Hey guys, thank you very much for your replies. I did not know the answers because bitcointalk did not notify me by email.
<encrypted key> is the encryption key which itself is encrypted with your passphrase. Your passphrase is hashed to get the key that is used to encrypt this encrypted key.
<length of salt> is always 16. The salt is 8 bytes which means it is 16 characters.
<salt> is the salt. It is randomly generated. The salt is combined with your passphrase to generate the key used to encrypt the actual encryption key.
<derivation method iteration count> is the number of times to run the hash function that is used to derive the encryption key from your passphrase.
<length of derivation method> is always 2. The derivation method is stored as a single byte number, so it is always 2 characters.
<derivation method> is an integer that indicates the function to be used to derive the encryption key from the passphrase. Currently there is only one method, SHA512, and it is indicated with the number 0.
<length of additional parameters> is always 2. There are no additional parameters, so it is represented by a single byte of 0, which makes the length 2 characters.
<additional parameters> is always 00. There are no additional parameters, so it is always a 0 byte.
achow101 thank you very much for your detailed explanation. Now I'm sure that the wallet.dat is not corrupted.
The next step is to download and run hashcat and run it with the options hashcat -a 0 -m 11300 <paste the hash here> <dictionary file>. -a 0 stands for attack mode 0 which just uses a dictionary file with a password on each line, it's good if you have a large number of passwords you think you used or you used an easy-to-guess password. There's also a "mask mode" you can toggle to construct a pattern to match each characters of a potential pattern against. -m 11300 interprets the hash as one from a Bitcoin or Litecoin wallet.dat file, and it'll probably work for your dogecoin wallet too. Then you paste the hash
For the hash you need to paste the entire line you for from bitcoin2john.py. Then you need to make a dictionary file or download one from the internet. But if you remember using some unique password then you're probably better off making the file yourself.
Instead of putting the hash on the command line you can also put all 5 hashes in a file and pass that in place of the hash.
So.. I should run
I tried hashcat few weeks ago. It was slower than btcrecover (I think btcrecover uses all cores of GPU). I assume that btcrecover does the same as hashcat but with the wallet.dat file instead wallet hash.
Why is it strange?
How do you even know that the "half of the password" is actually correct? Are you assuming that because the "half of the password" worked on some of your other wallets (for ltc/doge etc), that it must also be "half of the password" to your btc wallet?
Unfortunately, you have not way of knowing this is true until you actually find the correct passphrase for the wallet.dat.
It is entirely possible that the "half of the password" that you believe to be correct, is in fact completely wrong... which would explain why btcrecover is not able to recover the complete passphrase, as if you've given it an incorrect starting point, then btcrecover will never be able to find the passphrase.
That is to say... if the passphrase is: password123
and you believe that the passphrase starts: "abc", then there is literally 0% chance that btcrecover would be able to get end up finding "password123"
Yes, I'm sure that the password is created by my own pattern. I just recover a few other wallets with btcrecover. The key is to create patterns and choose only the characters that I suppose I used. They are words, and in my language + words that I usually use (there are many letters of the alphabet that are not used (w, x, y, k) and special characters I only use three or four). So I think I have a chance of getting them back.
Once again, thank you very much.
Code:
$bitcoin$<length of encrypted key>$<encrypted key>$<length of salt>$<salt>$<derivation method iteration count>$<length of derivation method>$<derivation method>$<length of additional parameters>$<additional parameters>$
<length of encrypted key> is always 64. The encrypted key is a 32 byte key which means it is 64 characters.<encrypted key> is the encryption key which itself is encrypted with your passphrase. Your passphrase is hashed to get the key that is used to encrypt this encrypted key.
<length of salt> is always 16. The salt is 8 bytes which means it is 16 characters.
<salt> is the salt. It is randomly generated. The salt is combined with your passphrase to generate the key used to encrypt the actual encryption key.
<derivation method iteration count> is the number of times to run the hash function that is used to derive the encryption key from your passphrase.
<length of derivation method> is always 2. The derivation method is stored as a single byte number, so it is always 2 characters.
<derivation method> is an integer that indicates the function to be used to derive the encryption key from the passphrase. Currently there is only one method, SHA512, and it is indicated with the number 0.
<length of additional parameters> is always 2. There are no additional parameters, so it is represented by a single byte of 0, which makes the length 2 characters.
<additional parameters> is always 00. There are no additional parameters, so it is always a 0 byte.
achow101 thank you very much for your detailed explanation. Now I'm sure that the wallet.dat is not corrupted.
The next step is to download and run hashcat and run it with the options hashcat -a 0 -m 11300 <paste the hash here> <dictionary file>. -a 0 stands for attack mode 0 which just uses a dictionary file with a password on each line, it's good if you have a large number of passwords you think you used or you used an easy-to-guess password. There's also a "mask mode" you can toggle to construct a pattern to match each characters of a potential pattern against. -m 11300 interprets the hash as one from a Bitcoin or Litecoin wallet.dat file, and it'll probably work for your dogecoin wallet too. Then you paste the hash
For the hash you need to paste the entire line you for from bitcoin2john.py. Then you need to make a dictionary file or download one from the internet. But if you remember using some unique password then you're probably better off making the file yourself.
Instead of putting the hash on the command line you can also put all 5 hashes in a file and pass that in place of the hash.
So.. I should run
Code:
hashcat -a 0 -m 11300 $bitcoin$64$6a750G4ef1867cff00d941df3d1165c39164b4273aca3c7e57af5adf60183945$16$83c69fe19b89ab31$81501$2$00$2$00
I tried hashcat few weeks ago. It was slower than btcrecover (I think btcrecover uses all cores of GPU). I assume that btcrecover does the same as hashcat but with the wallet.dat file instead wallet hash.
Why is it strange?
How do you even know that the "half of the password" is actually correct? Are you assuming that because the "half of the password" worked on some of your other wallets (for ltc/doge etc), that it must also be "half of the password" to your btc wallet? Unfortunately, you have not way of knowing this is true until you actually find the correct passphrase for the wallet.dat.
It is entirely possible that the "half of the password" that you believe to be correct, is in fact completely wrong... which would explain why btcrecover is not able to recover the complete passphrase, as if you've given it an incorrect starting point, then btcrecover will never be able to find the passphrase.
That is to say... if the passphrase is: password123
and you believe that the passphrase starts: "abc", then there is literally 0% chance that btcrecover would be able to get end up finding "password123"
Yes, I'm sure that the password is created by my own pattern. I just recover a few other wallets with btcrecover. The key is to create patterns and choose only the characters that I suppose I used. They are words, and in my language + words that I usually use (there are many letters of the alphabet that are not used (w, x, y, k) and special characters I only use three or four). So I think I have a chance of getting them back.
Once again, thank you very much.