Cracking ethereum wallet password
#1
Hi,
I've been trying to recover my friend's ethereum password. As far as I know him I suspect it can't be very difficult password.

I've downloaded latest hashcat version which should support ethereum wallet (scrypt) password cracking (mode 15700).
I was trying to run it on gpus (6x radeon 580 mining rig) but it hangs the machine completely. I also read some articles about scrypt and it turns out that for n=262144 gpu cracking shouldn't work so I decided to try old-school cpu cracking.

I can see my cpu in hashcat:

Code:
 hashcat-4.0.1 ./hashcat64.bin -I
hashcat (v4.0.1) starting...

clGetDeviceIDs(): CL_DEVICE_NOT_FOUND

OpenCL Info:

Platform ID #1
 Vendor  : The pocl project
 Name    : Portable Computing Language
 Version : OpenCL 2.0 pocl 0.14, LLVM 4.0.0

 Device ID #1
   Type           : CPU
   Vendor ID      : 128
   Vendor         : GenuineIntel
   Name           : pthread-Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
   Version        : OpenCL 2.0 pocl HSTR: pthread-x86_64-unknown-linux-gnu-haswell
   Processor(s)   : 8
   Clock          : 3500
   Memory         : 17888/17888 MB allocatable
   OpenCL Version : OpenCL C 2.0
   Driver Version : 0.14

Platform ID #2
 Vendor  : Mesa
 Name    : Clover
 Version : OpenCL 1.1 Mesa 17.2.4

Platform ID #3
 Vendor  : Intel(R) Corporation
 Name    : Intel(R) OpenCL
 Version : OpenCL 2.0 LINUX

 Device ID #2
   Type           : CPU
   Vendor ID      : 8
   Vendor         : Intel(R) Corporation
   Name           : Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
   Version        : OpenCL 2.0 (Build 37)
   Processor(s)   : 8
   Clock          : 2600
   Memory         : 3960/15840 MB allocatable
   OpenCL Version : OpenCL C 2.0
   Driver Version : 1.2.0.37

I'm trying to run cracking like that:

Code:
➜  hashcat-4.0.1 ./hashcat64.bin -m15700 "\$ethereum\$s*262144*8*1*1ebcc...bdd12f*4e065...5af0366*f86586319...8df" --status --status-timer=5 -w3 --opencl-platforms=3

but the app constantly prints:

Code:
Session..........: hashcat
Status...........: Running
Hash.Type........: Ethereum Wallet, SCRYPT
Hash.Target......: $ethereum$s*262144*8*1*1ebc...c477a9...0a88df
Time.Started.....: Wed Dec 20 14:47:05 2017 (5 secs)
Time.Estimated...: Wed Dec 20 14:47:10 2017 (0 secs)
Guess.Base.......: Pipe
Speed.Dev.#1.....:        0 H/s (1278.98ms)
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0
Rejected.........: 0
Restore.Point....: 0
Candidates.#1....: [Copying]
HWMon.Dev.#1.....: N/A

I was also wondering if something's wrong with my computer that runs Fedora Core but the same happens on two different computers with Windows 10.

Another weird thing is benchmarking. I ran hashcat64.bin --benchmark and everything went fine but didn't benchmark mode 15700. I can see 15600 but 15700 is missing.

Code:
Hashmode: 15600 - Ethereum Wallet, PBKDF2-HMAC-SHA256

Speed.Dev.#1.....:      124 H/s (53.49ms)

Here's part of wallet.json:

Code:
 "crypto": {
   "cipher": "aes-128-ctr",
   "ciphertext": "4e0653b69...e462c9c...cdc998b8...0366",
   "cipherparams": {
     "iv": "90258a3...0b897a3dc2aaf"
   },
   "kdf": "scrypt",
   "kdfparams": {
     "dklen": 32,
     "n": 262144,
     "p": 1,
     "r": 8,
     "salt": "1ebcc...c477a90ad...c74a9...d12f"
   },
   "mac": "f86...fc22dce...87d6f9874...0a88df"

Am I doing something wrong ? Would appreciate any help.
#2
first, do not post hashes.

second, you are not specifying an attack mode and corresponding settings, hence hashcat defaults to stdin mode with a0.
#3
(12-20-2017, 03:56 PM)undeath Wrote: first, do not post hashes.

second, you are not specifying an attack mode and corresponding settings, hence hashcat defaults to stdin mode with a0.

Right. I've just added -a 3 and it works. Thanks. Just thought it defaults to brute force. By the way could you recommend some brute force settings in such case ? Is it really impossible to use gpus ?
#4
If you don't specify a mask hashcat will use a default one which is probably not what you want. Anyway, cracking such a wallet with bf is near impossible unless the password is very short (and you know that).