase[i] = passphrase[i+1]
  testphrase[i+1] = passphrase[i]
  test testphrase
end

# delete one char
passphrase.length.times do |i|
  testphrase = passphrase.dup
  testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
  test testphrase
end

# substitutute one char
passphrase.length.times do |i|
  characters.chars.each do |c|
    testphrase = passphrase.dup
    testphrase[i] = c
    test testphrase
  end
end

# insert one char
(passphrase.length + 1).times do |i|
  characters.chars.each do |c|
    testphrase = passphrase.dup
    testphrase.insert(i, c)
    test testphrase
  end
end


puts "No luck."
exit 1


Good luck!

edit: This also requires a running bitcoind.
1. set "rpcpassword=somerandomcrap" in .bitcoin/bitcoin.conf
2. run "./bitcoind -daemon"
3. run "./bitcoind getinfo" until it starts returning data instead of errors
4. then run the script above.

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
Stephen Gornick
Hero Member
*****
Offline Offline

Activity: 1232



View Profile WWW

Ignore
June 05, 2012, 07:10:25 AM
 #27

Less than a year ago:

Quote
So why didn't we encrypt it up the wazoo and require that you type six passwords to unlock it? Well, two major reasons:

First, losing your wallet or forgetting your password is (arguably) as big a threat as theft. There is a reason every online service has some 'recover/reset lost password' feature.

 - http://gavinthink.blogspot.com/2011/06/why-arent-bitcoin-wallets-encrypted.html

Revalin
Hero Member
*****
Offline Offline

Activity: 700


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 07:49:11 AM
 #28

Here's an updated version which will try double substitutions.  This is a large keyspace and will take a long time - figure about a month for a 30 character password at 10 guesses per second.  Beyond there you'll have to use either riX's approach where you assume that fumbles will be to adjacent keys, or employ a GPU for more brute force.

Code:
#!/usr/bin/ruby -w

passphrase = "oops"

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  end
end

def scramble(passphrase)
  characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"
  list = []

  # transpose adjacent chars
  (passphrase.length - 1).times do |i|
    testphrase = passphrase.dup
    testphrase[i] = passphrase[i+1]
    testphrase[i+1] = passphrase[i]
    list << testphrase
  end

  # delete one char
  passphrase.length.times do |i|
    testphrase = passphrase.dup
    testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
    list << testphrase
  end

  # substitutute one char
  passphrase.length.times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase[i] = c
      list << testphrase
    end
  end

  # insert one char
  (passphrase.length + 1).times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase.insert(i, c)
      list << testphrase
    end
  end

  return list.uniq
end

list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}

puts "No luck."
exit 1

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
riX
Sr. Member
****
Offline Offline

Activity: 326



View Profile

Ignore
June 05, 2012, 07:52:50 AM
 #29


Code:
characters = " !\"\#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~"

You might want to reorder that to make it find adjacent _keys_ on the keyboard, not adjacent letters in the alphabet.


Edit: noticed you posted that just before..

When I get home from work I can post my script unless you have it figured out by then.

Revalin
Hero Member
*****
Offline Offline

Activity: 700


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile

Ignore
June 05, 2012, 08:13:28 AM
 #30

You might want to reorder that to make it find adjacent _keys_ on the keyboard, not adjacent letters in the alphabet.

Just reordering the string won't help.  It would need to generate groups by adjacency, which will require a considerably more clever algorithm than the double-nested-loop exhaustive search above.  By all means post it if you have one.  I'm done for the day.  Smiley

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
dooglus
Hero Member
*****
Offline Offline

Activity: 1036


firstbits: 1doog7


View Profile WWW

Ignore
June 05, 2012, 10:14:49 AM
 #31

Any script authors or white hats interested in making a hundred BTC or so, send me a message.

I sent you a PM.

I've since discovered that it's possible to test whether I've cracked your password without having any of your encrypted keys.

If you can just give us your encrypted master key, the salt, the number of iterations, and your best guess at what you think the passphrase is, we can attempt to find a passphrase that decrypts the master key and know when we've done it, but without getting access to any of your funds.

To get the information we need, get a copy of Gavin's bitcointools: https://github.com/gavinandresen/bitcointools and make the following change in wallet.py:

Code:
-      print("Master Key %d"%(d['nID']) + ": 0x"+ short_hex(d['crypted_key']) +
-            ", Salt: 0x"+ short_hex(d['salt']) +
+      print("Master Key %d"%(d['nID']) + ": 0x"+ long_hex(d['crypted_key']) +
+            ", Salt: 0x"+ long_hex(d['salt']) +

Then close bitcoin-qt and run:

Code:
./dbdump.py --wallet | grep Master.Key

from the bitcointools directory.

It should print a single line, like this:

Code:
Master Key 1: 0x47994851532eb7479886f5dc3c923df2d8a57d1f687d0d41808dee394b50259b209e587f677a3b69db1448ecb18e0d39, Salt: 0xa66b5e971bbd8106. Passphrase hashed 95913 times with method 0 with other parameters 0x

Using this, and bitcoin-qt's crypter.cpp, anyone can verify that the passphrase is 'abc'.  But since nobody has a copy of the wallet I encrypted with 'abc', nobody has access to the coins in the wallet.

ribuck
Donator
Hero Member
*
Offline Offline

Activity: 1204


View Profile

Ignore
June 05, 2012, 10:24:55 AM
 #32

I don't suppose you have a backup from before you encrypted the wallet?
dooglus
Hero Member
*****
Offline Offline

Activity: 1036


firstbits: 1doog7


View Profile WWW

Ignore
June 05, 2012, 10:26:00 AM
 #33

I don't suppose you have a backup from before you encrypted the wallet?

Ha!

That's the first thing I thought of when I saw this thread, but forgot it in all the technical details.

flatfly
Hero Member
*****
Offline Offline

Activity: 770

GPG ID: 0xF91975FE


View Profile

Ignore
June 05, 2012, 12:38:28 PM
 #34

It may be worth trying to scan your hard disk for remnants of deleted copies of the wallet. To do that, I highly recommend the portable version of Recuva. It's very simple to use. If you're lucky, you could find one that is unencrypted (until recently, Bitcoin-Qt had a bug that sometimes left the wallet file partially unencrypted on the hard disk).

Enable deep scan mode, and look for any recoverable DAT files that are similar in size to your wallet file.

1111127SpvabYpoeDoiz5L7QPkfiSh2Q. Only donate if you have a reason to.
interlagos
Sr. Member
****
Offline Offline

Activity: 469


View Profile

Ignore
June 05, 2012, 01:02:45 PM
 #35

Since you mistyped it twice it's unlikely that you made the same mistake.
I would check the version with inversed capitalization in case you had CapsLock On and didn't notice.
Or if you have multiple languages on your computer try changing the language.
payb.tc
Hero Member
*****
Offline Offline

Activity: 812



View Profile

Ignore
June 05, 2012, 11:03:04 PM
 #36

Since you mistyped it twice it's unlikely that you made the same mistake.

that's what i would have normally thought, but as i mentioned, a bad keyboard can easily have that effect.
malaimult
Sr. Member
****
Offline Offline

Activity: 446



View Profile

Ignore
June 06, 2012, 03:58:52 AM
 #37

i can point you to some Russian forums, they are very good in this kind of encryption mysql injection etc, but i don't know how you stay with russian language.
someone helped me with a bigger problem in the past 
riX
Sr. Member
****
Offline Offline

Activity: 326



View Profile

Ignore
June 15, 2012, 01:17:15 PM
 #38

Problem solved...  Wink

interlagos
Sr. Member
****
Offline Offline

Activity: 469


View Profile

Ignore
June 15, 2012, 02:06:02 PM
 #39

Problem solved...  Wink

What was it? We are curious! Smiley
riX
Sr. Member
****
Offline Offline

Activity: 326



View Profile

Ignore
June 15, 2012, 03:43:03 PM
 #40

He had indeed mistyped the password, but I cracked it.. 52 char pwds are not always good, easy to mistype =)

Pages: 1 [2] 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!