I lost my second password blockchain.com. - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: I lost my second password blockchain.com. (/thread-8174.html) |
I lost my second password blockchain.com. - sakamoto - 02-21-2019 I lost my second password. Using btcrecover, I found the string "Blockchain second password hash, salt, and iter_count in base64". Blockchain second password hash, salt, and iter_count in base64: YnM6UtV42SCdSoI1ZU9UkftyxUwwoSysc98fv95J+RN+EveQQqV0cIFB3adB7W4N//FQiBMAANKIkNA= I want to decode this and extract the second password. Is there a way? Add information. I want to revive the second password of blockchain.com. Current situation, · It gets garbled when decoding with base64. · Since I am concerned about + and / contained in the string, I changed the shape. +→ %2B , / →%2F , = → %3 RE: I lost my second password blockchain.com. - sakamoto - 02-21-2019 I have consultation. I have lost the second password of the wallet. I have a hash of the second password, but can not you decode the hash and recover the second password? I will hand you 1 btc as a reward. (Please say it if it is missing, because I am in a hurry) RE: I lost my second password blockchain.com. - sakamoto - 02-21-2019 I do not know what this value (Blockchain second password hash, salt, and iter_count in base 64 is. password + salt So I do not know the number of digits, I can not attack brute force. (It takes too much time) There should be a reason why btc recovery has prepared a mechanism to issue this value (Blockchain second password hash, salt, and iter_count in base 64 . I want to investigate the reason. RE: I lost my second password blockchain.com. - Chick3nman - 02-21-2019 You must crack the second password. BTCRecover is capable of cracking said password and the base64 value you were given is required to crack the password, although I'm not sure if --extract allows for blockchain second passwords, i will need to double check on that. iirc the second password requires a second set of values that must be extracted after the top level master password is already known. RE: I lost my second password blockchain.com. - sakamoto - 02-22-2019 Blockchain second password hash, salt, and iter_count in base64: YnM6UtV42SCdSoI1ZU9UkftyxUwwoSysc98fv95J+RN+EveQQqV0cIFB3adB7W4N//FQiBMAANKIkNA= How do I decode this? It garbles as base64 RE: I lost my second password blockchain.com. - philsmd - 02-23-2019 Well, as you should already know by registering to this forum, it is not allowed to post hashes (https://hashcat.net/forum/announcement-2.html). It's a reason to ban you. In this case it's even worse because we don't know the password and also we do not know if you are trying to trick somebody to crack it for you. Back to the second password for blockchain.info: there is already a github issue over here: https://github.com/hashcat/hashcat/issues/1650 but there wasn't much interest about this algo so far and I think no dev looked into it yet (so far). I did some research now and the algorithm is quite straight forward. You basically first need to crack and decrypt your main wallet/password and after that you get a "guid" string etc. If there is a second password the decrypted string will have some info about the next step. You can read the full details here: https://github.com/gurnec/btcrecover/blob/master/docs/Extract_Scripts.md#blockchaininfo-second-passwords (credits of course go to this btcrecover project from gurnec, because without that I would be clueless what's going on, without any source code and documentation. Credits where credits are due). So btcrecover makes the process 2-fold too: 1. run python extract-scripts/extract-blockchain-second-hash.py wallet.aes.json to get this base64 string you are talking about all the time 2. python btcrecover.py --data-extract --passwordlist dict.txt (and here you interactively enter the base64 string at the start, before cracking) there is a signature within the decoded base64 string "bs:" such that btcrecover.py (the second step) recognizes that it is a blockchain second (bs) password cracking attempt. The format of the base64 decoded string is also quite straight forward: Code: echo -n YnM6LeP7peG853HnQlaGswlwpwtqXKwa/1rLyeGzvKNl9HpyjnaeTCZDAaC4LbJcVkxaECcAACwXY6w= | base64 | xxd -p here are my notes/annotations: Code: 62 73 3a bs: <- signature the crc32 check is done on the first 55 bytes (59 minus the 4 bytes checksum): Code: crc32 <(echo 62733a2de3fba5e1bce771e7425686b30970a70b6a5cac1aff5acbc9e1b3bca365f47a728e769e4c264301a0b82db25c564c5a10270000 | xxd -r -p) BTW: you can see here how the base64 string is generated by extract-scripts/extract-blockchain-second-hash.py: https://github.com/gurnec/btcrecover/blob/129c09d653bd21e0eb0989a53c0e15949e37cfff/extract-scripts/extract-blockchain-second-hash.py#L207 Now back to the algorithm details. There are older algorithms for this second blockchain.info password too (see https://github.com/gurnec/btcrecover/blob/129c09d653bd21e0eb0989a53c0e15949e37cfff/btcrecover/btcrpass.py#L2163-L2178), but the current one is just some iterations of sha256 hashes, after concatenating the converted salt (UUID) and the password, see: https://github.com/gurnec/btcrecover/blob/129c09d653bd21e0eb0989a53c0e15949e37cfff/btcrecover/btcrpass.py#L2157-L2159) The final hash must match the extracted "hash" from the main password decryption (https://github.com/gurnec/btcrecover/blob/129c09d653bd21e0eb0989a53c0e15949e37cfff/btcrecover/btcrpass.py#L2160). There are also some example hashes (credits go to the people from the btcrecover project of course, again): YnM6LeP7peG853HnQlaGswlwpwtqXKwa/1rLyeGzvKNl9HpyjnaeTCZDAaC4LbJcVkxaECcAACwXY6w=:btcr-test-password YnM6ujsYxz3SE7fEEekfMuIC1oII7KY//j5FMObBn7HydqVyjnaeTCZDAaC4LbJcVkxaCgAAACsWXkw=:btcr-test-password YnM6/e8Inpbesj+CYE0YvdXLewgN5UH9KFvliZrI43OmYnyHbCa71RBD57XO0CbuADDTCgAAACCVL/w=:btcr-тест-пароль (this is base64string:password notation) I have also written a POC, just to make it very clear (this is of course a slow single-threaded cracking script, don't compare the speeds or blame me for the bad code PLEASE ): blockchain_second_password.pl : Code: #!/usr/bin/env perl Code: cat dict.txt Code: ./blockchain_second_password.pl YnM6LeP7peG853HnQlaGswlwpwtqXKwa/1rLyeGzvKNl9HpyjnaeTCZDAaC4LbJcVkxaECcAACwXY6w= dict.txt I think we could implement this in hashcat and we could get a quite fast speedup by using GPUs. Maybe if more people show interest at the current github issue (https://github.com/hashcat/hashcat/issues/1650), we will consider adding it. My only concern is that we probably would also need to add the older ones too, I didn't research how widespread the older ones are (or their relative distribution and or date/year they were generated/used with each and every version). update: this algorithm and new hash type was added to hashcat. see https://github.com/hashcat/hashcat/issues/1650#issuecomment-466670491 and https://github.com/hashcat/hashcat/commit/d0d4ce9f8c0e99806466457701f2cc75f98ef00a RE: I lost my second password blockchain.com. - sakamoto - 02-28-2019 I think sha256 is irreversible, but can you decode it? I can not do anything wrong. How can I proceed well? For beginners, I want you to tell me politely. I want you to exchange it directly. [private email addresses removed for privacy reasons by mod] RE: I lost my second password blockchain.com. - anhday22 - 02-28-2019 Inbox me. [scammy sounding contact address removed by phil] RE: I lost my second password blockchain.com. - philsmd - 02-28-2019 I close this thread because it's getting ridiculous. private mail addresses and advertisement of scammy (sounding) cryptocurrency wallet recovery services. This is not a forum where you post ads like this |