Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BIP38 support #88

Open
S1W opened this issue Jul 17, 2017 · 15 comments
Open

BIP38 support #88

S1W opened this issue Jul 17, 2017 · 15 comments

Comments

@S1W
Copy link

S1W commented Jul 17, 2017

Hi! I found your amazing tooling when looking for a way to decrypt a BIP38 key in a more or less efficient way. I do have parts of the passphrase, but I suppose btcrecover does not support BIP38? Will there be any BIP38 implementation some day? Thanks!

@S1W
Copy link
Author

S1W commented Jul 19, 2017

Attached a bit of code I used before, maybe this is usable to integrate in BTCrecover?

decrypt_bip38.txt

@gurnec
Copy link
Owner

gurnec commented Jul 19, 2017

Thanks!

I'm certainly not against implementing some sort of BIP38 support... (here comes the "but") but it's not very popular, and it is a bit complex. I'll definitely keep this open for now though.

Thanks for the code reference, it'll certainly be helpful at some point. Unfortunately, this code has two attributes which I've been trying very hard to avoid: it's hard to install on a supported OS (Windows in this case), and it implements EC math in pure python (slow, but not a problem if you're not using the EC multiply option). In other words, it could require a lot of work if I want to keep the same rules for this wallet format that I do for others...

Having said all that, since you're familiar with Python, there's no reason you couldn't use btcrecover together with your script. You'd have to modify your script to read passwords from stdin, and then you could run btcrecover with the --listpass option to have it feed passwords to your script which then does all the "real" crypto work.

@S1W
Copy link
Author

S1W commented Jul 20, 2017

Great! Thanks for your response. In the meanwhile I will use the --listpass work around. Could you explain a little bit more about what exactly casuses problems with EC math implementation? I thnink the whole idea was to delibaretly make bruteforcing slow on a BIP38 key by design?

@gurnec
Copy link
Owner

gurnec commented Jul 21, 2017

I didn't mean that I thought there was something wrong with this particular implementation nor with BIP38 itself for the most part, only that btcrecover (indirectly) uses Crypto++ for EC math, and I'd like to keep doing this, and btcrecover uses pylibscrypt[1] for scrypt, and I'd like to keep doing this too.

[1]: which on Linux ends up using libscrypt most of the time, and on Windows uses libsodium since compiling either libscrypt or the Python scrypt module for Windows is a bit of a pain and not something I'd expect most end-users to know how to do.

@Newbie62
Copy link

At the risk of sounding like an idiot, how would you modify this script to read passwords from stdin on a mac? Thanks.

@S1W
Copy link
Author

S1W commented Jan 31, 2018

You could use the --listpass option to generate your password list and feed that to the script I uploaded before. Edit the scrip and fill the bip = '' variable with your BIP38 string that needs to be tested.

@Newbie62
Copy link

Newbie62 commented Feb 1, 2018

I can't seem to execute the script via my Terminal.app. Would you be able to help me understand what I'm doing wrong? Since I'm on a mac (High Sierra, the latest version) I need to use pythonw rather than simply python. I fill in the bip = ' ' with the name of the txt file (located under btcrecover-master) listing the various passwords created using my tokenlist.txt file using --listpass. I followed the script exactly,except for the gap between lines 64 and 67 because I kept getting an error message regarding indentation. As I'm sure you can tell, I've got a bit learning curve as I am just getting started with python.

Here's my screen:

$ /usr/local/bin/pythonw
Python 2.7.14 (v2.7.14:84471935ed, Sep 16 2017, 12:01:12)
[GCC 4.2.1 (Apple Inc. build 5666) (dot 3)] on darwin
Type "help", "copyright", "credits" or "license" for more information.

import sys, os
import getopt
import random
import time
from pybip38 import bip38decrypt
from random import choice

inputfile = ''
pswd_counter = 0
bip = '54withsecondwallet5.txt'
#bip = '54withsecondwallet5.txt'
...
def decrypt_key(paswd):
... return bip38decrypt(paswd, bip, outputlotsequence=False)
...
#def loop_words(wordlist):
... # for pwd in open(wordlist):
... # result = decrypt_key(pwd)
... # print "Wachtwoord: %s private key: %s" % (pwd, result)
...
def loop_words(wordlist):
... global pswd_counter
... result = ""
... for pwd in open(wordlist):
... pswd_counter += 1
... pwd = pwd.strip()
... result = decrypt_key(pwd)
... if str(result) == "False":
... print "Counter %s Wachtwoord: %s private key: %s" % (pswd_counter, pwd, result)
... else:
... print "Counter %s Wachtwoord: %s private key: %s" % (pswd_counter, pwd, result)
... sys.exit()
...
def loop_dir(dir):
... for root, _, files in os.walk(dir):
... for f in files:
... print os.path.join(root, f)
... loop_words(os.path.join(root, f))
...
def check_input(input):
... if os.path.isdir(input):
... print "Found directory...start looking for wordlists..."
... loop_dir(input)
...
def check_input(input):
... if os.path.isdir(input):
... print "Found directory...start looking for wordlists..."
... loop_dir(input)
... elif os.path.isfile(input):
... print "Found file...start looking for passwords..."
... loop_words(input)
...
def main(argv):
... try:
... opts, args = getopt.getopt(argv,"hi:k:",["ifile=","key="])
... except getopt.GetoptError:
... print 'decrypt_wordlist.py -i -k '
... sys.exit(2)
... key = ''
... inputfile = ''
... for opt, arg in opts:
... if opt == '-h':
... print 'decrypt_wordlist.py -i -k '
... sys.exit()
... elif opt in ("-i", "--ifile"):
... inputfile = arg
... elif opt in ("-k", "--key"):
... key = arg
... check_input(inputfile)
...
if name == "main":
... main(sys.argv[1:])
Grateful for any guidance. Thanks for taking the time.

@S1W
Copy link
Author

S1W commented Feb 1, 2018

Sure ;)

You need to put the BIP38 string you want to crack where it says bip = ''. So put a key like this there bip='6PYWndUBwfPBfbijjXZNVrkubTniN6CsViNHpKP6xn2uKBnqZBsT68nezG'.

Leave the inputfile ='' like that. Now Run the script like this:

Python decrypt_bip38.py -i yourpasswordlist.txt

Now the script will iterate through all passwords and try one by one on the bip38 string you inserted in the script.

@Newbie62
Copy link

Newbie62 commented Feb 9, 2018

Thanks so much!

@Zeetster2K
Copy link

"PLEASE LEAVE THIS THREAD OPEN". I have a BIP38 paper wallet and a password for it and I created it on bitadress.org. I couldn't see a download for BIP38 in your github instructions. So I find this thread useful as it is going to take me awhile to figure it out. Thanks

@3rdIteration
Copy link

My updated fork of BTCRecover now supports BIP38 wallets for Bitcoin, Litecoin, etc. via the --bip38-enc-privkey argument

You can find it here: https://github.com/3rdIteration/btcrecover

@CybertSys
Copy link

CybertSys commented Feb 3, 2021

Thank you. I'm having trouble locating the documentation on how to use it on BIP38 paper wallets.

@3rdIteration
Copy link

@CybertSys
Copy link

CybertSys commented Nov 10, 2021 via email

@isieditors
Copy link

@CybertSys
I can also try it if you are tired of trying it any more
my contact details is on my profile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

9 participants
@3rdIteration @S1W @gurnec @Zeetster2K @Newbie62 @CybertSys @isieditors and others