Salts in Bitcoin wallet.dat hashes
#11
(11-21-2020, 01:59 PM)MA40 Wrote: According to the Wikipedia article, salts are kept separate from hashes to be effective.

They are not and that's not the purpose of a salt. A salt is almost always stored alongside the hash, as is also written in the wikipedia article. The wallet.dat file does include the salt. Otherwise, as you already noted, there's no way to calculate the correct hash value.

(11-21-2020, 07:43 PM)MA40 Wrote:  Just by the hash it is possible to know if the password is "ABCDE" and the salt "12345" or if "ABCDE12345" is really the whole password?

Most hashing constructions are more complex than simply concatenating password and salt. Various solutions exist. In the simplest case that you have described what you wrote is indeed a weakness. It would not be possible to discern directly between password and salt in the plaintext.
Reply
#12
(11-21-2020, 09:30 PM)undeath Wrote: The wallet.dat file does include the salt.


Thank you very much undeath.
 
The hash can be easily extracted from the file “wallet.dat”. Could the salt also be extracted? How?
 
A greeting.
Reply
#13
Whatever script you are using to extract the hash already does include the salt in its output. Hashcat wouldn't be able to process the input otherwise.
Reply
#14
Read https://github.com/openwall/john/blob/bl...in2john.py
You'l see:
Code:
crypted = 'salt' in json_db['mkey']
...
sys.stdout.write("$bitcoin$%s$%s$%s$%s$%s$2$00$2$00\n" %
            (len(cry_master), cry_master, len(cry_salt), cry_salt, cry_rounds))
You can identify the 'salt' (définition of salt here can be challenged) in your hash.
Reply