Restore password from Keystore

[jerem30]

Hello,

I would like to ask you for help. I installed the Polkawallet a few weeks ago and repeatedly sent there some DOT tokens. The problem is that I found out that I have lost the password to my Polkawallet and I can't send any DOT tokens to anywhere without this password. I have the keystore json file and I am thinking about cracking my password with the hashcat tool, I could maybe do it, because my password had 6 characters. Maybe if you could help me what hash type I should use from this list https://hashcat.net/wiki/doku.php?id=example_hashes or how can I generate the hashfile (from these values: address, encoded and pubKey from json) for hashcat I would be very thankful.

I was thinking about using this hash mode (see example): 
MultiBit HD (scrypt) -> $multibit$2*address*encoded*pubKey

But in this case I got this error from hashcat:
Hashfile 'hashcode.txt' on line 1 ($multi......6b): Token length exception

I also find some tutorial how to do it for ethereum wallet but the json keystore is different for Polkawallet:
https://www.youtube.com/watch?v=ZuhtaCgY0wc
https://stealthsploit.com/2017/06/12/ethereum-wallet-cracking/

I would appreciate if you can help me with this issue.

Best Regards
Jeremy

[RomeroYang]

Polkawallet manages users keyPairs with https://www.npmjs.com/package/@polkadot/keyring, you may find the crypto related methods in their source code: https://github.com/polkadot-js/common/blob/master/packages/keyring/README.md.

[jerem30]

Thank you @RomeroYang for your response. I think maybe it would be good to inspect these methods deeper:

• encode.ts
• decode.ts
• keyring.ts
• createFromJson

The keyring type which has been used was sr25519. Here is an example how the exported json looks like for another test Polkawallet:
{ "address":"14Mg81diA7Y1Apqvt3H9P4wGQ5dBYHimEYemyY6LKCZgqxDF", "encoded":"pjtPun5591hOUWGxTk8FwX+DzYkqVtO8n5/6dBZJTC8AgAAAAQAAAAgAAABdrDWgHp/3XMr2nW4FJoQFolg7w5aiv49mgUQzf3eUFma5Gpo+l4liowesA3zecBO7OVgU84DzG2ZHtRfsztbT70d0uW8Acbn/HtA2AxjrlDx74V5hRjQelNhfXJ31+D3qrAFLTQqA+NqNGDPGOb3TP+16xhFyJcTJx+/vWm/Nwy+mQFhoWiXwkJ4C7YLwP8PTnOj6wpDP4h54wwx4", "pubKey":"0x94794d12459f1940e70fd13c0fe64fe89609cc6915fe0785cb7427920554a17f", "encoding":{ "content":[ "pkcs8", "sr25519" ], "type":[ "scrypt", "xsalsa20-poly1305" ], "version":"3" }, "meta":{ "name":"test", "whenCreated":1615241015987, "whenEdited":1615241015987 }, "memo":null, "observation":null, "indexInfo":null }

The key things from this json for crack the password is I think the encoded value. Which I think I need to encode with Base64 and use in hashcat. Maybe these threads below can help me to move further. Maybe it would be good to know the salt value but that one is unknown.

• https://hashcat.net/forum/thread-5765.html
• https://hashcat.net/forum/thread-5352.html

I encoded the encoded value from json with this encode-tool and I tried to use this value in hashcat using this command below, but it failed on the "Token length exception". To test this command on Mac you can install the hashcat with brew.

hashcat -m 8900 SCRYPT:1024:1:1:c2FsdA==:cGp0UHVuNTU5MWhPVVdHeFRrOEZ3WCtEellrcVZ0TzhuNS82ZEJaSlRDOEFnQUFBQVFBQUFBZ0FBQUJkckRXZ0hwLzNYTXIyblc0RkpvUUZvbGc3dzVhaXY0OW1nVVF6ZjNlVUZtYTVHcG8rbDRsaW93ZXNBM3plY0JPN09WZ1U4NER6RzJaSHRSZnN6dGJUNzBkMHVXOEFjYm4vSHRBMkF4anJsRHg3NFY1aFJqUWVsTmhmWEozMStEM3FyQUZMVFFxQStOcU5HRFBHT2IzVFArMTZ4aEZ5SmNUSngrL3ZXbS9Od3krbVFGaG9XaVh3a0o0QzdZTHdQOFBUbk9qNndwRFA0aDU0d3d4NA== /dive.rule

I am not an expert in this field and I think I miss something important.
Thank you for further advice or help with this issue.

[RomeroYang]

I'm not an expert in the codec things either. I think all the infomation you need is in the createFromJson related code. You may submit issue in their repo for help.

[JustforfunA]

@jerem30 hi, I had a problem with my polkawallet password. Did you find to solve your issue? Can you help me?