New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BitShares v0.x wallet password hash type: sha512_hex(sha512_binary(password)) #1572

Open
Cortexelus opened this Issue May 13, 2018 · 2 comments

Comments

Projects
None yet
2 participants
@Cortexelus

Cortexelus commented May 13, 2018

Application

BitShares is a blockchain-based decentralized asset exchange. It started in 2014 and today has a market cap of $641 million. BitShares uses the cryptocurrency token BTS. Like other cryptocurrencies, BitShares users use a secure digital wallet to 'store', send, and receive BTS. However, if a user forgets their BitShares wallet password, they lose access to their BitShares funds. It is common to see these users ask in forums for help recovering their lost wallet password. It is easy to extract the password_checksum from a locked-out wallet. A user could give their password_checksum to a password recovery service, which may be able to crack it and recover the password.

Note: cracking the password_checksum is not sufficient to steal that user's cryptocurrency. One also needs the encrypted_private_key associated with the wallet. A user can keep their encrypted_private_key secret, while asking a password recovery service to crack the password_checksum, without risking theft.

Hash function

password_checksum = sha512_hex(sha512_binary(password))

Note: this is for the older version of the BitShares client, up to and including v0.9.3c. The BitShares-2.0 client wallet encrypts passwords differently.

Steps to extract the password checksum

  1. Download BitShares client v0.9.3c
  2. Create a wallet and enter a password
  3. Export wallet to JSON file
  4. Read password_checksum from JSON file

Example

password123
=>
b335d77abf42f6da1b6d0864129fa176c7c499b70c389b273e719473e5f029f54b9b8914e96a6585db2f16c987e6b988e78a0e497bbe8bc88d62df0eb81b7010

Thanks

@jsteube

This comment has been minimized.

Member

jsteube commented Jun 22, 2018

Something's strange here!

While your example from JSON works, bit it seems to be using a client from Sep 22, 2015, but this is the latest version 0 (or 1?) on GitHub (did it move somewhere else?).

Now if you take a look at JtR which support cracking BitShares.Setup.2.0.180115.exe it access a sqlite database. The KDF is the same, but no more password_checksum field. It now needs an additional AES descrypt (plus it became salted) this way to find out if the password is correct.

The question is now what's the right algorithm and if there's actually 3 different algorithms (including the one from the backup files).

@Cortexelus

This comment has been minimized.

Cortexelus commented Sep 18, 2018

Yes this is for the older version.

We saw a surge of users who bought BitShares early in 2014-2015, used this older wallet client, ignored it for a few years until receiving the news their price soared, then came to forums asking for help recovering their wallets. They have wallet JSONs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment