Ethereum ICO wallet, brute forcing password
#1
Hello guys,

A friend of mine has an Ethereum ICO wallet format, which he has lost its password. I have not been able to use Hashcat to recover the password because the format is different form the UTC wallet format.
.png   v1format.png (Size: 56.81 KB / Downloads: 30)

Does anyone know how I can convert this ICO walet json file to UTC (version 3 keystore file) or is there a way I can use Hashcat on this ICO wallet to brute force the password.

My Thought:
Here is a piece of code which is using ethereumjs-wallet lib 
.png   ethereumcode.png (Size: 64.24 KB / Downloads: 23) and it can help me get a wallet object in v3 but I still need the password to achieve this. 

I don't know how I can leverage Hashcat password combination mechanism to brute force the wallet using the above method.
Reply
#2
use etherium2john.py to convert the json wallet to a format hashcat can handle.
Reply
#3
(01-19-2021, 08:36 PM)undeath Wrote: use etherium2john.py to convert the json wallet to a format hashcat can handle.

This has not worked for me.
Reply
#4
I have used "ethereum2john.py" script to convert the wallet to a format hashcat can handle and I have a list of about 81 possible passwords but there is one password which is believed to have been officially recorded at the time the wallet was generated.


I have tried some hashcat commands like:
- hashcat -m 16300 --force -D1 presaleswallet.txt passwords.txt --status -w3 -r rules/***.rule
- hashcat -m 16300 --force -D1 -o hashcatoutput.txt presaleswallet.txt passwords.txt


I will appreciate if I can get some help with tailoring advance/custom attacks for this case.
Reply
#5
never use --force. Your opencl runtime is broken if you can't run hashcat without it.

If you want help with a custom attack you need to provide more information.
Reply
#6
@undeath,

As I said, I have a password which is believed to be the recorded password, "Tr0nic0n10977$". By hand, I rewrote the password into over 80 different format, and it is the password list I have.

Having this password, I thought it will be a lot easier. I used the password list with this attack, "hashcat -m 16300 -a 0 -D1 presales_wallet_hash.txt password_list.txt -w 3 -r rules/***.rule" and ran all the available hashcat rules (with exception of the hybrid rules) but I did not get the solution.

So, now that it is becoming more difficult and frustrating, I currently download a "rockyou.txt" file with over 14 million words and I am running this attack "hashcat -m 16300 -a 0 -w 3 -r rules/best64.rule presales_wallet_has.txt rockyou.txt".

This attack is still running but I don't even think it will be successful because the recorded password "Tr0nic0n10977$" deviates a lot from the sample passwords in the rockyou.txt file . I used grep to search for patterns (like: Tron, Tr0n, ic0n, 10977$ etc) but the result seems poor to me.

I am thinking that there should be a more effective attack which can use the recorded password, "Tr0nic0n1977$", to produce a more specific result. I believe there is. I just don't know it.

I will appreciate if someone can recommend other types of better attacks or more advanced attacks.

Here is my device info:
OpenCL Info:
============

OpenCL Platform ID #1
Vendor..: Apple
Name....: Apple
Version.: OpenCL 1.2 (Nov 23 2020 03:06:15)

Backend Device ID #1
Type...........: CPU
Vendor.ID......: 4
Vendor.........: Intel
Name...........: Intel(R) Core(TM) i5-5257U CPU @ 2.70GHz
Version........: OpenCL 1.2
Processor(s)...: 4
Clock..........: 2700
Memory.Total...: 8192 MB (limited to 2048 MB allocatable in one block)
Memory.Free....: 8128 MB
OpenCL.Version.: OpenCL C 1.2
Driver.Version.: 1.1

Backend Device ID #2
Type...........: GPU
Vendor.ID......: 8
Vendor.........: Intel Inc.
Name...........: Intel(R) Iris(TM) Graphics 6100
Version........: OpenCL 1.2
Processor(s)...: 48
Clock..........: 1050
Memory.Total...: 1536 MB (limited to 384 MB allocatable in one block)
Memory.Free....: 1472 MB
OpenCL.Version.: OpenCL C 1.2
Driver.Version.: 1.2(Dec 2 2020 20:57:44)

Thanks so much for your time.
Reply
#7
Make a new password file, put this in it:
Tr0nic0n1977$
Tr0nic0n1977
Tr0nic0n
Tronicon
tronicon
tr0nic0n
tr0nic0n1977
tr0nic0n1977$

Search Google for oneruletorulethemall

Use that rule set(will create at least 50,000 deviations of them passwords. It's the best rule set publicly available. You can also use your 80 password list if the hash type is fast enough.

Good luck.
Reply
#8
Hi x34cha,

I was able to find the "oneruletorulethemall" rule but I did not learn much about it as you explained. Thanks for this new Idea. I will try it out.

I will own you or anyone who suggest that rule that will work.

Thanks so much.
Reply
#9
other alternatives or things you could still test are using the multi-rule file feature (see https://hashcat.net/wiki/doku.php?id=rul...ulti-rules) where each rule from one rule file is combined with the other (can be even more than 2) rule files (hashcat -r first.rule -r second.rule ...)

or try the nice (and often underestimated and rarely used) generate rule feature with the -g option (can't be combined with -r , but you could already generate a mangled/modified/pre-computed password list with -r and --stdout or similar and afterwards combine it with -g 49999 or similar)

or completely different attacks (see https://hashcat.net/wiki/#core_attack_modes and https://hashcat.net/wiki/#other_attacks ) ; for instance adding some "common chars" (like in ?a charset) at the end or front of the password candidates (hybrid attack) etc.

I still think it makes sense to not just test only one single password (at the end there could still be the chance that the correct password is "quite different" from what you think it is) with many rules, but a lot of possible password candidates (could and probably should even contain many mangled/derived forms of the passwords you think are likely the right ones, or similar to the correct password) and mangle them further.... (similar approach that x34cha suggests above, just make sure that the original password is also within the list that will be mangled with "random" or a lot of rules and don't forget to use the ":" rules if you use the multi-rules feature).
Reply
#10
Thanks for all these help guys.

I think I have a some to work with. I have most of this ideas before, (in their basic forms) but you are are showing me things I missed.

I really appreciate.
Reply