hashcat Forum Support hashcat v
mask attack blockchain wallet

Threaded Mode
mask attack blockchain wallet
robinh007d Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Dec 2022
#1
12-07-2022, 12:45 AM (This post was last modified: 12-07-2022, 12:52 AM by robinh007d.)
We have attempted to brute force the password for a blockchain wallet from 2013.


We have used blockchain2john.py to create a $blockchain$ hash.

We also do not know how much is in the wallet, it could be 0.

We are using the command: ./hashcat blockchain.hash -a3 -w4 -i


Our hashcat rig has got to 10 characters and now we realise this is indeed a very long time to complete :-)

We know the password is a mixture of lowercase/uppercase/numbers/symbols.

We think its a capital letter word followed by 2 numbers and a symbol but unsure on the symbol.

For example, there are no $ or [ in the password.

We have narrowed the symbol used down to some possibilities: !, ;, : and @

So now we are going to try a combination/mask attack.


Our questions at this time:

How can we produce a mask attack that excludes all symbols except a few?

How can we produce something that will suit our needs?

How do we know if our commands passed into hashcat are working?

What is an example command for hashcat for a blockchain wallet?

Can we find the address without cracking the password?


Thanks
Find
Reply
marc1n Offline
Banned
Posts: 387
Threads: 1
Joined: Aug 2020
#2
12-07-2022, 12:47 AM (This post was last modified: 12-07-2022, 12:49 AM by marc1n.)
Use mask attack https://hashcat.net/wiki/doku.php?id=mask_attack
Find
Reply
robinh007d Offline
Junior Member
**
Posts: 2
Threads: 1
Joined: Dec 2022
#3
12-07-2022, 12:54 AM
(12-07-2022, 12:47 AM)marc1n Wrote: Use mask attack https://hashcat.net/wiki/doku.php?id=mask_attack

Thanks. We have read the wiki for mask attack but we are unable to figure out how to specify reduced amount of symbols to use.
Find
Reply
slyexe Offline
Senior Member
****
Posts: 353
Threads: 0
Joined: Nov 2017
#4
12-07-2022, 01:36 AM
You will be required to create customer character sets. That would require to define parameters -1 to -4 for different case usage. So for example if you know the first letter is a capital and most likely not a vowel you can create that by defining -1.

Code:
hashcat -a 3 -m xxx -1 BCDFGHJKLMNPQRSTVWXYZ hashfile ?1

By defining -1 you can use it as you would any other specific character maskset using "?" and the number appended to that custom set. So to define 2 sets and use them in conjunction would be as the following:

Code:
hashcat -a 3 -m xxx -1 BCDFGHJKLMNPQRSTVWXYZ -2 !@#$%^&* hashfile ?1?l?l?l?l?l?l?d?d?2

The last snippet you would receive a password beginning with a uppercase then 6 lower case followed by 2 digits and finally a limited special character. Hope this helps.
Find
Reply