Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some older wallets (2014 era) not correctly opened or imported #3095

Closed
3rdIteration opened this issue Apr 15, 2021 · 27 comments
Closed

Some older wallets (2014 era) not correctly opened or imported #3095

3rdIteration opened this issue Apr 15, 2021 · 27 comments

Comments

@3rdIteration
Copy link

3rdIteration commented Apr 15, 2021
edited
Loading

Description

There didn't seem to be a category for this on the bug bounty website, so it can go here... It is a critical bug in the blockchain.com wallet which prevents users who have the correct passwords from accessing their funds. Basically some older wallet files (2014 era) are not opened correctly. (It looks like these might have been correctly handled in older versions of the wallet)

The wallets that have this issue store the base58 encoded hex private key, but left off any leading zeroes from the hex representation of this key. What this means is that when the base58 encoded private key is converted back to hex, the leading zeros are absent, resulting in an error that the private key is invalid. (And if the base58 conversion is done without checking length, results in a private key that doesn't correspond to the wallet address). All error messages for which assume that the password is incorrect... The main issue is that for these older wallets, some of the private keys (those where the base58 private key doesn't start with zeros) are represented and load correctly.

This encoding of the wallet private keys is consistent from samples of the same wallet file that I have which date from May 2014 through until today. (So the encoding of this private key was also preserved through the user enabling second password, the HD wallet platform upgrade, etc) The wallet in question was created in April 2014 and did successfully send outbound transactions through to July 2015...

I have actually updated BTCRecover to correctly dump these older wallets and produce the expected private keys here: https://github.com/3rdIteration/btcrecover

Expected Behavior

*When provided with the correct password (and/or second password) the wallet would successfully open. (This bug meant that the wallet actually wouldn't even open to view balances, even when given the correct second password)
*When importing the wallet (Using https://login.blockchain.com/wallet/import-wallet) with the correct password (and/or second password) all addresses from that wallet file would be correctly imported. (Not just some of the addresses, which is what happened in this instance)

Reproduction Steps

I can't share the client's wallet without breaching their privacy, but the issue in their wallet file is easy to reproduce through manually crafting a wallet file... (They might be happy to share it privately with your engineers)

Manually create a test wallet with a private key where there are leading zeros.

For example:

00bf0896da0e675e4778eeb71a3d6bc5a2730fec0334c81267c80cc82c4dc6c9

would need to be base58 encoded as: 13uxAJdzrNmV6auvRFPFotaMw3zjMgoyDTQBiZAKCi1E

Whereas these 2014 wallets like the one in question would have encoded it as:
3uxAJdzrNmV6auvRFPFotaMw3zjMgoyDTQBiZAKCi1E

When attempting to decode this base58 encoded private key, it would end up as the incorrect length and not be correctly imported.

Essentially, some older tools do handle this correctly and this comes down to how they handle the base58 -> hex conversion. (Though the current official tools do not, nor do they offer useful or accurate error messages) I haven't spent the time to do through where exactly this would have stopped working but it is likely an issue for multiple users...

Screenshots/Logs

If you have the javascript log open when importing one of these older wallet files you get:

import-export.js:311 Result not 32 bytes in length
import-export.js:337 No Private Keys Imported. Unknown Format Incorrect Password
wallet.js:919 No Private Keys Imported. Unknown Format Incorrect Password

Additional Information

This error report is based on a recovery that I did for a blockchain user who has apparently been attempting to get support through the official channels since 2017... (Without success)

A wallet like this should really be included in the set of test wallets against which releases are tested...
@plondon
Copy link
Contributor

plondon commented Apr 26, 2021

Do you want a job?

@plondon
Copy link
Contributor

plondon commented Apr 26, 2021

We have a ton of open roles

@etherx-dev
Copy link

nothing is funny abourt this plondon, you work for a corrupt orgasnisation and i hope as soon as the governments tech literate enough they crack down on whichever developers implement/are responsible for some of the 'implicit' connections of these attacks.

@plondon
Copy link
Contributor

plondon commented May 11, 2021

I wasn't joking?

@Aditya0888
Copy link

hello , i lost my second password, and my 12 word phrase are not working, blockchain said please contact third party content to recover you wallet or contact third party blockchain compatible wallet. adityadarbar123@gmail.com
Please email if you can help me

@3rdIteration
Copy link
Author

3rdIteration commented Aug 11, 2021 via email

@Aditya0888
Copy link

Yes, when i use those word the continue button is inactive and shows invalid passphrase, and blockchain say your word are inactive because you dont have second password

@3rdIteration
Copy link
Author

3rdIteration commented Aug 11, 2021 via email

@3rdIteration
Copy link
Author

3rdIteration commented Aug 11, 2021 via email

@Aditya0888
Copy link

Aditya0888 commented Aug 12, 2021 via email

@3rdIteration
Copy link
Author

3rdIteration commented Aug 12, 2021 via email

@Aditya0888
Copy link

Aditya0888 commented Aug 12, 2021 via email

@3rdIteration
Copy link
Author

3rdIteration commented Aug 12, 2021 via email

@3rdIteration
Copy link
Author

3rdIteration commented Aug 12, 2021 via email

@blockchain blockchain deleted a comment from kissanakaen Oct 6, 2021
@doge2021
Copy link

doge2021 commented Dec 1, 2021

hello , i lost my second password, and my 12 word phrase are not working, blockchain said please contact third party content to recover you wallet or contact third party blockchain compatible wallet. adityadarbar123@gmail.com Please email if you can help me

need brute force the second password. blockchain.com does not hold your password at all.

@DanielsBerlin
Copy link

DanielsBerlin commented Feb 23, 2022
edited
Loading

@3rdIteration
thanks for your information
I have also faced similar bug in blockchain
I have old blockchain wallet file about 2013 but the file was downloaded in 2021
I when I want to recover from this link
https://login.blockchain.com/wallet/import-wallet
first asked for first then for second password and then
it gives the following output

Choose a New Password

Private keys successfully imported, please enter a password for the new wallet. It must be at least 10 characters in length.
Password:
Confirm Password:

but in the console there is following error:

Error: Invalid padding length of 60 specified for ISO 10126. Wrong cipher specification or key used?

and after I enter new password this error pops up in red color:

Error Saving Wallet: {"success":false,"message":"Wrong captcha"}

I tried to import the same wallet once more with incorrect password and got this error:

No Private Keys Imported. Unknown Format Incorrect Password

another point is with this page:
https://login.blockchain.com/wallet/import-wallet
its really elusive and just escapes to main page and I tried more than 50 times to do a few tests. I was wondering if I can get an offline or standalone version of this page.
Screenshot (2439)

@doge2021
Copy link

@3rdIteration thanks for your information I have also faced similar bug in blockchain and also in btcrecover. I have old blockchain wallet file about 2013 but the file was downloaded in 2021 I know both first and second password btcrecover cracks my first password but cant crack my second password. and cant login to bloackchain.com. the decrypt program in this link also failed to decrypt my wallet: https://github.com/blockchain/my-wallet-backup-decryption-tool/releases and when I want to recover from this link https://login.blockchain.com/wallet/import-wallet first asked for first then for second password and then it gives the following output

Choose a New Password

Private keys successfully imported, please enter a password for the new wallet. It must be at least 10 characters in length.
Password:
Confirm Password:

but in the console there is following error:

Error: Invalid padding length of 60 specified for ISO 10126. Wrong cipher specification or key used?

and after I enter new password this error pops up in red color:

Error Saving Wallet: {"success":false,"message":"Wrong captcha"}

I tried to import the same wallet once more with incorrect password and got this error:

No Private Keys Imported. Unknown Format Incorrect Password

another point is with this page: https://login.blockchain.com/wallet/import-wallet its really elusive and just escapes to main page and I tried more than 50 times to do a few tests. I was wondering if I can get an offline or standalone version of this page. Screenshot (2439)

This is caused by a bug of the backup. cant imported to this directly via the blockchain website. can only decrypt it manually. you may reach btc recover to try to decrypt it manually. i have faced with same error but mine showing "invalid padding length of 32 bytes...."

@3rdIteration
Copy link
Author

If neither BTCRecover nor the official website accepts the second password it is likely just incorrect. (Or at least not related to this exact issue)

@DanielsBerlin
Copy link

DanielsBerlin commented Feb 23, 2022
edited
Loading

@3rdIteration
I checked this several times and when I enter wrong second password
I get this error:

No Private Keys Imported. Unknown Format Incorrect Password

this is another bug.

@3rdIteration
Copy link
Author

If that's the case I would need to see the wallet file in question and work out if something is going wrong.

@DanielsBerlin
Copy link

@3rdIteration
Ok thanks
I am willing to share it with you
I found your email and will send it to you

@DanielsBerlin
Copy link

@plondon
I was wondering when you will have time to look at this page to see why is it escaping and is not usable.
and the there is no captcha request but wrong captcha error pops up
can you disable captcha for that or add it in the window it asks for new password?

@doge2021
Copy link

doge2021 commented Feb 24, 2022
edited
Loading

@plondon I was wondering when you will have time to look at this page to see why is it escaping and is not usable. and the there is no captcha request but wrong captcha error pops up can you disable captcha for that or add it in the window it asks for new password?

@DanielsBerlin this is new captcha feature in the new version wallets. can only try to decrypt the wallet manually. another possible cause is your 2nd password is wrong. this is a common problem faced by those old backups in mid 2016. btc2doge.com pls refer my id, so i will get tip after you guys succeed.

@3rdIteration
Copy link
Author

@3rdIteration Ok thanks I am willing to share it with you I found your email and will send it to you

No worries, I'll keep an eye out.

@doge2021
Copy link

@DanielsBerlin #4238

@3rdIteration
Copy link
Author

3rdIteration commented Mar 8, 2022
edited
Loading

Hi Folks, for those following or who find this in the future, I got a copy of the wallet file from DanielsBerlin.

Basically for those who are technically inclined, the issue is that that wallet file is that it was a V3 wallet, structured just like any V2+ wallet. (PBKDF2, 5000 iterations, etc...)

The issue comes in that for some reason, the files encrypted with the second password weren't using the "modern" encryption for the second password hashing. (Which includes information about the the pbkdf2 iterations, etc, within the body of the JSON that is decrypted with the main password) What makes this extra strange is that all of this information is actually in the decrypted JSON, but doesn't reflect the parameters used to encrypt the data which is protected by the second password. (In the sample wallet provided, the password was only hashed with 10 SHA256 iterations, just like in a V0 wallet)

Anyways BTCRecover has been updated so as to automatically handle this so as to correctly find the password as well as decrypt/dump the wallet and private keys.

@sgronblo sgronblo mentioned this issue Oct 29, 2023
Closed
@slema002 slema002 mentioned this issue Jan 31, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@3rdIteration @plondon @etherx-dev @Aditya0888 @doge2021 @CTucker-BC @DanielsBerlin and others