Electrum support - aes_decrypt (sha256 (sha256 ($pass), $data)
#21
That's a standalone proof of concept. But I'm glad others are starting to find this thread via google, I was expecting that. You can't compile it into hashcat. And it doesn't work with electrum v4, this is for earlier versions of electrum.

(The reason I released that was that there should be a very small overlap between the versions of electrum leaking the seed a few days ago and the versions of electrum still using that old seed format my cracker is aimed at).

@ Dear hashcat pros, can anyone please take a look at AES and give me an idea as to where the bottleneck is? I would pay your hourly rate if you don't want to get paid as a bounty to improve performances.

Also would it be correct to say the data parallelization at the beginning of the AES algoritms implement in hashcat doesn't make sense? I mean leaving some of the local inversion matrix variables at zero, to spread them over the local workers in the same working group – how does that makes any sense at all? It's not speeding anything up, is it? The zeroed slots in the inversion matrix still need to be processed.

Edit: github issue: https://github.com/hashcat/hashcat/issues/1495
Reply
#22
Uaioago. Sorry I should have been more clear. The wallet is actually from an older version of electrum (v1.8.1); it was the seed that was v4.
Reply
#23
I don't understand what that means, but if your wallet is that old it should work with the software I'm writing. Here is my extract script:

https://pastebin.com/P3GZbFaL

If you remember a good chunk of your password I might be able to help, I'm spending some money in GPU cracking nowadays and I would like to test the new system.

(the extract script makes it impossible to steal your money as the last 32 bytes = 1e77 are still unknown).
Reply
#24
I appreciate the offer, but I'm fine waiting until it's merged into hashcat
Reply
#25
Electrum support (salt-type 1) has been added to hashcat. You can use the beta https://hashcat.net/beta/
Reply
#26
Awesome thanks!! One more thing, sorry newb question again, how do I extract the hash from my electrum wallet to be used in hashcat? I tried using the script that uaioago posted, but hashcat is giving me a Line-length exception.
Reply
#27
Maybe not salt type 1?
Reply
#28
If you use electrum2john.py you need to make sure to remove the file name (and colon) from the start of the output line.
The hash must look similar to the one that is mentioned here: https://hashcat.net/wiki/example_hashes (search for 16600)
Reply
#29
Ah, got it to work now, thanks! Wish me luck!
Reply
#30
@atom, what are the difference between the salt types? How can I tell if my wallet has salt type 1 or 2 or 3?
Reply