Help on forgetting last few characters of keystore file
#1
Hi all ,

I may have screwed myself royally here and of course my own fault if I did 

essentially I created a keystore file here https://zillet.io/create and have been able to login using the keystore file for many a moon so I didn't protect the private key as well as I should so it is unfortunately gone. 

A keystore file was generated  ( created a new one for example )

Code:
{"address":"0xC674a4ead8D1DDfdF8cf3B8f15Fb0047972595db","crypto":{"cipher":"aes-128-ctr","cipherparams":{"iv":"5cd0882cfd7045e4b95a94ad718b6632"},"ciphertext":"5a4c9fa4e95609b77390528df9167543e847fb0f7d2d0edb294ac13ded4a7005","kdf":"scrypt","kdfparams":{"salt":"7c772a821e9ec3f81c02cd3b31ed715980baa3b8a94d86863b16f464a32a1e01","n":8192,"c":262144,"r":8,"p":1,"dklen":32},"mac":"dcdf189435adc6a7e5bbc9822e63ac4bfc4475b14d7b1145d8335008771a2a50"},"id":"64623864-3631-4666-b532-323933323237","version":3}

Now for this the password is 
a0204060B*_PASSWORD 



In my real life scenario the password is obviously different but lets say 

- I am 99% confident the password begins with 
a0204060B*_PASS    and has 3 to 5 extra characters ( definitely characters) 
- I am 90% confident the password begins with 
a0204060B_PASS  and has 3- 5 extra characters  ( definitely characters)

- I am 70% the password begins with 
[aA]0204060[bB]*_[pP][aA][sS][sS]
or 
[aA]0204060[bB]_[pP][aA][sS][sS]


Would there be any way for hashcat to brute force this  or have I any hope?

I think it’s using scrypt and I know hashcat supports scrypt, but how do I extract the target hash here?? 

It seems that maybe there is no hash here to extract and the scrypt PBKDF just runs to generate key material and then pushes that into AES CTR?
Reply