+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: mask attack blockchain wallet (/thread-11171.html)
mask attack blockchain wallet - robinh007d - 12-07-2022
We have attempted to brute force the password for a blockchain wallet from 2013.
We have used blockchain2john.py to create a $blockchain$ hash.
We also do not know how much is in the wallet, it could be 0.
We are using the command: ./hashcat blockchain.hash -a3 -w4 -i
Our hashcat rig has got to 10 characters and now we realise this is indeed a very long time to complete :-)
We know the password is a mixture of lowercase/uppercase/numbers/symbols.
We think its a capital letter word followed by 2 numbers and a symbol but unsure on the symbol.
For example, there are no $ or [ in the password.
We have narrowed the symbol used down to some possibilities: !, ;, : and @
So now we are going to try a combination/mask attack.
Our questions at this time:
How can we produce a mask attack that excludes all symbols except a few?
How can we produce something that will suit our needs?
How do we know if our commands passed into hashcat are working?
What is an example command for hashcat for a blockchain wallet?
Can we find the address without cracking the password?
Thanks
RE: mask attack blockchain wallet - marc1n - 12-07-2022
Use mask attack https://hashcat.net/wiki/doku.php?id=mask_attack
RE: mask attack blockchain wallet - robinh007d - 12-07-2022
(12-07-2022, 12:47 AM)marc1n Wrote: Use mask attack https://hashcat.net/wiki/doku.php?id=mask_attack
Thanks. We have read the wiki for mask attack but we are unable to figure out how to specify reduced amount of symbols to use.
RE: mask attack blockchain wallet - slyexe - 12-07-2022
You will be required to create customer character sets. That would require to define parameters -1 to -4 for different case usage. So for example if you know the first letter is a capital and most likely not a vowel you can create that by defining -1.
Code:
hashcat -a 3 -m xxx -1 BCDFGHJKLMNPQRSTVWXYZ hashfile ?1By defining -1 you can use it as you would any other specific character maskset using "?" and the number appended to that custom set. So to define 2 sets and use them in conjunction would be as the following:
Code:
hashcat -a 3 -m xxx -1 BCDFGHJKLMNPQRSTVWXYZ -2 !@#$%^&* hashfile ?1?l?l?l?l?l?l?d?d?2The last snippet you would receive a password beginning with a uppercase then 6 lower case followed by 2 digits and finally a limited special character. Hope this helps.