hashcat Forum

Full Version: Mode 11300
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hi,
I'm trying to understand how the hashcat's brute-force attack works for bitcoin wallets (11300). Until now, I have understood how decrypt the secret key:


Code:
data = pasw+salt
for i in range(rounds):
    data = sha512(data)
key = data[0:32]
iv = data[32:32+16]
dec = AES(key, CBC_MODE, iv).decrypt(cry_master)


But, how can I know that the decrypted key is the correct one?
the padding is known, we exploit this (padding attack, last few bytes 16 or 8 depending on the wallet type):

https://github.com/hashcat/hashcat/blob/...#L340-L352

or course you need to decrypt the full last blocks with the correct padding (not removing/replacing the padding, "none") to get the full decrypted block and see what the padding bytes are