Bitcoin Forum
June 16, 2024, 08:57:00 PM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: wallet password brute force  (Read 2499 times)
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 16, 2015, 07:03:00 PM
 #1

just done something really stupid   

Got an email from support@localbitcoin.com saying my account had been flagged for fraudulent activity.

checked my account and nothing, opened up electru grabbed an address and then send my funds to the wallet. incoming transaction.

check the support desk no ticket. check back at email and obviously the link contains a hidden phishing address, phew close call but all is safe.

Go to electrum to send my funds back over to LBTC, need them to have online adverts active, upon entering the password all i get is invalid.

Turns out i sent them to a wallet that was generated on the 6th of December on my run around laptop and i don't appear to know the password at the moment   tried several combinations but nope..... must have been feeling smart that day and NO i did not right down the seed as i was actually generating the wallet whilst giving my friend a step by step run down on how to setup electrum, why i didn't follow my own instructions of remembering password and keeping a copy of the seed safe i will probably never live down  


who's the local brute force expert?
Racey
Legendary
*
Offline Offline

Activity: 1134
Merit: 1000


Soon, I have to go away.


View Profile
February 16, 2015, 07:19:37 PM
 #2

I got a similar mail a few weeks ago.
Did you have any dealings with cloud mining scams?
If so I guess that would be the source of the phishing.
They, the scammers apparently had a guess AS to whether I had a Coinbase account or not.

I also got a phishing mail from a fake Blockchain site, I reported the mail to  https://blockchain.zendesk.com/
They confirmed my suspicions.


Hi,

A recent review of our accounting system has shown that we may have had a security breach which contained one of our hot wallets. we are currently unsure how many users this has affected and ask that everyone checks to ensure they still have access to their funds.

Coinbase Login

If you do not have access to your funds please contact support immediately so that we can check our logs and ensure you have the correct amount of funds.

Please rest assured that we have funds in cold storage to cover any loss.

Respectfully,

Coinbase
Compliance Team

And its gone.
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 16, 2015, 07:44:34 PM
 #3

I got a similar mail a few weeks ago.
Did you have any dealings with cloud mining scams?
If so I guess that would be the source of the phishing.
They, the scammers apparently had a guess AS to whether I had a Coinbase account or not.

I also got a phishing mail from a fake Blockchain site, I reported the mail to  https://blockchain.zendesk.com/
They confirmed my suspicions.


Hi,

A recent review of our accounting system has shown that we may have had a security breach which contained one of our hot wallets. we are currently unsure how many users this has affected and ask that everyone checks to ensure they still have access to their funds.

Coinbase Login

If you do not have access to your funds please contact support immediately so that we can check our logs and ensure you have the correct amount of funds.

Please rest assured that we have funds in cold storage to cover any loss.

Respectfully,

Coinbase
Compliance Team


Actually, it was a fresh email addy generated today dedicated for lbtc and attached to my lbtc advert after 2 years of having a none independent account and then I got my first phishing link
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 16, 2015, 09:17:26 PM
 #4

did i post this in the wrong place or something?

I have not even had any noob accounts pm  asking me to said them the .dat file and my password history since 1995
jeffhuys
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
February 16, 2015, 09:47:47 PM
 #5

Like I said in the other thread, try this:
https://github.com/gurnec/btcrecover

 Smiley

Hope that fixes your problem... And if not, I hope you didn't lose too much BTC.

elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 16, 2015, 09:57:56 PM
 #6

Like I said in the other thread, try this:
https://github.com/gurnec/btcrecover

 Smiley

Hope that fixes your problem... And if not, I hope you didn't lose too much BTC.

0.1btc is the other mans 100btc, but  for me i can handle the prolonged security of a small portion of the hodlings, i have the .dat file.

still it frustrated me to know i might be the cause of some "lost" bitcoins. The fact on the 6th of December i typed a password in twice and cannot remember it annoys me. I even looked back in a chat log and it was the 6th of December i gave me friend a teamviewer tutorial, so i do know that is when i generated the wallet, i just don't know what i set as the stupid flyby tutorial password. what a stupid thing to do.....
Borisz
Sr. Member
****
Offline Offline

Activity: 476
Merit: 251



View Profile
February 16, 2015, 10:09:11 PM
 #7

I got a similar mail a few weeks ago.
Did you have any dealings with cloud mining scams?
If so I guess that would be the source of the phishing.
They, the scammers apparently had a guess AS to whether I had a Coinbase account or not.

I also got a phishing mail from a fake Blockchain site, I reported the mail to  https://blockchain.zendesk.com/
They confirmed my suspicions.


Hi,

A recent review of our accounting system has shown that we may have had a security breach which contained one of our hot wallets. we are currently unsure how many users this has affected and ask that everyone checks to ensure they still have access to their funds.

Coinbase Login

If you do not have access to your funds please contact support immediately so that we can check our logs and ensure you have the correct amount of funds.

Please rest assured that we have funds in cold storage to cover any loss.

Respectfully,

Coinbase
Compliance Team


That email...Thanks for the heads up!

@OP: I'm not sure how many coins you have sent to the wrong address, maybe you should look into specialized services for recovering forgotten wallet passwords?
http://www.walletrecoveryservices.com/
They claim that they can help if you roughly know the password (Never used them personally, just an example)
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 12:09:14 PM
 #8

Like I said in the other thread, try this:
https://github.com/gurnec/btcrecover

 Smiley

Hope that fixes your problem... And if not, I hope you didn't lose too much BTC.

WOW the tutorial is semi mind boggling when hungover, like reading a foreign language right now
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 12:45:38 PM
 #9

where am i going wrong?

Tsquared
Hero Member
*****
Offline Offline

Activity: 500
Merit: 501


http://digitalcoin.org/


View Profile WWW
February 17, 2015, 01:45:09 PM
 #10

Did you create the password while doing the demo? Have you asked your friend you were doing the demo for if he remembers the password?

This is very non technical and old school, but...

When you finally get a password you've forgotten, you almost always have that "face palm" moment of realization, right? That's because you never forgot the password, you were simply unable to recall it. Meditate on it. Put yourself in a quiet place with no distractions and replay that day. Think about what you did that day, who you talked to, what you said, what you ate, the things that were around you, and try to revisit that moment when you created the password. If you think of any possibilities, just write them down, don't stop and try them because that will create frustration and it'll break your concentration.

Point is, you already know the password, and given the right stimulus you can remember it.

Good luck.

TT
Borisz
Sr. Member
****
Offline Offline

Activity: 476
Merit: 251



View Profile
February 17, 2015, 02:04:53 PM
 #11

where am i going wrong?


Quote
--https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#running-btcrecover--
You will need to run btcrecover.py with at least two command-line options, --wallet FILE to identify the wallet file name and either --tokenlist FILE or --passwordlist FILE (the FILE is optional for --passwordlist), depending on whether you're using a Token File or Passwordlist.

Did you run it as,
Code:
btcrecovery.py --wallet wallet.dat --passwordlist passwordlist.txt

or how did you try to run it?
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 02:11:54 PM
 #12

where am i going wrong?
Quote
--https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#running-btcrecover--
You will need to run btcrecover.py with at least two command-line options, --wallet FILE to identify the wallet file name and either --tokenlist FILE or --passwordlist FILE (the FILE is optional for --passwordlist), depending on whether you're using a Token File or Passwordlist.

Did you run it as,
Code:
btcrecovery.py --wallet wallet.dat --passwordlist passwordlist.txt

or how did you try to run it?

just by double clicking the btcrecover.py with the btcrecover-tokens-auto.txt placed in the same directory.

running it via a command prompt with extra commands is getting me nowhere.

payment is offered to anyone who can give me a team viewer tutorial using the test wallets as i am clueless Smiley

yes i am better with visual instruction....
Borisz
Sr. Member
****
Offline Offline

Activity: 476
Merit: 251



View Profile
February 17, 2015, 02:19:00 PM
 #13

where am i going wrong?
Quote
--https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#running-btcrecover--
You will need to run btcrecover.py with at least two command-line options, --wallet FILE to identify the wallet file name and either --tokenlist FILE or --passwordlist FILE (the FILE is optional for --passwordlist), depending on whether you're using a Token File or Passwordlist.

Did you run it as,
Code:
btcrecovery.py --wallet wallet.dat --passwordlist passwordlist.txt

or how did you try to run it?

just by double clicking the btcrecover.py with the btcrecover-tokens-auto.txt placed in the same directory.

running it via a command prompt with extra commands is getting me nowhere.

payment is offered to anyone who can give me a team viewer tutorial using the test wallets as i am clueless Smiley

I think this could be solved without teamviewer as well  Wink

1. Take a copy of your wallet.dat file (or example file) and copy it to the the directory where you downloaded btcrecovery-master.
2. Open a command prompt
3. As per the guide, do the following (assuming default Download location):
copy these commands one at a time to the command prompt window
Code:
cd \Users\YOUR_USERNAME\Downloads\btcrecover-master
C:\python27\python btcrecover.py --wallet wallet.dat --tokenlist btcrecover-tokens-auto.txt
4. You should see some output

If it doesn't work I can try to help over teamviewer too.
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 02:37:19 PM
 #14

thanks! It appears to be working away and it found the password in seconds!!!
Borisz
Sr. Member
****
Offline Offline

Activity: 476
Merit: 251



View Profile
February 17, 2015, 02:41:23 PM
 #15

thanks! It appears to be working away and it found the password in seconds!!!

You see you don't need Teamviewer right away  Wink

These software often don't have GUI support and hence you cannot really run them with doubleclisk as they will simply show a command prompt for a second and then quit. This is due to the lack of a GUI.

Similar software have to be run by firstly opening a command prompt and and then calling the software from within.

Anyway, happy coin recovery! Glad it found the password so fast!
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 02:42:09 PM
 #16

what an amazing little tool! the devs are getting a donation from me for sure!

Tsquared
Hero Member
*****
Offline Offline

Activity: 500
Merit: 501


http://digitalcoin.org/


View Profile WWW
February 17, 2015, 02:44:37 PM
 #17

Out of curiosity, did you remember the password after seeing what it actually was?

TT
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 02:45:18 PM
 #18

thanks! It appears to be working away and it found the password in seconds!!!

You see you don't need Teamviewer right away  Wink

These software often don't have GUI support and hence you cannot really run them with doubleclisk as they will simply show a command prompt for a second and then quit. This is due to the lack of a GUI.

Similar software have to be run by firstly opening a command prompt and and then calling the software from within.

Anyway, happy coin recovery! Glad it found the password so fast!


I had a very definative list of words and numbers, just a complete random combination, especially for the situation in which it was created. I normally have a default simple password i use for the none important situations it was completely different though.

Againt hanks for the help and yes mostly user error on my part!
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 02:46:58 PM
 #19

Out of curiosity, did you remember the password after seeing what it actually was?

TT

I did not remember making it that combination no, the characters used were of course familiar.
elasticband (OP)
Legendary
*
Offline Offline

Activity: 1036
Merit: 1000


Nighty Night Don't Let The Trolls Bite Nom Nom Nom


View Profile
February 17, 2015, 02:50:52 PM
 #20

donation sent to their public listed BTC address - https://blockchain.info/tx/9966feba6c9234e1f99ada2ebf5f6681033969dd43c56050b5b789ff2dc64666


THANK YOU SO MUCH to the developers
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!