Hash extract error
#1
Hello , i use bitcoin2john.py  to extract wallet.dat. It usually works fine , but today i have error

Code:
Traceback (most recent call last):
  File "btc.py", line 619, in parse_wallet
    d['lockTime'] = vds.read_uint32()
  File "btc.py", line 498, in read_uint32
    def read_uint32(self): return self._read_num('<I')
  File "btc.py", line 539, in _read_num
    (i,) = struct.unpack_from(format, self.input, self.read_cursor)
OverflowError: long int too large to convert to int
ERROR parsing wallet.dat, type txkey data: tx(lЁББ╣┌_DЛъ)TfцhуiыЭxx╨ф;Ж%сШ╗key data in hex: 027478286cf08181b9da5f448bea295466e61a0668e369eb9d7878d0e43b8625e198bbvalue data in hex: 0200000000010127c95af9d3e7d9ff885fa6687b67d2bc19f7df2bc7583531b4dd2d682c4cfc1b48000000171600142e4b7ba8009eb12e3501288c210f2245eafe909ffdffffff02faab4f010000000017a914596699ff33dde099f9c34d922a28ca145202276087003fab01000000001976a914d29d95238ab177fc5f304f31cb328f6e49fc02fa88ac0247304402200fe38662dbd0f1c7d877b24f74b6051213a8df937b10bf714d2472dd75c4edb50220472d97d084b50d0d02c56d1cd017940f14fa53e93531dd15b6f1560f415afbe701210359cf72c727ca59349b370254c2fe30c57f02b5afe1dd2fd36aa7541a5fc088a723ad08006ccb732240b56ff18ada26f209a84081551c70aa1c4b0e00000000000000000000190a000000030b66726f6d6163636f756e7400016e033735320974696d65736d6172740a313535333438363235370001000000b151985c0100


Wallet opens and work fine.  May be i can use other utils to try extract hash ? Thanks
Reply
#2
It probably would make much more sense to report this problem to the bleeding-jumbo JTR repository (https://github.com/magnumripper/JohnTheRipper ) where the bitcoin2john.py utility is being developed.

My only recommendations are:
- try to generate a new wallet for which you have the password and without balance and can still reproduce the problem
- try with newer/older versions of bitcoin2john.py (https://github.com/magnumripper/JohnTheR...in2john.py)
- try to search for similar issues here: https://github.com/magnumripper/JohnTheRipper/issues and if no issues are still open, try to report it with a throw-away wallet file attached
- try to use python 2.7 vs python 3.x

all of this is more or less a 3rd party problem, because the hash extraction in this case is done with a JTR tool called bitcoin2john.py (so you are better off reporting it where the roots of that 3rd party are)
Reply
#3
Sure i will do this, and will reply here about results.
But i also wonder - Are there other utilities available for hash extraction

-------------------------------
Solved:
Last release of JTR contains old bitcoin2john.py file
I just take this directly from github source and all works fine!
Reply