Encrypted wallet.dat, lost password, any solutions?

[Revalin]

there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all.

Do you mean you have a long list of passwords and your passphrase is between one and five of them?  I can help with that.  What do you mean by "include wildcards"?

Can you provide a list of samples of what they would look like?  You can substitute different words in.  It'd make it easier to see what you're describing.

[1713565181]

1713565181

[1713565181]

1713565181

[1713565181]

1713565181

[1713565181]

1713565181

[1713565181]

1713565181

[mackminer]

there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all.

Do you mean you have a long list of passwords and your passphrase is between one and five of them?  I can help with that.  What do you mean by "include wildcards"?

Can you provide a list of samples of what they would look like?  You can substitute different words in.  It'd make it easier to see what you're describing.

hotel18461846, caravan*1, thinkpad*1 lenovo*6

It's either a permutation even though I think I have tried them all - not all the words may be included or they all might be included.

[stillfire]

there are up to five passwords (I think), include wildcards, they could be any combination and some passwords that I use may not be there at all.

Do you mean you have a long list of passwords and your passphrase is between one and five of them?  I can help with that.  What do you mean by "include wildcards"?

Can you provide a list of samples of what they would look like?  You can substitute different words in.  It'd make it easier to see what you're describing.

hotel18461846, caravan*1, thinkpad*1 lenovo*6

It's either a permutation even though I think I have tried them all - not all the words may be included or they all might be included.

I can work with that. I have a password checker built for partially known structures with wildcards. Note that if you have both wildcards and unknown order, the number of permutations can explode very quickly. I will stop after a few hundred thousand attempts so please be as specific as possible. Any detail you can recollect will help (although false recollections have been a problem in the past so don't strain your memory trying). Please PM me with details.

[ihatepasswords]

Hi revalin i had an old electrum wallet that i forgot about a while ago and went back recently to get the coins out of it but it wouldnt work even though i saved the password i used, but i think i might have changed it slightly and didnt save the changes or something but i know what it generally is and what characters i used. I found your electrum script and installed ruby on win7 and modified it to point to the wallet and electrum.exe and named it brute.rb but when i ran it it just opened and closed. i dont know what else to do can you please help?

[mackminer]

Hi revalin i had an old electrum wallet that i forgot about a while ago and went back recently to get the coins out of it but it wouldnt work even though i saved the password i used, but i think i might have changed it slightly and didnt save the changes or something but i know what it generally is and what characters i used. I found your electrum script and installed ruby on win7 and modified it to point to the wallet and electrum.exe and named it brute.rb but when i ran it it just opened and closed. i dont know what else to do can you please help?

You need to run the script within an already open terminal. Go to the folder where it is and open the command line in there. If you shift and right click you will get the option to open the terminal there.

[ihatepasswords]

I ran it from the command prompt, it gave me a password instantly and said it found it but its not the right one, i tried to send coin to myself and electrum said it was invalid.

edit: i added some random word in the initial password and it did the same thing, said found it! but of course it was the wrong password. It seems to think the first guess is the right one.

edit2: for the record im running windows 7x64 + electrum standalone 1.9.5 + ruby 1.9.3.

edit3: this is the script im using

Code:

#!/usr/bin/ruby
require 'base64'
require 'digest/sha2'
require 'open3'
require 'openssl'

# Double substitution for Electrum

# Put your best guess at your passphrase here
passphrase = '****************'

# The full path to your electrum.dat or default_wallet
wallet_file = 'C:\Users\Admin\Desktop\Brute\wallet.dat'

# Where to find Electrum.  Use 1.9.2!  Older versions may be incompatible.
$electrum = 'C:\Users\Admin\Desktop\Brute\electrum-1.9.5.exe'


def test(phrase)
  $cipher.reset
  $cipher.key = Digest::SHA256.digest(Digest::SHA256.digest(phrase))
  $cipher.update $seed
  $cipher.final
  puts phrase
  i,o,t = Open3.popen2e($electrum, "-o", "getseed")
  i.puts(phrase)
  i.close
  if t.value.success?
    puts "Found it! #{phrase}"
    exit
  end
rescue OpenSSL::Cipher::CipherError
end

def scramble(passphrase)
  characters = " !$'(),.ABCDEFGHIJKLMNOPQRSTUVWXYZ^abcdefghijklmnopqrstuvwxyz"
  list = []

  # transpose adjacent chars
  (passphrase.length - 1).times do |i|
    testphrase = passphrase.dup
    testphrase[i] = passphrase[i+1]
    testphrase[i+1] = passphrase[i]
    list << testphrase
  end

  # delete one char
  passphrase.length.times do |i|
    testphrase = passphrase.dup
    testphrase = testphrase[0,i] + testphrase[(i+1)..-1]
    list << testphrase
  end

  # substitutute one char
  passphrase.length.times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase[i] = c
      list << testphrase
    end
  end

  # insert one char
  (passphrase.length + 1).times do |i|
    characters.chars.each do |c|
      testphrase = passphrase.dup
      testphrase.insert(i, c)
      list << testphrase
    end
  end

  return list.uniq
end

wallet = File.read(wallet_file)
seed_base64 = wallet.match(/'seed': '([^']+)'/).captures.first
$seed = Base64.decode64(seed_base64)
$cipher = OpenSSL::Cipher.new('aes-256-cbc')
$cipher.iv = $seed.slice!(0,16)
Dir.chdir File.dirname $electrum
list1 = scramble(passphrase)
list1.each { |i| test i }
list1.each { |i| scramble(i).each { |j| test j }}
puts "No luck."
exit 1

[dbradley]

Rather than giving your whole wallet over to someone, just extract one keypair, preferably one for an address with 0 balance.  They can then crack it, but won't have access to all of your funds when they succeed.

[ihatepasswords]

Rather than giving your whole wallet over to someone, just extract one keypair, preferably one for an address with 0 balance.  They can then crack it, but won't have access to all of your funds when they succeed.

I just need a working script and i can do it myself, is OP going to come back?

[Pasco60]

Can anybody help me?
https://bitcointalk.org/index.php?topic=395282

[wileecotye]

Hi -all Newbie here
i have done the stupid thing and forgotten my password to my litecoin wallet

have tried all the scripts here on the site and can only get one to run
i need a script that i know the first 9 charasters but not the rest could be unto 9 long
have managed to get one script from page 2 working in a linux platform

can some provide a script that can run various letters and number for the rest of the password please

[tazja]

Hello I opened a wallet long ago i have 0.8 btc, I absolutely remember not the password, I just know that I put 10 characters with uppercase in the word. Is it possible to have a script that test every possible combination of word 10 character?

[Revalin]

edit: i added some random word in the initial password and it did the same thing, said found it! but of course it was the wrong password. It seems to think the first guess is the right one.

That's strange.  Try running this script and paste the output into this thread.

Code:

#!/usr/bin/ruby
require "open3"
$electrum = 'C:\Users\Admin\Desktop\Brute\electrum-1.9.5.exe'
i,o,t = Open3.popen2e($electrum, "-o", "getseed")
i.puts "wrong-password"
i.close
puts o.read.inspect
puts t.value.inspect

[Revalin]

i need a script that i know the first 9 charasters but not the rest could be unto 9 long

Hello I opened a wallet long ago i have 0.8 btc, I absolutely remember not the password, I just know that I put 10 characters with uppercase in the word. Is it possible to have a script that test every possible combination of word 10 character?

It's not feasible to guess completely random passphrases.  Here are how many days it it will take with one CPU:

Code:

   passphrase length            lowercase         alphanumeric        any character
                   1                 0.00                 0.00                 0.00
                   2                 0.00                 0.00                 0.00
                   3                 0.00                 0.03                 0.10
                   4                 0.05                 1.71                 9.43
                   5                 1.38               106.03               895.58
                   6                35.75              6574.10             85080.08
                   7               929.61            407594.28           8082607.59
                   8             24169.80          25270845.55         767847721.40
                   9            628414.78        1566792424.34       72945533532.94
                  10          16338784.22       97141130308.84     6929825685629.39

Even with a large budget (thousands of CPUs or GPUs) you could only do 6 or 7 characters.

It's only possible to crack a passphrase when you know most of it and the unknown part is constrained.  That's why I have so many custom tailored scripts in this thread - each targets a narrow pattern which could be identified.

[artibaton]

Could you help me with a script Revalin? I have tried some of the ones listed earlier but did not  help me find my password.
I know the first 7 characters with 100%. Following is 2 words. I have a list of words for words_1 and words_2, I might have also used either a ! or ^^ at the end.
Ex: Known(Words_1)(Words_2)(special)

Thanks!

[Revalin]

Could you help me with a script Revalin? I have tried some of the ones listed earlier but did not  help me find my password.
I know the first 7 characters with 100%. Following is 2 words. I have a list of words for words_1 and words_2, I might have also used either a ! or ^^ at the end.
Ex: Known(Words_1)(Words_2)(special)

Thanks!

Here you go:

Code:

#!/usr/bin/ruby -w
require 'net/http'
require 'json'

$rpc_pass = "some-password"
passphrase = 'IKnowThisPart'
words_1 = ['one', 'two', 'three']
words_2 = ['btc', 'ltc', 'usd']
words_3 = ['', '!', '^^']

def test(passphrase)
  puts passphrase.inspect
  request = Net::HTTP::Post.new("/")
  request.basic_auth "", $rpc_pass
  request.body = { method:"walletpassphrase", params:[passphrase, 1] }.to_json
  response = Net::HTTP.new("localhost", 8332).request(request)
  if response.code == "401" ; puts "Incorrect RPC user/pass" ; exit 1 ; end
  ret = JSON.parse response.body
  if ret["error"].nil? ; puts "\nFound it! #{passphrase.inspect}" ; exit ; end
  return if ret["error"]["code"] == -14 # wrong passphrase
  raise "WTF? #{ret.inspect}"
end

words_1.each do |w1|
  words_2.each do |w2|
    words_3.each do |w3|
      test(passphrase + w1 + w2 + w3)
    end
  end
end

puts "No luck."
exit 1

[ihatepasswords]

edit: i added some random word in the initial password and it did the same thing, said found it! but of course it was the wrong password. It seems to think the first guess is the right one.

That's strange.  Try running this script and paste the output into this thread.

Code:

#!/usr/bin/ruby
require "open3"
$electrum = 'C:\Users\Admin\Desktop\Brute\electrum-1.9.5.exe'
i,o,t = Open3.popen2e($electrum, "-o", "getseed")
i.puts "wrong-password"
i.close
puts o.read.inspect
puts t.value.inspect

Ran from the command prompt:

C:\Documents and Settings\Administrator\Desktop\Brute>tryagain.rb
"Error: Wallet file not found.\nType 'electrum create' to create a new wallet, o
r provide a path to a wallet with the -w option\n"
#<Process::Status: pid 712 exit 0>

Wallet, electrum, and script all in same folder.

i tried adding the -w flag in different ways pointing to the wallet file but it kept throwing syntax errors.

[Revalin]

i tried adding the -w flag in different ways pointing to the wallet file but it kept throwing syntax errors.

Try changing this:

i,o,t = Open3.popen2e($electrum, "-o", "getseed")

To this:

i,o,t = Open3.popen2e($electrum, "-w", "electrum.dat", "-o", "getseed")

Or this:

i,o,t = Open3.popen2e($electrum, "-w", 'C:\Users\Admin\Desktop\Brute\electrum.dat', "-o", "getseed")

[tazja]

Thank you for answering me. If I know that I probably put 10 characters with a capital letter at the beginning and  2 number at the end without knowing what it was, I have a chance to find the password with a script?

[Revalin]

Thank you for answering me. If I know that I probably put 10 characters with a capital letter at the beginning and  2 number at the end without knowing what it was, I have a chance to find the password with a script?

1 capital letter == 26^1 == 26
2 digits == 10^2 == 100
7 mixed case == 52^7 == 1028071702528

26 * 100 * 1028071702528 == 2672986426572800

2672986426572800 passwords / 10 passwords per second == 8,470,364 years

[IanFoxley]

Can someone try and help me get my 42 coin wallet to open again. I encrypted the wallet earlier today and then later on wanted to send transaction but now it says password is incorrect. I have tried to get some of the other solutions working from this thread but am finding it difficult.

Any help would be appreciated, thanks