Hash bitcoin brain wallet address from passphase?
#1
So i just found some of my old paper wallet generated. Unfortunately, the ink was blur when i fold it which make some of the characters was lost like this

######a2f52RR4xrcLKxWpVA

It lost 6 characters, i calculate & it has 53981544960 combinations, pretty posssible to generate & get it back. Some ppl introduce me to hashcat & recommend me to use this, but i can't seem to find the options to hash bitcoin address from direct passphase so i plan to modify the source . How can i do this? Can any body recommend where should i start? Thank You
Reply
#2
you need to at least explain what software you used to generate the paper wallet.

My guess is that it is a bip38 or similar "encrypted"/derived private key. What data do you have? The encrypted private key, the bitcoin address and part of the password (6 characters missing with known charset)?

Some of these "standards" to encrypt the private key are quite difficult to attack because they use a quite good encryption and key derivation scheme (like scrypt and AES or some kind of hashing combined of course with some elliptic curve operations to generate the public/private key given a password as input).
All of these things (scrypt with reasonable high settings/ellipctic curve encryption etc) are quite difficult to do on GPUs and/or are not supported yet by hashcat.
Even if you think that 6 characters sounds like doable, it might not be the case depending on the way the paper wallet was generated.

Currently, only the hashing modes listed here: https://hashcat.net/wiki/example_hashes are supported by hashcat and for bitcoin the main one is the wallet.dat cracking which I think is not applicable in your case because you are talking about paper wallets.
Reply
#3
(07-13-2018, 11:22 AM)philsmd Wrote: you need to at least explain what software you used to generate the paper wallet.

My guess is that it is a bip38 or similar "encrypted"/derived private key. What data do you have? The encrypted private key, the bitcoin address and part of the password (6 characters missing with known charset)?

Some of these "standards" to encrypt the private key are quite difficult to attack because they use a quite good encryption and key derivation scheme (like scrypt and AES or some kind of hashing combined of course with some elliptic curve operations to generate the public/private key given a password as input).
All of these things (scrypt with reasonable high settings/ellipctic curve encryption etc) are quite difficult to do on GPUs and/or are not supported yet by hashcat.
Even if you think that 6 characters sounds like doable, it might not be the case depending on the way the paper wallet was generated.

Currently, only the hashing modes listed here: https://hashcat.net/wiki/example_hashes are supported by hashcat and for bitcoin the main one is the wallet.dat cracking which I think is not applicable in your case because you are talking about paper wallets.

http://bitaddress.org. You just need to insert the passphase above & it will return the address & its private key, but i wrote down the address & passphase as "paper wallet" becasue it far shorter & easier to type back. The address still intact which is why i'm looking for solution to convert it straight into address without generate private key if it make it faster
Reply
#4
The bitcoin address is derivated from the public key and if you do not know the public key you need to use the elliptic curve operations to generate the private&public key pair.
Reply
#5
(07-13-2018, 11:42 AM)philsmd Wrote: The bitcoin address is derivated from the public key and if you do not know the public key you need to use the elliptic curve operations to generate the private&public key pair.

I mean convert the passphase, not the public key. Just go to brain wallet section in that website. Insert passphase & it return you address & private key as well
Reply
#6
I don't think that the data you have is enough at all. if you only have the password you can't do anything, you need to have the data too (it's like a seed or think about it as AES encrypted gibberish, random bytes). Otherwise everybody having the same password (which would probably be a lot of people) would have the same private key and bitcoin address etc
Reply
#7
The brain wallet is directly derived from the password. According to the website it's just sha256(pw). That will yield the private key, from which you need to derive the public key, and then the address to verify against.

(you can do a meet-in-the-middle, but that will only save very few steps, the conversion of pubkey hash to address)
Reply
#8
(07-13-2018, 11:52 AM)philsmd Wrote: I don't think that the data you have is enough at all. if you only have the password you can't do anything, you need to have the data too (it's like a seed or think about it as AES encrypted gibberish, random bytes). Otherwise everybody having the same password (which would probably be a lot of people) would have the same private key and bitcoin address etc

that's not how bitcoin brain wallet work. You only need one seed for one pair of address & private key,my passphase is the seed, unless you run the entire blockchain to find collision, chance is seriousy small
Reply
#9
oh. we are suddently speaking about brain wallets? The OP didn't mention that and the other post was modified to include "brain wallet". Yeah, that's a different story.

Nevermind, the title says it too. I missed that. sorry


Therefore, if you are sure that it is just a sha256 hash, it could be feasible with a lot of hardware. What is your character set?
The number of combinations 53981544960 seems quite strange for 6 characters because that is something like 61^6 = 51520374361 but not exactly
Reply
#10
(07-13-2018, 11:59 AM)undeath Wrote: The brain wallet is directly derived from the password. According to the website it's just sha256(pw). That will yield the private key, from which you need to derive the public key, and then the address to verify against.

(you can do a meet-in-the-middle, but that will only save very few steps, the conversion of pubkey hash to address)

Does hashcat provide any specific documentation for ppl who want to customize the source?
Reply