Supporting Brave Wallet
#1
I'm trying to figure what my Brave Wallet password is, and I can't find a tool to brute it.

I did some research into Brave's source, and I see how their encryption works...

I believe this is the code which generates the encryptor they use

And this is the code which decrypts

I found where Brave stores the encrypted mnemonic, salt, and nonce... here's a snippet (this is of a newly created wallet with no value btw)

Code:
"encrypted_mnemonic": "EFf5hkJ2XdrHDUWuxclrIKTDDfV5wclPnnIvtkddEu1tzNCotqH1w/f6rB094Ij7FleEXmGYGcDY6yof0uFpG2GjV9JGUXknEM/7W+OeX1yf9nbrLiSGg8b8GxdqTtc4eg==",
"password_encryptor_nonce": "SpZdwDeV7IP5yGwB",
"password_encryptor_salt": "/4quJlgraMq4u5kXhC4YSOWUf94X7R2X6Ih5Hn5fEnA="

So it looks like they first generate an encryption key usingĀ PKCS5_PBKDF2_HMAC(password,salt) - with a message digest function SHA256. (I believe this is enough to bruteforce a password?)
Then use that key to initialize Aes(AES-256-GCM)... Then... Aesd.Decrypt(key,nonce)

I'm wondering if there's an already-supported Hashcat method which supportsĀ PKCS5_PBKDF2_HMAC(password,salt)-SHA256, and if not, how can it be supported?

Also,
Code:
const int kPbkdf2Iterations = 310000
Reply
#2
It's AES-256-GCM-SIV actually, apparently why it uses a nonce instead of iv
Reply