01-03-2018, 10:53 AM
01-03-2018, 11:48 AM
You need to download this file: https://raw.githubusercontent.com/magnum...um2john.py (Save as "ethereum2john.py" without quotes).
then run it with python 2.7 (you can download python 2.7 also for windows, make sure that you set up the PATH environment variable and use cmd to run it)
after that you need to make sure the output looks similar to the example hashes here: https://hashcat.net/wiki/example_hashes (you need to remove the file names from the output if present)
There are three ethereum hash modes supported by hashcat:
- 15600 = Ethereum Wallet, PBKDF2-HMAC-SHA256 (the output of ethereum2john starts with $ethereum$p)
- 15700 = Ethereum Wallet, SCRYPT (the output of ethereum2john starts with $ethereum$s)
- 16300 = Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 (the output of ethereum2john starts with $ethereum$w)
You need to choose the correct hash mode depending on the start of your hash (e.g if it starts with "$ethereum$s" (without quotes) you need to use -m 15700)
The command that you need to run could be as simple as this:
Note: -m 15700 is just an example here (choose the one that matches with your output of ethereum2john.py). -a 0 means dictionary attack mode, i.e. every line within the file dict.txt is a password and each of these passwords should be tried. The file hash.txt contains the output of ethereum2john.py (but without the file names and colons)
then run it with python 2.7 (you can download python 2.7 also for windows, make sure that you set up the PATH environment variable and use cmd to run it)
Code:
python ethereum2john.py your_json_file.json
after that you need to make sure the output looks similar to the example hashes here: https://hashcat.net/wiki/example_hashes (you need to remove the file names from the output if present)
There are three ethereum hash modes supported by hashcat:
- 15600 = Ethereum Wallet, PBKDF2-HMAC-SHA256 (the output of ethereum2john starts with $ethereum$p)
- 15700 = Ethereum Wallet, SCRYPT (the output of ethereum2john starts with $ethereum$s)
- 16300 = Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256 (the output of ethereum2john starts with $ethereum$w)
You need to choose the correct hash mode depending on the start of your hash (e.g if it starts with "$ethereum$s" (without quotes) you need to use -m 15700)
The command that you need to run could be as simple as this:
Code:
hashcat -m 15700 -a 0 -w 3 hash.txt dict.txt
Note: -m 15700 is just an example here (choose the one that matches with your output of ethereum2john.py). -a 0 means dictionary attack mode, i.e. every line within the file dict.txt is a password and each of these passwords should be tried. The file hash.txt contains the output of ethereum2john.py (but without the file names and colons)
01-03-2018, 12:49 PM
dklen":32,"n":262144,"p":1,"r":8 ??????
- 15600 = Ethereum Wallet, PBKDF2-HMAC-SHA256 (the output of ethereum2john starts with $ethereum$p)
- 15600 = Ethereum Wallet, PBKDF2-HMAC-SHA256 (the output of ethereum2john starts with $ethereum$p)
01-03-2018, 12:58 PM
No, the parameters N, r, p are only used with scrypt. Therefore it can't be -m 15600
Did you even do what I told you ? Did you run the python interpreter with the ethereum2john.py file and the json file?
Did you even do what I told you ? Did you run the python interpreter with the ethereum2john.py file and the json file?
01-03-2018, 01:11 PM
(01-03-2018, 12:58 PM)philsmd Wrote: [ -> ]No, the parameters N, r, p are only used with scrypt. Therefore it can't be -m 15600
Did you even do what I told you ? Did you run the python interpreter with the ethereum2john.py file and the json file?
and the files in the key after * are these parameters?
[all hashes removed by philsmd]
?????????[/b][/font][/size][/color]
?????????
string sequence *?
01-03-2018, 01:48 PM
aaa, the code automatically extracts everything! Thank you!
01-07-2018, 07:31 PM
Hi philsmd
Can you help me with almost the same problem? I know the symbols which I used in a password, and I tried to brut password with the mask. But brut does not start on my mining rig on the algorithm 15600 and 15700. I read on GitHub to brut Ethereum wallet need a lot of video memory like 1080ti 11Gb. Can I brut the password on cards RX470 4Gb?
Can you help me with almost the same problem? I know the symbols which I used in a password, and I tried to brut password with the mask. But brut does not start on my mining rig on the algorithm 15600 and 15700. I read on GitHub to brut Ethereum wallet need a lot of video memory like 1080ti 11Gb. Can I brut the password on cards RX470 4Gb?
01-08-2018, 08:43 AM
Hi all, please check this BUG with Ethereum: https://github.com/ethereum/mist/issues/2411
As it turns out, Ethereum has fucked up the password generation of SOME wallets?!
So, my question is if Hashcat will none the less determine the password correctly, yet Ethereum wallets cannot open? Really, I want to know if I did forget my password, or that Ethereum has screwed it up.
Any smart people able to check out this official GitHub bug and compare that to the abilities of Hashcat?
As it turns out, Ethereum has fucked up the password generation of SOME wallets?!
So, my question is if Hashcat will none the less determine the password correctly, yet Ethereum wallets cannot open? Really, I want to know if I did forget my password, or that Ethereum has screwed it up.
Any smart people able to check out this official GitHub bug and compare that to the abilities of Hashcat?
03-06-2018, 06:23 PM
(01-08-2018, 08:43 AM)solace Wrote: [ -> ]Hi all, please check this BUG with Ethereum: https://github.com/ethereum/mist/issues/2411
As it turns out, Ethereum has fucked up the password generation of SOME wallets?!
So, my question is if Hashcat will none the less determine the password correctly, yet Ethereum wallets cannot open? Really, I want to know if I did forget my password, or that Ethereum has screwed it up.
Any smart people able to check out this official GitHub bug and compare that to the abilities of Hashcat?
Hello, I'm stuck with my wallet, the password is there, but for some reason it does not work, although this password was last approached 2 years ago, hashcat64.exe -m15700 $ ethereum $ s * 262144 * 8 * 1 * salt * ciphertext * mac yes yes me 262144 tell me why it's better to brute, is there any such equipment already?
so you are not alone, can learn how to solve this problem write me, thanks
03-06-2018, 07:30 PM
The guys at onlinehashcrack.com have a ethereum hash extractor, if you are lazy to install python on your own.
They *may* be able to crack it as well, I did not try them yet.
Of course don't give them your wallet file, but just the hash. I guess (?) you cannot recover a private key with only the hash ? To be confirmed.
They *may* be able to crack it as well, I did not try them yet.
Of course don't give them your wallet file, but just the hash. I guess (?) you cannot recover a private key with only the hash ? To be confirmed.