Hey There,
I've got some free time on my hands and am looking back into cracking an Ethereum Pre-Sale Wallet a friend of mine lost the password for. I could have swore I had hashcat working a year or two ago on this wallet but I'm a dummy that deleted all of my notes so I'm starting from scratch once more.
I've followed the good advice on this forum and several others to prepare my wallet hash (first using etherum2john.py, then just manipulating the hash manually into the format outlined by https://hashcat.net/wiki/doku.php?id=example_hashes). A sample hash works, but mine always throws "Token length exception" before loading the CUDA kernel.
Comparing my wallet hash with the sample, the only thing I can see is that my bkp length is 64, not 32. Actually cutting this down to 32 characters allows this to run but I'm sure trimming the value may result in different results and likely wasted compute effort.
Standard hash format:
My hash format:
After looking at the great write up of the BKP Field at:
https://www.reddit.com/r/ethereum/commen...on_file_a/
I haven't tried to generate anything and have the original JSON from the presale wallet. The length of the BKP field is just longer than I suspect it should be, or I'm missing a flag in hashcat to allow for a longer format.
I'm wondering what next steps I should take. Without the original seed value I don't think I can obtain the BKP. I may be able to derive it, but would need the password and the original data. I haven't jumped into the code for wallet type 16300 to see if the BKP value is used in the verification.... I'd like to think it is as it's being validated but throwing any value of length 32 seems to be acceptable which makes me think it is used as part of password validation.
Thanks in advance for any info someone may bring.
I've got some free time on my hands and am looking back into cracking an Ethereum Pre-Sale Wallet a friend of mine lost the password for. I could have swore I had hashcat working a year or two ago on this wallet but I'm a dummy that deleted all of my notes so I'm starting from scratch once more.
I've followed the good advice on this forum and several others to prepare my wallet hash (first using etherum2john.py, then just manipulating the hash manually into the format outlined by https://hashcat.net/wiki/doku.php?id=example_hashes). A sample hash works, but mine always throws "Token length exception" before loading the CUDA kernel.
Comparing my wallet hash with the sample, the only thing I can see is that my bkp length is 64, not 32. Actually cutting this down to 32 characters allows this to run but I'm sure trimming the value may result in different results and likely wasted compute effort.
Standard hash format:
Code:
$ethereum$w*<encseed:1248 characters>*<ethaddr:40 characters>*<bkp:32 characters>My hash format:
Code:
$ethereum$w*<encseed:1248 characters>*<ethaddr:40 characters>*<bkp:64 characters>After looking at the great write up of the BKP Field at:
https://www.reddit.com/r/ethereum/commen...on_file_a/
I haven't tried to generate anything and have the original JSON from the presale wallet. The length of the BKP field is just longer than I suspect it should be, or I'm missing a flag in hashcat to allow for a longer format.
I'm wondering what next steps I should take. Without the original seed value I don't think I can obtain the BKP. I may be able to derive it, but would need the password and the original data. I haven't jumped into the code for wallet type 16300 to see if the BKP value is used in the verification.... I'd like to think it is as it's being validated but throwing any value of length 32 seems to be acceptable which makes me think it is used as part of password validation.
Thanks in advance for any info someone may bring.