+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Help on forgetting last few characters of keystore file (/thread-9901.html)
Help on forgetting last few characters of keystore file - Segap - 02-25-2021
Hi all ,
I may have screwed myself royally here and of course my own fault if I did
essentially I created a keystore file here https://zillet.io/create and have been able to login using the keystore file for many a moon so I didn't protect the private key as well as I should so it is unfortunately gone.
A keystore file was generated ( created a new one for example )
Code:
{"address":"0xC674a4ead8D1DDfdF8cf3B8f15Fb0047972595db","crypto":{"cipher":"aes-128-ctr","cipherparams":{"iv":"5cd0882cfd7045e4b95a94ad718b6632"},"ciphertext":"5a4c9fa4e95609b77390528df9167543e847fb0f7d2d0edb294ac13ded4a7005","kdf":"scrypt","kdfparams":{"salt":"7c772a821e9ec3f81c02cd3b31ed715980baa3b8a94d86863b16f464a32a1e01","n":8192,"c":262144,"r":8,"p":1,"dklen":32},"mac":"dcdf189435adc6a7e5bbc9822e63ac4bfc4475b14d7b1145d8335008771a2a50"},"id":"64623864-3631-4666-b532-323933323237","version":3}Now for this the password is
a0204060B*_PASSWORD
In my real life scenario the password is obviously different but lets say
- I am 99% confident the password begins with
a0204060B*_PASS and has 3 to 5 extra characters ( definitely characters)
- I am 90% confident the password begins with
a0204060B_PASS and has 3- 5 extra characters ( definitely characters)
- I am 70% the password begins with
[aA]0204060[bB]*_[pP][aA][sS][sS]
or
[aA]0204060[bB]_[pP][aA][sS][sS]
Would there be any way for hashcat to brute force this or have I any hope?
I think it’s using scrypt and I know hashcat supports scrypt, but how do I extract the target hash here??
It seems that maybe there is no hash here to extract and the scrypt PBKDF just runs to generate key material and then pushes that into AES CTR?