Wallet.dat recovery
#3
(01-11-2020, 12:56 AM)slyexe Wrote: https://hashcat.net/wiki/doku.php?id=hashcat has all the answers you're looking for.

1. See -help: Usage: hashcat [options]... hash|hashfile|hccapxfile [dictionary|mask|directory]...
2. Hashcat has 3 status' : Running, Cracked, Exhausted
3. Also on the wiki https://hashcat.net/wiki/doku.php?id=mask_attack
4. Also on the wiki https://hashcat.net/wiki/doku.php?id=rule_based_attack
5. Also on the wiki https://hashcat.net/wiki/doku.php?id=restore

Bitcoin wallets are a very slow hash, unless you have a general idea of what your password is with very few alterations you should have no issues recovering it. Bruteforcing a wallet is nearly impossible after guessing more than 5 characters so again as I mentioned, unless you have a general idea you're not going to have any luck bruteforcing a large keyspace. 

To get a general idea of your timespan heres the example hash  running rockyou.txt /w best64.rule on 1070. 
Code:
Session..........: hashcat
Status...........: Running
Hash.Type........: Bitcoin/Litecoin wallet.dat
Hash.Target......: $bitcoin$96$d011a1b6a8d675b7a36d0cd2efaca32a9f8dc1d...760525
Time.Started.....: Fri Jan 10 16:51:04 2020 (3 secs)
Time.Estimated...: Tue Jan 14 22:19:39 2020 (4 days, 5 hours)
Guess.Base.......: File (rockyou.txt), Left Side
Guess.Mod........: File (rules/best64.rule), Right Side
Speed.#1.........:    4005 H/s (5.91ms) @ Accel:64 Loops:16 Thr:256 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/1463127168 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/14344384 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:7136-7152
Candidates.#1....: 123456## nothing, reverse, case... base stuff -> dolphins6## nothing, reverse, case... base stuff
Hardware.Mon.#1..: Temp: 37c Fan: 23% Util: 97% Core:2075MHz Mem:4104MHz Bus:16

Thanks for answers.

Could you send me code line for .bat file where I include:
- .txt candidates file 
- with output file and 
- mask attacks

...and another one with all above mentioned just with bruteforce.

It looks like I put it on stock bruteforce and it is working but as you said it wouldnt help much.

Thanks again

EDIT: OK I did it, but next question is how to use it with combination of password parameters, so for example if have two pass try21 and example22 to make combination of every letter and numbers?
Reply


Messages In This Thread
Wallet.dat recovery - by Frang - 01-10-2020, 05:07 PM
RE: Wallet.dat recovery - by slyexe - 01-11-2020, 12:56 AM
RE: Wallet.dat recovery - by Frang - 01-11-2020, 10:28 AM
RE: Wallet.dat recovery - by slyexe - 01-12-2020, 03:07 AM
RE: Wallet.dat recovery - by digitalhussar - 02-16-2020, 09:27 PM
RE: Wallet.dat recovery - by roma - 09-23-2021, 06:43 PM
RE: Wallet.dat recovery - by z. - 12-29-2021, 11:11 PM
RE: Wallet.dat recovery - by bitcoinpassword - 03-13-2022, 08:56 PM
RE: Wallet.dat recovery - by monyanus - 03-17-2022, 11:53 AM