Would appreciate assistance with forming correct command structure

[HelpYourBro]

Hello,


My brother asked me to help him recover his lost litecoin wallet/private key. I am an IT pro, familiar with LINUX and have mining rigs I can run this on. I have completed the installation of hashcat, successfully benchmarked the system, extracted the wallet.dat hash and am ready to begin the process on a (6) GPU NVidia 1070 system.

Where I would appreciate assistance in forming the complete and proper command for this situation. He knows it is a 12 character password mixing upper case, lower case and special characters. He gave me some characters that are very likely in the password. In addition, he indicated that the characters would be placed next to each other in the password such as 

32 <something else>47<somethingelse>51<somethingelse>

These are the numbers he indicated are include in groups, ie "3,2" "4,7" and "5,1"

There is a decent likelihood that they appear this way but the exact positions are not known. Ideally I think this needs to be brute-forced but giving priority to include these numbers first in all the permutations.

Frankly, I have no idea about how to implement that here and all help is greatly appreciated.

Also, knowing it is 12 characters, is it possible to develop an estimate of the processing time required?


Thank you in advance

Steve

[HelpYourBro]

PS- here is the output of the benchmarking run:

Benchmark relevant options:
===========================
* --optimized-kernel-enable

Hashmode: 900 - MD4

Speed.Dev.#1.....: 14509.4 MH/s (32.93ms)
Speed.Dev.#2.....: 14307.3 MH/s (32.93ms)
Speed.Dev.#3.....: 14116.3 MH/s (33.35ms)
Speed.Dev.#4.....: 14305.3 MH/s (32.95ms)
Speed.Dev.#5.....: 11851.7 MH/s (32.99ms)
Speed.Dev.#6.....: 14294.7 MH/s (32.96ms)
Speed.Dev.#*.....: 83384.6 MH/s

Hashmode: 0 - MD5

Speed.Dev.#1.....: 7570.9 MH/s (63.45ms)
Speed.Dev.#2.....: 7684.3 MH/s (63.34ms)
Speed.Dev.#3.....: 6796.6 MH/s (64.21ms)
Speed.Dev.#4.....: 7691.0 MH/s (63.63ms)
Speed.Dev.#5.....: 7254.9 MH/s (63.43ms)
Speed.Dev.#6.....: 7645.0 MH/s (63.58ms)
Speed.Dev.#*.....: 44642.8 MH/s

Hashmode: 5100 - Half MD5

Speed.Dev.#1.....: 4948.6 MH/s (50.07ms)
Speed.Dev.#2.....: 4817.5 MH/s (50.24ms)
Speed.Dev.#3.....: 4772.8 MH/s (50.80ms)
Speed.Dev.#4.....: 4893.3 MH/s (50.26ms)
Speed.Dev.#5.....: 4951.5 MH/s (50.12ms)
Speed.Dev.#6.....: 4792.2 MH/s (50.22ms)
Speed.Dev.#*.....: 29175.9 MH/s

Hashmode: 100 - SHA1

Speed.Dev.#1.....: 2584.3 MH/s (93.72ms)
Speed.Dev.#2.....: 2628.0 MH/s (93.50ms)
Speed.Dev.#3.....: 2607.5 MH/s (95.21ms)
Speed.Dev.#4.....: 2658.0 MH/s (94.12ms)
Speed.Dev.#5.....: 2635.4 MH/s (93.85ms)
Speed.Dev.#6.....: 2485.8 MH/s (93.92ms)
Speed.Dev.#*.....: 15599.1 MH/s

Hashmode: 1400 - SHA-256

Speed.Dev.#1.....: 965.5 MH/s (63.46ms)
Speed.Dev.#2.....: 963.9 MH/s (63.42ms)
Speed.Dev.#3.....: 943.3 MH/s (64.33ms)
Speed.Dev.#4.....: 955.8 MH/s (63.58ms)
Speed.Dev.#5.....: 959.8 MH/s (63.37ms)
Speed.Dev.#6.....: 970.2 MH/s (63.66ms)
Speed.Dev.#*.....: 5758.4 MH/s

Hashmode: 10800 - SHA-384

Speed.Dev.#1.....: 269.5 MH/s (54.37ms)
Speed.Dev.#2.....: 267.1 MH/s (54.28ms)
Speed.Dev.#3.....: 272.7 MH/s (55.10ms)
Speed.Dev.#4.....: 267.1 MH/s (54.58ms)
Speed.Dev.#5.....: 277.3 MH/s (54.40ms)
Speed.Dev.#6.....: 276.0 MH/s (54.50ms)
Speed.Dev.#*.....: 1629.7 MH/s

Hashmode: 1700 - SHA-512

Speed.Dev.#1.....: 261.2 MH/s (53.87ms)
Speed.Dev.#2.....: 280.6 MH/s (53.77ms)
Speed.Dev.#3.....: 246.6 MH/s (54.63ms)
Speed.Dev.#4.....: 279.0 MH/s (54.05ms)
Speed.Dev.#5.....: 265.0 MH/s (53.94ms)
Speed.Dev.#6.....: 284.5 MH/s (53.97ms)
Speed.Dev.#*.....: 1616.9 MH/s

Hashmode: 5000 - SHA-3 (Keccak)

Speed.Dev.#1.....: 264.6 MH/s (58.07ms)
Speed.Dev.#2.....: 257.5 MH/s (58.03ms)
Speed.Dev.#3.....: 258.4 MH/s (59.05ms)
Speed.Dev.#4.....: 254.0 MH/s (58.26ms)
Speed.Dev.#5.....: 262.6 MH/s (58.36ms)
Speed.Dev.#6.....: 259.4 MH/s (58.33ms)
Speed.Dev.#*.....: 1556.5 MH/s

Hashmode: 10100 - SipHash

Speed.Dev.#1.....: 8292.8 MH/s (51.27ms)
Speed.Dev.#2.....: 9147.9 MH/s (51.18ms)
Speed.Dev.#3.....: 8757.4 MH/s (54.51ms)
Speed.Dev.#4.....: 8876.2 MH/s (53.26ms)
Speed.Dev.#5.....: 9007.4 MH/s (53.86ms)
Speed.Dev.#6.....: 8983.6 MH/s (51.40ms)
Speed.Dev.#*.....: 53065.4 MH/s

Hashmode: 14900 - Skip32 (PT = $salt, key = $pass)

Speed.Dev.#1.....: 1524.3 MH/s (1.44ms)
Speed.Dev.#2.....: 1502.3 MH/s (1.43ms)
Speed.Dev.#3.....: 611.5 MH/s (1.46ms)
Speed.Dev.#4.....: 1510.7 MH/s (1.44ms)
Speed.Dev.#5.....: 2003.8 MH/s (1.43ms)
Speed.Dev.#6.....: 1549.2 MH/s (1.43ms)
Speed.Dev.#*.....: 8701.8 MH/s

Hashmode: 6000 - RIPEMD-160

Speed.Dev.#1.....: 1527.6 MH/s (81.19ms)
Speed.Dev.#2.....: 1440.0 MH/s (81.27ms)
Speed.Dev.#3.....: 1509.2 MH/s (82.34ms)
Speed.Dev.#4.....: 1367.3 MH/s (81.86ms)
Speed.Dev.#5.....: 1453.3 MH/s (81.69ms)
Speed.Dev.#6.....: 1537.4 MH/s (81.22ms)
Speed.Dev.#*.....: 8834.8 MH/s

Hashmode: 6100 - Whirlpool

Speed.Dev.#1.....: 74164.0 kH/s (50.31ms)
Speed.Dev.#2.....: 75865.6 kH/s (50.20ms)
Speed.Dev.#3.....: 70752.5 kH/s (53.23ms)
Speed.Dev.#4.....: 69761.1 kH/s (50.66ms)
Speed.Dev.#5.....: 68555.9 kH/s (50.46ms)
Speed.Dev.#6.....: 75624.6 kH/s (50.52ms)
Speed.Dev.#*.....: 434.7 MH/s

Hashmode: 6900 - GOST R 34.11-94

Speed.Dev.#1.....: 77397.9 kH/s (99.84ms)
Speed.Dev.#2.....: 77948.7 kH/s (101.38ms)
Speed.Dev.#3.....: 70855.9 kH/s (52.96ms)
Speed.Dev.#4.....: 69916.3 kH/s (50.84ms)
Speed.Dev.#5.....: 74629.6 kH/s (101.67ms)
Speed.Dev.#6.....: 74889.7 kH/s (50.42ms)
Speed.Dev.#*.....: 445.6 MH/s

Hashmode: 11700 - GOST R 34.11-2012 (Streebog) 256-bit

Speed.Dev.#1.....: 14444.3 kH/s (94.42ms)
Speed.Dev.#2.....: 15532.6 kH/s (94.11ms)
Speed.Dev.#3.....: 14124.3 kH/s (64.06ms)
Speed.Dev.#4.....: 13571.7 kH/s (63.52ms)
Speed.Dev.#5.....: 15188.7 kH/s (94.82ms)
Speed.Dev.#6.....: 14458.4 kH/s (63.36ms)
Speed.Dev.#*.....: 87320.0 kH/s

Hashmode: 11800 - GOST R 34.11-2012 (Streebog) 512-bit

Speed.Dev.#1.....: 15249.4 kH/s (94.52ms)
Speed.Dev.#2.....: 15276.3 kH/s (94.19ms)
Speed.Dev.#3.....: 12611.5 kH/s (64.42ms)
Speed.Dev.#4.....: 15239.5 kH/s (63.55ms)
Speed.Dev.#5.....: 15178.3 kH/s (63.47ms)
Speed.Dev.#6.....: 15200.9 kH/s (94.73ms)
Speed.Dev.#*.....: 88755.9 kH/s

Hashmode: 14000 - DES (PT = $salt, key = $pass)

[HelpYourBro]

Here is what I have worked up to so far:

./hc -m 11300 -a 3 --increment --increment-min 12 --increment-max 13 litecoin.hash ?a?a?a?a?a?a?a?a?a?a?a?a

note, he said that he strongly believes it is 12 characters but it could be 13

[slyexe]

./hc -m 11300 -a 3 --increment --increment-min 12 --increment-max 13 litecoin.hash ?a?a?a?a?a?a?a?a?a?a?a?a?a

You missed an ?a if you're wanting to do increments. Otherwise, running what you have there should give you a good indication of how long a bruteforce attack of that margin is going to take (I'm guessing 50000+ years?).

You can diminish the workload by adding in your digits in direct locations but still have 6+ characters to bruteforce is still a near impossible task for a slow hash like litecoin wallets.

Code:

./hc -m 11300 -a 3 -w 4 litecoin.hash 32?a?a47?a?a51?a?a

This will give you an idea of what kind of time frame you're working with, for a single 1070 it'll take me 5 years.

[HelpYourBro]

Thanks for the reply! Do you happen to have a quantum computer I can borrow?

Sounds like this is not at all practical, I wish I had a better way to help him, it has turned out to be quite a lot of $$

[undeath]

A quantum computer is not what you want. It would be efficient at breaking the underlying cryptography of litecoin (and bitcoin and most others) but not at calculating hashes.

Cracking a wallet with eight or more unknown characters is unfeasible. The keyspace is too big. I don't quite understand what exactly you know about the password. It may or may not be possible to reduce the keyspace sufficiently.

[HelpYourBro]

A quantum computer is not what you want. It would be efficient at breaking the underlying cryptography of litecoin (and bitcoin and most others) but not at calculating hashes.

Cracking a wallet with eight or more unknown characters is unfeasible. The keyspace is too big. I don't quite understand what exactly you know about the password. It may or may not be possible to reduce the keyspace sufficiently.

Thanks. Here is what we think we know:

1) The password is most likely 12 characters, but small chance it is 13
2) it contains numbers, upper case, lower case and special characters
2) The numbers 1,2,3,4,5 and 7 are most likely in the password
3) When 3 occurs it is follow by 2 and then an unknown 
4) When 4 occurs it is followed by 7  and then an unknown
5) When 5 occurs it is followed by 1

for example, it could be 32!*47aA51b9

Do you think that "narrows" it down? Would that suggest a useable set of rules that might make the scope of the effort even remotely reasonable?

[undeath]

ok, the keyspace would be:
95^6 [completely unknown characters] * 10 [possible positions for "3"] * 10 [possible positions for "4"] * 11 [possible positions for "5"] = 808601079687500

assuming all the rules you mentioned apply and all the suspected numbers are in the password. (actually a little less because for example "3" and "4" cannot be at the same position at any time obviously)

On a single 1080 you can calculate about 4203 H/s for a bitcoin wallet, I think that has the same algorithm as litecoin. (see https://hashcat.net/forum/thread-5762.html)

Running through your keyspace on one such device would take about 808601079687500/4203/60/60/24/364 = 6117.3 years. Even with slight further reductions and a load of GPUs it would take years to recover the password.

[HelpYourBro]

Thank you Undeath! Not great news but exactly the information I was looking for, much appreciated

[Buffarnaud]

Did you tried with a dictionnary ?

Some of them contains following numbers that some people usually type on keyboards