Known Dictionary Attack Fails
#1
Hello,
I have a base64 blockchain.info wallet (v1, I believe. circa 2013) for which I know the password. The file name is wallet.aes.json. Using the tool here: https://login.blockchain.com/wallet/import-wallet and entering the password results in success. Entering the mnemonic with this tool (https://login.blockchain.com/wallet/forgot-password) results in the password I have saved, so I know that it's correct.

To prepare the wallet file for hashcat, I used blockchain2john.py to generate known.hash.

I created a wordlist .dict file with some random strings and the password in the middle and run:
Code:
hashcat.exe -a 0 -m 12700 known.hash wordlist.dict

Hashcat runs, but does not find the correct password. Can someone help me with what I am doing wrong? I can even give real data/files as there is 0BTC in the wallet.

Here is the output:
Code:
Session..........: hashcat
Status...........: Exhausted
Hash.Mode........: 12700 (Blockchain, My Wallet)
Hash.Target......: $blockchain$857$6533786935517843666a4555514537756d5...3d3d0a
Time.Started.....: Sun Aug 27 19:22:19 2023 (1 sec)
Time.Estimated...: Sun Aug 27 19:22:20 2023 (0 secs)
Kernel.Feature...: Pure Kernel
Guess.Base.......: File (..\wordlists\zpoil.dict)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:    21948 H/s (0.02ms) @ Accel:512 Loops:9 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests (total), 0/1 (0.00%) Digests (new)
Progress.........: 8/8 (100.00%)
Rejected.........: 0/8 (0.00%)
Restore.Point....: 8/8 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-9
Candidate.Engine.: Device Generator
Candidates.#1....: asdasf -> 4e5vhy45h
Hardware.Mon.#1..: Temp: 56c Fan: 31% Util: 65% Core:2040MHz Mem:10451MHz Bus:16

Started: Sun Aug 27 19:22:16 2023
Stopped: Sun Aug 27 19:22:21 2023
PS F:\Ext4-1TB\500GB\Crack\NEW\hashcat-6.2.6>

Thanks
Reply
#2
Last part of your hash 6533786935517843666a4555514537756d5...3d3d0a is Base64-encoded. Use blockchain2john.py with --base64 option. Or you can decode your data with any suitable tool (don't forget to write correct size).
Reply
#3
(08-28-2023, 07:25 AM)nick8606 Wrote: Last part of your hash 6533786935517843666a4555514537756d5...3d3d0a is Base64-encoded. Use blockchain2john.py with --base64 option. Or you can decode your data with any suitable tool (don't forget to write correct size).

When trying to use blockchain2john with base64, I get no output. Using with the --json switch, I get an error.

Code:
Traceback (most recent call last):
  File "LOCATION\blockchain2john.py", line 39, in <module>
    decoded_data = json.loads(data.decode("utf-8"))
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.11_3.11.1520.0_x64__qbz5n2kfra8p0\Lib\json\__init__.py", line 346, in loads
    return _default_decoder.decode(s)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.11_3.11.1520.0_x64__qbz5n2kfra8p0\Lib\json\decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.11_3.11.1520.0_x64__qbz5n2kfra8p0\Lib\json\decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

The hash was created, I believe, with blockchain2john about 5/6/7 years ago from last time I tried cracking this.

I have tried both on Windows and Ubuntu 22 with Python3.

Below is the contents of the known-password, 0BTC wallet.aes.json file

Code:
e3xi5QxCfjEUQE7umPRrWEQirlE2+p0cdHQfth+TFn7cKkZwqLWtdnUoHa357UX+ZpCdPfgMJL+VsfYOO0rAlAHV+l7ufh7xA0BM2H35qz4bWeokuWqPPwk+jOy5w+a2vhOxcwx45t310byn2Js+Dp0S0SmJhWx1wp5qIssjtnl4ffVZ7aeFaXiFI7TEBHDS14SWFoM5ksf4hnRcDsCJRb3stPZDfcbx0w0t6Sqz0hD/Db8Sw/TrPC/P/A7oB1gnC++3SpcUYDcLZg2r0zWxOHwUCH14/jpf7NOONpOVstmzBVN6ft5OQjlokM7tvjN63tp95ZqVYtH+J+MMdzmJbNNM81fAJhNq5ZDkbMOerUzRX3u5N1qkvMJDwiw6U78ExlQ5WCEzFI91pj0fRJZEJx83wEjKx5BndbmynGdm+L2uZkGeKbGOD4MqonP3tqOXigDJzi45p6RUr7cVqEhmlzMkQLjLre6IXRi5M8C99uIDFbyHRDSlpyblPIWYh9YyKRYJ93bbSLhzt5WZWi3OApP0dMCRUjV+oH0dXw1Vr2089O43UPE3xiJ1U6Yg7JBv4NaQyxvMFFgrIzoEjKAgSb7QUX08A89SrF2zYVm3d60mvlZ9Z3d7IUK2B4t+CWA7nl6Qz7FJd5t3/uhVOhzrWU6UNJTQWu+5+4pVK6RcC2qTABD0dtAijOc5XB4SXVQN62IfOJj66TqESjk8hflv1lBggkD8EICj1/SB8GXRsq3aOG3kIY5o4bFdAOUC6rNf0H/+HLiM6XmMi+v1EevAOvgqxuR7gKAduXLtNphIQG/Nefjcdd/NrByBGHPH0Pbq+jPcU4bLMXZzGmXS2h88Lw==


Edit: I noticed I have two files for the known wallet. Below is the contents of the backup from blockchain according to my notes. It wasn't named wallet.aes.json, though. I get the same results with blockchain2john.
I also notice that the first (above) one is 857 chars long and the second (below) one is 512 long. My unknown password backup is 641 long. Not sure if this means anything or is of concern.

Code:
ntxGCsuoegyAjmP2YttCFJ5RXJsV/a8JSNnZl0oPeMwsREvO+F5AdMKi5ji0DEJ4p13gTO889UmbyI7DKOMMQggG+U8YloFoDRHu3PQUUUQ1VMiFesBsjokr59lX1Q/CaBszMI2XV7eT/vHaWSV5yNU2u8EfLAEjBCO9O7613NrU05EwkKxj4RSwQ6jy1v164lnZGqX2cT8bxUJbAn22qbNo//q3G+rusKUbWe5fVU+AR/GiTSvumU8ULwnsG7L15JKhggimXt5TkvDxS/Qdlv9wVWAIuJhik3a+12+bcCIwlqTzX6tLyVNQLC6s257818qIzxogJyHF9Jh/71tYMiHvUGQ6sjLNripxmdA5K3QuUvaTImiTVFZ3vkfv0k0wdnzC3F0eYVUOCxatiqqF+axgUbSh4iGR6VEAaEK/b+jflBKMdgaaKXEbN7JWHikTsZNvRVwpR0+sZ4rV8uSxc/l1rcdnjAfUbZj0M6zDCV7IJPiUMZO3EUrey8hpVQSk

Thanks
Reply
#4
(08-28-2023, 10:12 PM)pluna Wrote: When trying to use blockchain2john with base64, I get no output. Using with the --json switch, I get an error.

Your command line must be like this:
Code:
python.exe blockchain2john.py --base64 wallet.aes.json

Or just decode your data with any Base64 tool and make your hash manually (decoded size = 640):
$blockchain$640$7B7C62E50C427E31...731A65D2DA1F3C2F
Reply
#5
(08-29-2023, 02:16 AM)nick8606 Wrote: Your command line must be like this:
Code:
python.exe blockchain2john.py --base64 wallet.aes.json

Or just decode your data with any Base64 tool and make your hash manually (decoded size = 640):
$blockchain$640$7B7C62E50C427E31...731A65D2DA1F3C2F

Thanks. I figured out the problem with blockchain2john; it doesn't play nice with Python 3. Using 2.7 worked and my output matches yours. Thanks for including that for me.

Now that I got that working, hashcat says no hashes loaded.
Code:
PS LOCATION\hashcat-6.2.6> .\hashcat.exe -a 0 -m 12700 ..\KNOWN.hash ..\wordlists\known.dict
hashcat (v6.2.6) starting

..\KNOWN.hash: Byte Order Mark (BOM) was detected
Successfully initialized the NVIDIA main driver CUDA runtime library.

Failed to initialize NVIDIA RTC library.

* Device #1: CUDA SDK Toolkit not installed or incorrectly installed.
            CUDA SDK Toolkit required for proper device support and utilization.
            Falling back to OpenCL runtime.

* Device #1: WARNING! Kernel exec timeout is not disabled.
            This may cause "CL_OUT_OF_RESOURCES" or related errors.
            To disable the timeout, see: https://hashcat.net/q/timeoutpatch
OpenCL API (OpenCL 3.0 CUDA 12.2.128) - Platform #1 [NVIDIA Corporation]
========================================================================
* Device #1: NVIDIA GeForce RTX 3090 Ti, 24448/24563 MB (6140 MB allocatable), 84MCU

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Hashfile '..\KNOWN.hash' on line 1 ($): Signature unmatched
No hashes loaded.

Started: Mon Aug 28 20:31:51 2023
Stopped: Mon Aug 28 20:31:56 2023

So now what am I doing wrong?
Reply
#6
I tested on a test v1 and test v2 wallet that I found online and the v2 works, but the v1 does not.

btcrecover can crack the v1 wallet and I verified it by logging in on blockchain.com.

So it seems like there may be two problems. One with my wallet and the other with hashcat and v1 wallets. Can anyone verify that v1 wallets work?
Reply
#7
I tried some other v1 test wallets and they worked. With my known wallet, I truncated the file and adjusted the length field to be 288 and it worked.

Finally, opening the hash files in visual studio saw the file was UTF-16. I saved with UTF-8 encoding and it fixed the problem. Hashcat can now recognize and correctly crack the known wallet hash.

SOLUTION: Save file in UTF-8. No BOM. No UTF-16. Just UTF-8
Reply
#8
Hashcat is buggy on v1 and 100 percent does not work on v0 wallets. The problem is v0 and v1 wallets cannot easily be differentiated.
Reply