help with dictionary required
#1
Hi all,

I am trying to get the password of an older blockchain wallet - and have tried btc-recover for some days now.
Unfortunately, the password is pretty complex - and I could not get many hints about the correct combination... so I would like to know, if there's a way to build up a token list like it can be done in btc-recover or similar...

the following facts are known:

- total lenght: 26 characters
- first 6 characters are known - but not how upper and lower case letters are used... (like: HeLLo, hELlo, heLLO, etc.)
- 10 characters are mostly unknown
    - maybe, 6 letters are known, but not how upper and lower case letters are being used - AND their position within the 10 characters
- the last 10 characters are known

I think, simple bruteforce will take too long with 26 characters, and since some patterns are known, I would like to use a wordlist - but how can I create the different variations of these words?

Thanks for any help - would be much appreciated Smile
Reply
#2
I think I've figured one possible out, but there are still too many possible options and the software is running into an Integer overflow detection with the mask that I've used :-(
Reply
#3
Basically you must found a password of 16 chars, the combinations are 4.3608743e+22 , so test your card rate for that
algorithm.

with 10 chars all upper combinations are 1.411671e+14.

Your combinations are intermediate between the two .
Reply
#4
Hi, I am trying now to run hascat with fixed first 6 characters + 10 characters per mask (?l?u) and then fixed last 10 characters.

we are pretty sure, that there are only normal characters from a - Z in the middle section, so we don't need any numbers or special characters here.

unfortunately, it seems that the number of options is still way above any reasonable time frame - if I would need to do the same for each possible combinations of the first 6 characters (which we have already written down)

Time.Estimated...: Next Big Bang (> 10 years)
Speed.#1.........: 2031.4 kH/s (0.82ms) @ Accel:4 Loops:4 Thr:1024 Vec:1

Currently, I am running with an an GTX-680 ... pretty much old and not useful for such things, right?
So maybe, it would be worth in considering a newer GPU?

The CPU I am running on is an AMD Ryzn9 5950X ... so I think, it could reduce the ETA in some way - but I haven't yet figured out how to use it...
[it will not be recognized by hashcat ...]
Reply
#5
(01-16-2021, 03:42 PM)CChris Wrote: Hi, I am trying now to run hascat with fixed first 6 characters + 10 characters per mask (?l?u) and then fixed last 10 characters.

we are pretty sure, that there are only normal characters from a - Z in the middle section, so we don't need any numbers or special characters here.

unfortunately, it seems that the number of options is still way above any reasonable time frame - if I would need to do the same for each possible combinations of the first 6 characters (which we have already written down)

Time.Estimated...: Next Big Bang (> 10 years)
Speed.#1.........:  2031.4 kH/s (0.82ms) @ Accel:4 Loops:4 Thr:1024 Vec:1

Currently, I am running with an an GTX-680 ... pretty much old and not useful for such things, right?
So maybe, it would be worth in considering a newer GPU?

The CPU I am running on is an AMD Ryzn9 5950X ... so I think, it could reduce the ETA in some way - but I haven't yet figured out how to use it...
[it will not be recognized by hashcat ...]

Using a 3090 will give you 20k hashes so will reduce a max of 10 so that still larger then 1 year.
Reply
#6
(01-16-2021, 05:08 PM)Jackjames Wrote: Using a 3090 will give you 20k hashes so will reduce a max of 10 so that still larger then 1 year.


Thanks.
That's what I've thought :-(
And that's only with one out of 64 possible combinations for the first 6 characters... so in total, I would need almost 64 years to try all these combinations - if the last one would be the correct one ...

I think, we need to consider any other method to lower the amount of combinations by a lot!
Reply
#7
(01-16-2021, 05:18 AM)CChris Wrote: Hi all,

I am trying to get the password of an older blockchain wallet - and have tried btc-recover for some days now.
Unfortunately, the password is pretty complex - and I could not get many hints about the correct combination... so I would like to know, if there's a way to build up a token list like it can be done in btc-recover or similar...

the following facts are known:

- total lenght: 26 characters
- first 6 characters are known - but not how upper and lower case letters are used... (like: HeLLo, hELlo, heLLO, etc.)
- 10 characters are mostly unknown
    - maybe, 6 letters are known, but not how upper and lower case letters are being used - AND their position within the 10 characters
- the last 10 characters are known

I think, simple bruteforce will take too long with 26 characters, and since some patterns are known, I would like to use a wordlist - but how can I create the different variations of these words?

Thanks for any help - would be much appreciated Smile

(01-16-2021, 05:17 PM)CChris Wrote:
(01-16-2021, 05:08 PM)Jackjames Wrote: Using a 3090 will give you 20k hashes so will reduce a max of 10 so that still larger then 1 year.


Thanks.
That's what I've thought :-(
And that's only with one out of 64 possible combinations for the first 6 characters... so in total, I would need almost 64 years to try all these combinations - if the last one would be the correct one ...

I think, we need to consider any other method to lower the amount of combinations by a lot!

For the first 6 characters you can make a charset with the letters in Capitols and normal.

Last 10 you use the part of the password you know.

The middle you can try and use ?l that should narrow it down a lot?
Reply
#8
(01-16-2021, 05:24 PM)Jackjames Wrote: For the first 6 characters you can make a charset with the letters in Capitols and normal.


Last 10 you use the part of the password you know.



The middle you can try and use ?l that should narrow it down a lot?


That's what I am already trying.
The thing is:

even if I am using the first 6 charaters and the last 10 characters fixed, it requires too much time with my current hardware - and with an up to date RTX 3090 it would still have an estimation about 1year...
So... we need to run this for 64 options of the first 6 characters... and in the worst case - on three wallet files.

so it would still be an estimated run time from 3*64 years in the worst case Big Grin

And I am not yet in the situation that I would consider of buying a 2.000 € GPU for trying this... or spent even more money for building up an SLI etc.

We need to find a way how to ensure and limit the options for the first 6 characters - and then we need to figure out how we can even reduce the amount of possible combinations for the 10 characters of the mid-section.
At least, we have some idea for 6 of those characters, but don't know their exact place and what upper / lower cases are being used on them...

I NEED to find a more efficient way on how to continue. :-(
Reply
#9
(01-16-2021, 06:51 PM)CChris Wrote:
(01-16-2021, 05:24 PM)Jackjames Wrote: For the first 6 characters you can make a charset with the letters in Capitols and normal.


Last 10 you use the part of the password you know.



The middle you can try and use ?l that should narrow it down a lot?


That's what I am already trying.
The thing is:

even if I am using the first 6 charaters and the last 10 characters fixed, it requires too much time with my current hardware - and with an up to date RTX 3090 it would still have an estimation about 1year...
So... we need to run this for 64 options of the first 6 characters... and in the worst case - on three wallet files.

so it would still be an estimated run time from 3*64 years in the worst case Big Grin

And I am not yet in the situation that I would consider of buying a 2.000 € GPU for trying this... or spent even more money for building up an SLI etc.

We need to find a way how to ensure and limit the options for the first 6 characters - and then we need to figure out how we can even reduce the amount of possible combinations for the 10 characters of the mid-section.
At least, we have some idea for 6 of those characters, but don't know their exact place and what upper / lower cases are being used on them...

I NEED to find a more efficient way on how to continue. :-(

Im using 5x 3090's and im getting around 360 kH/s

The only way to find another or faster way is to know more about the password or try using combo's i think.
Reply