Recovering a Solana keystore wallet
#1
I have a Solana wallet that I want to recovery (I have a part of the password), however, there is no Solana specific hash extract script.
If I look at the keystore file, it is similar to existing hashes and attack modes such as: 
20200 Python passlib pbkdf2-sha512
21600 Web2py pbkdf2-sha512

There are however other parameters for pbkdf2 that I do not get, the parameters are as follows

Parameters are:
_cipher":"aes-128-ctr_
_cipherparams":{"counter":988485},"kdf":"pbkdf2","kdfparams":{"c":8192,"dklen":32,"prf":"sha512","salt:..."}_
I assume that c is the number of iterations, but what about the counter.
Does anyone know if these parameters can be fed to hashcat using an existing attack mode such as 21600 Web2py pbkdf2-sha512?
Reply
#2
You won't be able to attack a wallet file as PBKDF2 alone, you will need to do the decryption step. This will require writing a new kernel/module for hashcat.
Reply
#3
Thank you for the information. There is no such thing as a generalized format to input these parameters into hashcat I understand.
Is there anywhere a tutorial or further information on how to implement a kernel module in hahcat? In general I want to learn more about how hashcat works to see if I can be more than just a user.
If adding a module/kernel consists mostly of reshuffling code and parameters from an existing kernel, I might be able to pull it off. If it has to be programmed from zero, I am afraid it is beyond my skill set. I do think it might become interesting to add a kernel for Solana to hashcat. Solana has a market cap of 10 billion and it is only a matter of time before more people will end up having to recover their keys.
Reply
#4
(11-30-2023, 12:32 PM)monyanus Wrote: Is there anywhere a tutorial or further information on how to implement a kernel module in hahcat?

You can start from here.
Reply
#5
Thx. <minimum of 5 characters>
Reply