01-18-2023, 11:08 PM
I have a Coinbase seed phrase backup which is purportedly encrypted with AES-256-GCM encryption. The 12 word seed phrase looks like this test backup: 1WKkQX7s_T3E3zDvijWhOBarbzzXfDSY+fL7rsYgYEA= I would like to use Hashcat to attempt to crack the password that will unlock the seed phrase, but it seems like there is a lot going on here. I am assuming that the whole 12 words isn't being encrypted because I think it would not be possible to store this in 44 characters. Perhaps the first few letters of each BIP39 word is encrypted. Does anyone have experience with this or know how I might get started?
Here is how Coinbase explains thier google drive backup: "As an added safeguard, we built an encrypted Google Drive and iCloud feature so you can back up your recovery phrase."
When I tested it, I was able to restore the seed phrase using only the text "1WKkQX7s_T3E3zDvijWhOBarbzzXfDSY+fL7rsYgYEA=" and the password.
Here is how Coinbase explains thier google drive backup: "As an added safeguard, we built an encrypted Google Drive and iCloud feature so you can back up your recovery phrase."
When I tested it, I was able to restore the seed phrase using only the text "1WKkQX7s_T3E3zDvijWhOBarbzzXfDSY+fL7rsYgYEA=" and the password.