Mist Wallet 08.10 bruteforce
#1
Dear all,

In 2017 i have bought Ethereum and transferred it to my Ethereum wallet Mist version 08.10 (obtained from github).

Despite the fact that i do not remember creating a password i cannot transfer the funds since a password is asked. I have backuped the keystore file and if i want to transfer my wallet to another wallet it asks for a password .

I still have all the blockchain data and thus also the keystore file. After a search on the internet i found out that more people are reporting about this wallet in 2017 not remembering to have created a password.

As far as i can remember i have downloaded the wallet and then there was already an account created for me with the name : mainaccount (Etherbase). My wallet connects to the ethereum node and i can see the actual amount of dollars that my ether is worth, but unfortunately no ability to transfer funds

So big problem, with possible explanations:

1. I made a password but simply cant remember it. This is highly unliky since i usually use one password for these type of things.

2. Some keyboard settings were different therefore special characters might have changed ?

3. I did not set a password its a bug in the wallet

Anyways as a medical doctor i have zero experience in programming but i have performed my research and downloaded hashcat on my macbook. With this program i am now able to crack the password of a test account that i have created in the same wallet as where my other main account resides in .

My question is :

I want to perform a new brute force attack on m 15700 , using the force technique including the dive rule, which is successfully running but the speed is 4 h / s...

I have 2 devices :

Cpu intel core i5-5257u cpu 2.7 ghz open cl 1.2 with a total memory of 8000 mb
Gpu intel iris graphics 6100 open cl1.2 with a total memory of 1500 mb

Despite that i have expected my gpu would perform better the speed with this device was even lower

Is there any way to speed up the speed to at least 700-800 h / s ?

Thank you very much for all your help !!
Reply
#2
Hi,

In order to answer your question and not stating the problem:

Yes, you have to buy a graphic card (GPU). But you wont find any for a "normal" price this year. Maybe you rent some resources in the cloud (google or aws or similar).

Or you ask someone for help, once you figured out the right hashcat command and attack.
Reply
#3
Hi there,
There's a topic somewhere in github tickets about people having same issues with not setting password and then being asked to enter password after one of the version updates. Basically mist set random password to the keystore ..
I'm currently working on one same issue. The encryption algorithm is GPU resistant and will get you 1-5/H/s max on GPU
I'm running mine in AWS cloud on CPUs, getting around 5000 H/s on small cluster.
Ask or pm me if you have questions.
Reply
#4
I have exactly the same problem. I created a Mist wallet in autumn 2017 (think with 08.10 but not 100% sure). I have created three test wallets at this time. One of them I've labeled as "main" in my notes and transferred ETH to it. The other two test wallets remained empty. The noted password is working on the two additional wallets but not on the wallet with ETH.

I have already tried with these known passwords and various alternatives and rules like dive etc., to get the password from the "main" wallet. The cracking works with the other two wallet hashes, so the method works.

The speed on Etherwallets (15700) is very slow.  I have an RTX 3080 and an AMD Ryzen 5900x but max speed is 4 H / s. But I think that the AMD CPU / hashcat does not run optimized due to OpenCL problems. Besides, CPU cracking is better on 15700 than GPU cracking.

Since I created the wallets within 2 hours and 2/3 wallets have the same PW, I think that MIST has screwed up something.

I also read through the Github / Mist sections but didn't get much more information


Maybe the cloud option is better. Is it possible to run hashcat on AWS?
Reply
#5
It is really possible to run HC in AWS, but you'd need to pay for it. Some GPU instances are $40/hr so.. it could be costly.
Reply
#6
(04-22-2021, 09:20 AM)fb2039 Wrote: Dear all,

In 2017 i have bought Ethereum and transferred it to my Ethereum wallet Mist version 08.10 (obtained from github).

Despite the fact that i do not remember creating a password i cannot transfer the funds since a password is asked. I have backuped the keystore file and if i want to transfer my wallet to another wallet it asks for a password .

Sorry not for really helping, but I am a MD as well and exactly in the same situation, just used Mist around 0.7.7 in may or june of 2017. Never had a password issue before this MyEthereumWallet.org situation...

I am just learining to use hascat to try to recover the wallet these days. If we can help each others it would be fun and great Smile but frankly reading that we are several with exactly the same story makes me fear that this app was flawed and a random password cannot be guessed with reasonnable amount of time and power... but do some more on calls to cover the loss Wink
Reply
#7
I think you guys are referring to this Mist github issue https://github.com/ethereum/mist/issues/3513 ?

I have no clue what that other MyEthereum....org web site has to do with Mist . We shouldn't mix different web sites and software all together. Mist is/was a desktop software as far as I know, it's unrelated to some online wallets / web sites.

The problem with that "I never set a password problem" is that there are many examples of users that proof that they were wrong thinking about not setting a password (see for instance this github issue https://github.com/ethereum/mist/issues/4188 , "I don't remember setting up password " and afterwards "I was actually able to recover the password" ). There are many examples of this.

Not sure about your exact situation, but while researching this "problem" a little bit a few months/years ago (because several users asked for hashcat help and hash algorithm support etc), I/we didn't really come to a very clear conclusion of any serious wide-spread problem that could lock up accounts or fail to recover the funds (there were some examples like: https://github.com/ethereum/go-ethereum/issues/16286 and https://github.com/ethereum/mist/issues/3762 etc but these are all very special situations, not even remotely wide-spread / common situations and the test/solutions are very clear in those cases).

I'm not trying to downplay the situation and it's not 100% excluded that there is/was a software bug... but the problem is already the fact that whenever and only when the ETH price rises there are many users that suddently discover they don't remember having set any password, is a little bit suspicious .

I think it's best to try to focus on the facts and try to generate new accounts with the same software with a known password (or even just freshly start the software and see if a password prompt is asked etc), best to try the same Mist version number etc.... try to create accounts and try to crack them etc etc etc
I did those experiments back then a couple of times with different Mist software versions and except from these few special problems I (or others) mentioned in https://github.com/ethereum/mist/issues/3513 , there wasn't a clear "Mist bug" identified that could be responsible for all the locked accounts (where probably in 99.99 % at least are user errors or problems with the user's brain memory, that's what I'm currently believing, but some hard facts about a bug could of course contradict that or proof that wrong. but we need a proof of a bug first).

Maybe you can make some further tests and mention your results here or on the mist github issue. good luck
Reply
#8
(05-08-2021, 09:55 AM)philsmd Wrote: I think you guys are referring to this Mist github issue https://github.com/ethereum/mist/issues/3513 ?

I have no clue what that other MyEthereum....org web site has to do with Mist . We shouldn't mix different web sites and software all together. Mist is/was a desktop software as far as I know, it's unrelated to some online wallets / web sites.

The problem with that "I never set a password problem" is that there are many examples of users that proof that they were wrong thinking about not setting a password (see for instance this github issue https://github.com/ethereum/mist/issues/4188 , "I don't remember setting up password " and afterwards "I was actually able to recover the password" ). There are many examples of this.

Not sure about your exact situation, but while researching this "problem" a little bit a few months/years ago (because several users asked for hashcat help and hash algorithm support etc), I/we didn't really come to a very clear conclusion of any serious wide-spread problem that could lock up accounts or fail to recover the funds (there were some examples like: https://github.com/ethereum/go-ethereum/issues/16286 and https://github.com/ethereum/mist/issues/3762 etc but these are all very special situations, not even remotely wide-spread / common situations and the test/solutions are very clear in those cases).

I'm not trying to downplay the situation and it's not 100% excluded that there is/was a software bug... but the problem is already the fact that whenever and only when the ETH price rises there are many users that suddently discover they don't remember having set any password, is a little bit suspicious .

I think it's best to try to focus on the facts and try to generate new accounts with the same software with a known password (or even just freshly start the software and see if a password prompt is asked etc), best to try the same Mist version number etc.... try to create accounts and try to crack them etc etc etc
I did those experiments back then a couple of times with different Mist software versions and except from these few special problems I (or others) mentioned in https://github.com/ethereum/mist/issues/3513 , there wasn't a clear "Mist bug" identified that could be responsible for all the locked accounts (where probably in 99.99 % at least are user errors or problems with the user's brain memory, that's what I'm currently believing, but some hard facts about a bug could of course contradict that or proof that wrong. but we need a proof of a bug first).

Maybe you can make some further tests and mention your results here or on the mist github issue. good luck

I definitely understand your point , I also cannot guarantee that i did ot did not set a password. But , the fact is that there are some users specifically reporting about mist 08.10,and a macbook , with a password with a special character in it . I am in the same situation. I am currently running a hashcat force attack but unfortunately untill now without success... i solely have one or two passwords that i regularly use and therefore I found it suspicious that i am not able to access my wallet while others report the exact same situation with specifically this version. I did test if i was able to crack an account created within this specific version and it did work but unfortunately i am only able to run geth version 08.4 or so on this ethereum wallet and not geth 06,4 the version that was running when i created the wallet i think .. maybe it is also due to the fact that my wallet was not synchronized jet and therefore something went wrong ? I still have the log files though and all the chain data of 30 gig .. maybe that can help me ?
Btw my wallet is not able to synchronize now , maybe this is due to the fact that there are no peers anymore i dont know ? Further more if i want to downlod the eth blockchakn in a newer versoon of geth by running ./get —fast —sync i am not able to synchronize too ..
Reply
#9
(05-08-2021, 09:55 AM)philsmd Wrote: Maybe you can make some further tests and mention your results here or on the mist github issue. good luck

Hello,

I completely understand your point. This was my first wallet experience and frankly I didn’t read enough before starting this. Classic rookie FOMO in 2017 (in May not December but same mistake anyway).

Just funny that we find the usage of Mist, Mac computer and special characters again again and again in the stories.

I played a lot with ethcracker in 2018. Then let it down. And finally try again with hashcat with this new bull run. To me it’s really more of the will to understand what the hell of a password I put since I only have fractions of Eth in this wallet.

Like colleagues here, I have created another json with the website MyEthereumWallet.org and yes I have understood enough of hashcat to crack it. So I am on a good way (I had to build a Linux bootable USB key, etc. I like learning).

But with my 2017 wallet, it’s very complicated since I am the kind of person who sets very long passwords. Somewhat like passphrase. So if I have done a typo somewhere it might be horrible to find since in my estimations the password length range is min 27 max 65 😱. 

What do you think are the best strategies with long passwords like this ? My next step is to try to use Prince to combine words I use in my password/pass phrase. The main issue is that I sometimes interspersed numbers or special characters between words.
Thanks
Reply
#10
I'm pretty sure I was able back then to easily set up both mist and geth with (almost any supported) specific version number of these software:
The trick was just to copy the geth binaries somewhere in the %APPDATA% directory (you will easily see / recognize where the "correct"/normal version of geth will be after a standard installation, just search for geth.exe within that directory). So the idea is to just replace the "other" version of the geth folder/installation with the version you want to test from https://github.com/ethereum/go-ethereum/releases

Futhermore, I had to disconnect from the internet, otherwise mist/geth would both try to update to a newer version (there is a clientBinaries.json file or similar that will be queried on the net on startup).

To me 6.4 seems to be way too old, honestly. because as we can see here, mist 8.10 was using geth 1.6 (https://github.com/ethereum/mist/blob/dc...aries.json).

so the claim about geth 6.4 seems to be very strange to me.... maybe you had it install, but I'm not sure if mist would use it or even be able to use such an old version, I doubt that (but in any case you can try to contact the Mist devs or geth dev team etc and try to double check which version were compatible and used by default).

Internet connection is not needed and NOT recommended because of the 2 main reasons mentioned above: it tries to update and the sync with blockchain etc is NOT needed to check a password... you can have no chain data and still check if you can unlock the account as far as I know.

Attention: I think it's almost needless to say but it's VERY important that you of course should make a full backup of all the important files, especially the json files, but not only... best would be a full backup of the ethereum-related mist/geth folders in %APPDATA% or all those files under C:, or even better a full backup of the whole disk (HDDs are cheap nowadays and it's best to have a safe copy, just in case)... before you make any new installations or changes to the mist/geth versions/installations/configurations etc. Backups are always worth it! best on a completely different/separate HDD/SDD/USB thumb driver or similar. Don't try to use any shortcuts here. Back'em up !

BTW: the folders for Apple Mac systems seem to be:
* ~/Library/Application Support/Mist (mist configuration ?)
* ~/Library/Application Support/Ethereum Wallet/ (only wallet data ?)
* ~/Library/Ethereum/ (only geth software and data ???)
* ~/Library/Ethereum/keystore (the JSON / keystore files ?)

as you can read in the mist wiki: https://github.com/ethereum/mist/blob/ma...xt#L32-L42 , https://github.com/ethereum/mist/blob/ma...fig-folder , https://github.com/ethereum/go-ethereum/...lts.go#L64
Reply