Encrypted wallet.dat, lost password, any solutions?

[Revalin]

Here's another version customized for a specific request.  In this case he knows the start and end of his passphrase, but he forgot the number in between except that it definitely doesn't have any zeroes.  Just edit in the parts you know where it says "pass" and "word".

This may be useful for anyone in a "missing number" situation.  You can set the start or end to "" (empty string) if the mystery number is at the end or beginning, and you can add 0 to the list of digits if yours might have a zero.

Code:

#!/usr/bin/ruby -w

start = "pass"
finish = "word"

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

(0..20).each do |length|
  [1,2,3,4,5,6,7,8,9].repeated_permutation(length) do |digits|
    test(start + digits.join + finish)
  end
end

[1713425792]

1713425792

[1713425792]

1713425792

[Revalin]

Another custom version: in this case he knows the start and end of the passphrase, but there are some words missing in the middle.  This will try some of the most common English words in a classic dictionary attack.

The words are all lowercase, no punctuation, and run together without spaces.

Fill in the "start" and "finish" parts of the passphrase, choose how common of words you want, fill in your special words in dictionary_extra, then run it.  I recommend using dictionary_size=5000 and max_words=2 for the first run, then 500 and 3 for the second run.  5000 and 3 will take far too long.

Code:

#!/usr/bin/ruby -w

start = "pass"                       # This is the part at the start that you remember with 100% certainty
finish = "word"                      # The end, which you also remember with 100% certainty
dictionary_size = 5000               # The number of common English words to load from the online dictionary
dictionary_extra = %w{one two three} # Some extra words which aren't in the dictionary
max_words = 2                        # The maximum number of words to try not including the start and finish parts
max_word_length = 8                  # Use only short words

require 'open-uri'

def test(phrase)
  printf "%40s ", phrase
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

dictionary = dictionary_extra
dictionary += open('http://www.wordfrequency.info/free.asp?s=y') do |stream|
  stream
    .read
    .split('<tr>')
    .map{ |i| i.scan(%r{<td>(.*)</td>}).flatten[1] }[7,5000]
end
dictionary.reject!{|i| i.match(/[^a-z]/)}              # Exclude words with punctuation
dictionary.select!{|i| i.length <= max_word_length }   # Only short words
dictionary.map!(&:downcase)                            # Even proper nouns are lower case
dictionary.uniq!                                       # Filter out any duplicates
dictionary = dictionary[0,dictionary_size]             # only use this many words

(0..max_words).each do |num_words|
  dictionary.permutation(num_words) do |perm|
    test(start + perm.join + finish)
  end
end

[niklas]

I mangaged to solve my problems on my own:

The issue with the german umlauts seems to have to do with some encoding problems. It dissappeared when I used linux instead of Windows.

I am now running the script brute.rb on a virtual machine provided my Amazon using Linux. After registering for Amazon Web Services (AWS), you can use one of their smallest virtual machine instances ('micro') for free for one year. After starting the bitcoind, you just start the script like this:

ruby brute.rb > log.txt &

It then sends its output to log.txt and you can just logout. It takes quite some time, since the AWS micro instance is rather low on CPU power. An attempt to crack an 8 character password took about one week. However, it is absolutely free; you don't even have to pay for the electricity ...

Hi again,

I keep having problems with Revalins script and the german umlaute (Ä Ö Ü). I have added them to brute.rb and then let the script try to find the correct password - no luck so far. Looking at the stream of passwords brute.rb tried I recognized that it always displayed question marks instead of the umlauts. Changing the character encoding of the terminal to 'Western" changed that. However, I remained suspicious. I let bitcoin create a new wallet (whilst renaming the one I do not know the password of) and encrypted this wallet with a password containing umlauts. If I now let this script run it does not find the correct password, no matter what character encoding I am using on the terminal.

Does anyone have a solution for this problem? It could quite possibly be the case that my password contains umlauts since these are close on my keyboard to some of the characters i assume are contained in the password.

Thanks

[veryveryinteresting]

Here's another version customized for a specific request.  In this case he knows the start and end of his passphrase, but he forgot the number in between except that it definitely doesn't have any zeroes.  Just edit in the parts you know where it says "pass" and "word".

This may be useful for anyone in a "missing number" situation.  You can set the start or end to "" (empty string) if the mystery number is at the end or beginning, and you can add 0 to the list of digits if yours might have a zero.

Code:

#!/usr/bin/ruby -w

start = "pass"
finish = "word"

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it!  #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

(0..20).each do |length|
  [1,2,3,4,5,6,7,8,9].repeated_permutation(length) do |digits|
    test(start + digits.join + finish)
  end
end

My issue is I know the middle of the password, and I have digits on either end. I have no Ruby experience (or Linux) but I got your script working, however, I cannot figure out how to get it to input digits onto either side of my known password. Please help!

[Amitabh S]

Just a thought. If you send me the wallet.dat and password fragments, I can try some stuff here. Will you trust me? Depends on how many coins are there

If reward is generous, I will try sending you code snippets.. Give more details. What type of wallet. Whats the length of passwd, what tool did you use to generate the password? Im guessing its a low entropy password if you remember part of it..

Tldr the prev posts in this thread yet..

[2112]

Does anyone have a solution for this problem? It could quite possibly be the case that my password contains umlauts since these are close on my keyboard to some of the characters i assume are contained in the password.

You need to identify the character set used to encode the password. It may be different than the character set used to encode the font displayed by the terminal program and different from the character sett used to store the text of your program in a file.

http://en.wikipedia.org/wiki/Western_Latin_character_sets_(computing)

Those are your basic choices. Note that the Unicode column can have several different encodings:  UTF-7, UTF-8, UTF-16LE, UTF-16BE or UTF-32 (unlikely, but possible; and it still has big-endian and little-endian variants).

Good luck.

[viper1092]

Hey! I have a very similar issue which I posted about here https://bitcointalk.org/index.php?topic=153452.

I set up a BlockChain.info Wallet online. I gave it a 'main' password. I know this main password. The problem is I set the 'second password' which in effect performs double encryption, and I thought I knew that password! But it doesn't work  

Now, I've got 15 BTC in that wallet so it's definitely worth it for me to get back. To recap, I know the initial password that encrypted, and I'm confident I know most of the second password.

My question is how do I go about brute forcing that? I have a .aes.json file with the priv keys that are backed up, but I have no idea on how to go about brute forcing it.

I read the whole post and there are some awesome Ruby scripts, but they all target bitcoind, and I don't have the funds in a local wallet.

Any help?

[niklas]

You need to identify the character set used to encode the password. It may be different than the character set used to encode the font displayed by the terminal program and different from the character sett used to store the text of your program in a file.

Thank you for your help, 2112.

However, if I am honest I do only have a faint idea of how to accomplish what you describe. Does the bitcoin client use different encodings on different platforms? The wallet was encriptded on a German Windows 7 installation; for running Revalins script I now use a German Ubuntu 12.04.

Do you have a concrete strategy how I could get Revalins script running using all characters on my keyboard?

Thank you

[2112]

Thank you for your help, 2112.

However, if I am honest I do only have a faint idea of how to accomplish what you describe. Does the bitcoin client use different encodings on different platforms? The wallet was encriptded on a German Windows 7 installation; for running Revalins script I now use a German Ubuntu 12.04.

Do you have a concrete strategy how I could get Revalins script running using all characters on my keyboard?

Thank you

Well, you had a good idea to see if you can crack the known short password with umlauts.

1) I currently don't have access to any other machine except my single laptop, I really can't help you with details. In particular I'm almost illiterate in German.
2) verify if the "Language for non-Unicode programs" in Control Panel is still "German (Germany)".
3) using regedit.exe verify the settings in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage\ACP. It should probably be 1252 which means the Windows-1252 encoding was used for non-internationalized programs like Satoshi's client. Also note the OEMCP value from the same page. Ostensibly OEMCP is used only for DOS compatibility mode, but some programs use it because of bugs.
4) If you encrypted your wallet using bitcoin-Qt then verify that you can decrypt it from the command line by using bitcoind.
5) Make sure that the step 4) works for all umlauts you may have used, both lower-case and upper-case.
6) configure Ubuntu's terminal program to use Windows-1252 or if you access it from Windows via ssh configure your ssh client to use that encoding
7) rerun the test decryption of the known-password wallet on Ubuntu's command line.
8) verify that your Ruby program is using the correct encodings for umlauts
9) run the Ruby crack program

While I'm almost illiterate in German I'm very familiar with the computer-specific problems encountered by German-speaking people, especially in multi-language places like Switzerland. Because of the QWERTY vs. QWERTZ vs. AZERTY keyboard layout issue, when you were entering your password sight-unseen you may have entered some other characters because of accidental switching of the keyboard layouts. Have you actually verified in the Language Bar that you were using the correct layout while typing your password?

[veryveryinteresting]

Just a thought. If you send me the wallet.dat and password fragments, I can try some stuff here. Will you trust me? Depends on how many coins are there

If reward is generous, I will try sending you code snippets.. Give more details. What type of wallet. Whats the length of passwd, what tool did you use to generate the password? Im guessing its a low entropy password if you remember part of it..

Tldr the prev posts in this thread yet..

Why in the world would I trust you? You didn't even read the thread.....

If you read the previous posts, it's possible for you to crack it without having the actual wallet.dat file itself.

I am willing to pay a 1BTC reward to anyone who can help me out.

[veryveryinteresting]

I just used Revalin's code, but it doesn' work in Windows. I used its on a known password and it still said "error: canot connect to host". Can someone help me out please?

[AdriKGB]

Thank you for your help, 2112.

However, if I am honest I do only have a faint idea of how to accomplish what you describe. Does the bitcoin client use different encodings on different platforms? The wallet was encriptded on a German Windows 7 installation; for running Revalins script I now use a German Ubuntu 12.04.

Do you have a concrete strategy how I could get Revalins script running using all characters on my keyboard?

Thank you

Well, you had a good idea to see if you can crack the known short password with umlauts.

1) I currently don't have access to any other machine except my single laptop, I really can't help you with details. In particular I'm almost illiterate in German.
2) verify if the "Language for non-Unicode programs" in Control Panel is still "German (Germany)".
3) using regedit.exe verify the settings in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage\ACP. It should probably be 1252 which means the Windows-1252 encoding was used for non-internationalized programs like Satoshi's client. Also note the OEMCP value from the same page. Ostensibly OEMCP is used only for DOS compatibility mode, but some programs use it because of bugs.
4) If you encrypted your wallet using bitcoin-Qt then verify that you can decrypt it from the command line by using bitcoind.
5) Make sure that the step 4) works for all umlauts you may have used, both lower-case and upper-case.
6) configure Ubuntu's terminal program to use Windows-1252 or if you access it from Windows via ssh configure your ssh client to use that encoding
7) rerun the test decryption of the known-password wallet on Ubuntu's command line.
verify that your Ruby program is using the correct encodings for umlauts
9) run the Ruby crack program

While I'm almost illiterate in German I'm very familiar with the computer-specific problems encountered by German-speaking people, especially in multi-language places like Switzerland. Because of the QWERTY vs. QWERTZ vs. AZERTY keyboard layout issue, when you were entering your password sight-unseen you may have entered some other characters because of accidental switching of the keyboard layouts. Have you actually verified in the Language Bar that you were using the correct layout while typing your password?

Hi 2112,

Does it mean that it is possible that if I created a wallet password in a PC which crashed, now in a new PC maybe Bitcoin-qt does not accept the password?

If this is the case, and I don't know the encoding of regedit.exe, what can I do to be sure that I test all the encoding possibilities in the ubuntu's terminal?

Thanks in advanced

[2112]

Hi 2112,

Does it mean that it is possible that if I created a wallet password in a PC which crashed, now in a new PC maybe Bitcoin-qt does not accept the password?

If this is the case, and I don't know the encoding of regedit.exe, what can I do to be sure that I test all the encoding possibilities in the ubuntu's terminal?

Thanks in advanced

Anything is possible, especially in the presence of bugs or various typing-utilities/spelling-checkers/etc. Blind typing into the bitcoin-qt window is a classic failure mode for that, e.g. for Germans: Kongressstraße vs. Kongreßstraße.

For KGB agents the example would be: Microsoft vs. Microsoft. (For non-KGB-agents: the second "c" is actually a cyrillic "s".)

Edit: Oh, and guys, please don't race into registering the homo-glyph accounts for the Bitcoin luminaries. Registering as "Gavin-non-break-space-Andresen" is not that funny.

Edit2: Fixed the external link.

[wingsuit]

Hey! I have a very similar issue which I posted about here https://bitcointalk.org/index.php?topic=153452.

I set up a BlockChain.info Wallet online. I gave it a 'main' password. I know this main password. The problem is I set the 'second password' which in effect performs double encryption, and I thought I knew that password! But it doesn't work  

Now, I've got 15 BTC in that wallet so it's definitely worth it for me to get back. To recap, I know the initial password that encrypted, and I'm confident I know most of the second password.

My question is how do I go about brute forcing that? I have a .aes.json file with the priv keys that are backed up, but I have no idea on how to go about brute forcing it.

I read the whole post and there are some awesome Ruby scripts, but they all target bitcoind, and I don't have the funds in a local wallet.

Any help?

I had a slightly similar thing happen to me just the other day with blockchainwallet. I set a second pass and then went to test it but it failed over and over again. I had written the second pass to a text file which i was copy-pasting, but also typing and using the virtual keyboard neither of which worked. Then randomly on my 'enth paste attempt it worked.
Hope you get yours back soon.

[Revalin]

And another: This person knows the middle of the password but forgot the digits on either side.

Code:

#!/usr/bin/ruby

middle = "password"  # The known part in the middle
min_per_side = 1     # The minimum number of digits per side
max_per_side = 4     # The maximum number of digits per side

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it! #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

((2 * min_per_side)..(2 * max_per_side)).each do |length|
  if length - max_per_side > min_per_side
    min_per_side = length - max_per_side
  end
  (0..(10**length-1)).each do |number|
    digits = ("%0#{length.to_s}d" % [number]).chars.to_a
    (min_per_side..(length - min_per_side)).each do |offset|
      left = digits[0,offset].join
      right = digits[offset,99].join
      test(left + middle + right)
    end
  end
end

Edit: Improved to limit the max digits per side which will help with longer passphrases.

[Hfleer]

What if i know most of the characters, which are either in the very beginning or in the middle, but missing 3-5 characters(certain letters, numbers, and symbols), that are mostly at the end but might have one or two at beginning?

[veryveryinteresting]

And another: This person knows the middle of the password but forgot the digits on either side.

Code:

#!/usr/bin/ruby

middle = "password"  # The known part in the middle
min_per_side = 1     # The minimum number of digits per side
max_per_side = 4     # The maximum number of digits per side

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it! #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

((2 * min_per_side)..(2 * max_per_side)).each do |length|
  if length - max_per_side > min_per_side
    min_per_side = length - max_per_side
  end
  (0..(10**length-1)).each do |number|
    digits = ("%0#{length.to_s}d" % [number]).chars.to_a
    (min_per_side..(length - min_per_side)).each do |offset|
      left = digits[0,offset].join
      right = digits[offset,99].join
      test(left + middle + right)
    end
  end
end

Edit: Improved to limit the max digits per side which will help with longer passphrases.

Thanks Revalin! I am running it now...

[Revalin]

What if i know most of the characters, which are either in the very beginning or in the middle, but missing 3-5 characters(certain letters, numbers, and symbols), that are mostly at the end but might have one or two at beginning?

Then you need something like this:

Code:

#!/usr/bin/ruby

middle = "password"           # The known part in the middle
min_left = 0                  # The minimum number of chars on the left
max_left = 2                  # The maximum number of chars on the left
max_total = 5                 # The max total unknowns
chars = 'abcd1234'.chars.to_a # Possible chars to choose from
#chars << '\\'                 # ... plus backslash
#chars << "'"                  # ... plus single quote

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it! #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

(1..max_total).each do |length|
  chars.repeated_permutation(length) do |str|
    max_offset = [max_left, length].min
    (min_left..max_offset).each do |offset|
      left = str.join[0,offset]
      right = str.join[offset,99] || ""
      test(left + middle + right)
    end
  end
end

Fill in the part you know for middle= and put in the characters you want to try in chars= .  If you want a backslash or single-quote then remove the # at the start of those lines.

Try to keep the chars list small. The time required increases very rapidly as you add more: 10 characters = 8 hours; 20 characters = 11 days; 30 characters = 3 months.

[Hfleer]

What if i know most of the characters, which are either in the very beginning or in the middle, but missing 3-5 characters(certain letters, numbers, and symbols), that are mostly at the end but might have one or two at beginning?

Then you need something like this:

Code:

#!/usr/bin/ruby

middle = "password"           # The known part in the middle
min_left = 0                  # The minimum number of chars on the left
max_left = 2                  # The maximum number of chars on the left
max_total = 5                 # The max total unknowns
chars = 'abcd1234'.chars.to_a # Possible chars to choose from
#chars << '\\'                 # ... plus backslash
#chars << "'"                  # ... plus single quote

def test(phrase)
  print phrase, "\t"
  system("./bitcoind", "walletpassphrase", phrase, "20")
  case $?.exitstatus
  when 0
    puts "Found it! #{phrase}"
    exit 0
  when 127
    puts "bitcoind not found in current dir"
    exit 1
  when nil
    puts "Aborting"
    exit 1
  end
end

(1..max_total).each do |length|
  chars.repeated_permutation(length) do |str|
    max_offset = [max_left, length].min
    (min_left..max_offset).each do |offset|
      left = str.join[0,offset]
      right = str.join[offset,99] || ""
      test(left + middle + right)
    end
  end
end

Fill in the part you know for middle= and put in the characters you want to try in chars= .  If you want a backslash or single-quote then remove the # at the start of those lines.

Try to keep the chars list small. The time required increases very rapidly as you add more: 10 characters = 8 hours; 20 characters = 11 days; 30 characters = 3 months.

Thank you.

[legitnick]

What if you know the start of the password and some of the letters in the end?