05-14-2021, 09:03 AM
(05-14-2021, 08:56 AM)philsmd Wrote: answer 1: I guess that many users already tried to reproduce problems with certain specific versions of mist+geth, but realized that when installing the software versions freshly (even on a new PC etc), they didn't see any wrong or strange behaviour and everything was working as expected. (no automatic account creation, no locked up accounts, password was working etc etc etc).
So I guess many affected users tried to reproduce a bug (I don't have any exact number or stats, you could even ask the mist team, they even collected some "affected users" anonymized data on google forms back then), but always failed to make any clear conclusion about what could have gone wrong or at least weren't able to proof that there is/was some obvious bug. Could just be many users that don't remember the password (and some even don't remember that they had to insert a password ! ) . Again, all this can also turn out to be a wrong conclusion or a false statement, but only when a software bug was detected and the facts about the bug are sorted out.
answer 2: you stated above that you gave the private key to somebody. My guess/hope is that you only gave the encrypted keystore to a professional and trusted wallet recovery service... So please make sure first that your ethereum address still has some funds in it etc... otherwise all your work you put in to unlock the account is wasted if there are no more funds.
We have already stated a couple of times here, that it depends a lot on the wallet version and hash type, whether the GPU cracking should be done or if it would be better to crack the hashes with CPU only (scrypt based algorithms are better suited for CPU cracking, no GPU needed, because the scrypt algorithm itself is GPU-resistent). Just try to convince yourself by testing the speeds of different device/hardware types with --opencl-device-types (short -D, uppercase D).
I can't really remember if there was an user that has able to unlock the account after some rule-based attacks (or in general mangled passwords) against an scrypt-based ethereum wallet, but I'm pretty sure these cases exist (not everybody posts their success story after a successful cracking attack). In general, rule-based attacks are very efficient and crack a lot of hashes... but of course this hash algorithm is very heavy compared to other fast hash types that hashcat supports and therefore it's much more difficult to run a huge amount of rules against a large dictionary file.
That said, the rule-based attack (or any non-brute-force attack or any non-mask attack), as you probably already guessed, could still be much more efficient and with a much better success rate than other attacks. This of course depends on the randomness of the password itself, but in general even if for some fast hash types mask attacks are much faster, the efficiency and success rate of rule-based attacks (or combinator, hybrid attacks etc) is often much better and the only clever approach.
Yeah, think about the possible password candidates and patterns, create a middle to huge password list of several megabytes of candidates.... try to learn rule-based attacks (and other non-brute-force attack, https://hashcat.net/wiki/#core_attack_modes) and create your own specific rule file and run your CPU-based rig against the scrypt-based ethereum hash. Good luck
I have investigated this issue further and I am 100 % sure that i did not create an account in the wallet. Also in the topic there are lots of users reporting the same problem exactly in the month juni / july 2017.
I found old pictures in my database where i have taken pictures from the wallet , from the site where i bought ethereums , everything !! No password or so ..
What i have also discovered is that my wallet was active also in 2019 and on etherscan i found that tokens were sent to this address ? Could it be that i was on the solo network when sendig funds to this address ? I didnt want to “mine” or something , and i have never opened my wallet after transferring the funds.. how is it then possible that transactions were made for this specific address ?