01-05-2021, 09:39 PM
(01-02-2021, 11:33 PM)Audien1990 Wrote: Hello everyone.
I´m here because I don´t remember my blockchain wallet password and just found this awesome tool but I have some dubts, I'm totally noob.
Following some tutorials I'm now able to run hashcat. But I have some concerns about Hash-mode 15200, which deals with Blockchain wallet v2 hashes.
I created a new account in Blockchain.com, and saved the password this time, to test hashcat with some of it's parameters. I'm usgin a brute force attack.
This are my hashes:
The wallet from which I don't know anything about the password (you can say that Im trying to crack some else password but this is not the case) I just forgot what kind of password I used then, and I exhasuted my first option, I mean I usually use some key tokens in my passwords, I never use dictionary words e.g. first token = Lkjh + second token = 2 or 3 random letters + third token = $ symbol + fourth token = 22
The result should look something like this and the only variable token is the one in the middle
Lkjhhc$22
So I've tried diferent masks like
Lkjh?a?a$22
Lkjh?a?a?a$22
Lkjh?a?a?a?a$22
Lkjh?a?a?a?a?a$22
Lkjh?a?a?a?a?a?a$22
Even the masks
L?a?a?a?a?a$22
L?a?a?a?a?a?s?d?d (this one with an imcrement)
But the results have been unsuccessful with this hash:
$blockchain$v2$5000$1488$76a1862e3b63969fcca0d702909bcdd143bfb093e8ab06539ed6...
this hash has a lenght of 2796
The new account which I recently created for test purpouses has the same password characteristics as describe above and has this hash:
$blockchain$v2$5000$1008$c1c5107939395edc07e5a9a1606288516a287f21bd4bc837dc8ae...
but this hash has a lenght of 2016
I tried the masks above and the search is always sucessful.
The example mentioned here is:
$blockchain$v2$5000$288$06063152445005516247820607861028813ccf6dcc5793...
and has a lenght of 576
So my questions are:
Does this number means anything? $blockchain$v2$5000$1488$... besides the hash and its lenght is the only thing that changes within the above 3 hashes.
And second, why the hash lengh changes? I mean, in my understanding, if you apply a hash operation to a password, for example md5, the lenght of the hash must remain the same despite the lenght of the password am I alright?
So, why with this kind of hash the lenghts are different?
And finally, since my second source of password are randomly generated from a tool with a fixed lenght of 12 chars, I'm now trying this mask:
?a?a?a?a?a?a?a?a?a?a?a?a?
I'm no pro myself but I have a decent understanding of the custom mask option as that is similar to what i'm trying.
For example when I run hashcat I run
Code:
sudo hashcat --custom-charset1 custom.hcchr --increment --increment-min=5 --increment-max=8 -a 6 dict.dict ?1?1?1?1?1?1?1?1?1
That would look for a password between 5 and 8 digits with only the digits I have set in the custom.hcchr file
You could do the same by doing something like
Code:
--custom-charset1 Lkjh --custom-charset2 abcdefghijk... --custom-charset3 $ --custom-charset4 2 dict.dict ?1?1?1?2?2?2?3?4?4
That should make it use just Lkjh for the first 4 digits, the entire alphabet for the next 3 then a $ and finally a 2.
That is at least what i'm understanding from your post, hopefully this helps or can lead you in the right direction