Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20171217143420.GA20976@lonestar>
Date: Sun, 17 Dec 2017 20:04:20 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Cc: uber90ayear@...il.com
Subject: Re: Password from salted Hash, Make a $500 before
 christmas

On Fri, Dec 15, 2017 at 04:35:49PM -0800, Thomas Meyers wrote:
> I need to get a password out of a salted hash. I think I know the
> first 7 letters and I think it is only 10 letters long.
>
> I bought some B2BX tokens during an ICO. When I bought them I was
> prompted to enter a password, which I did. I was then given a JSON
> file, which I have. Now the ICO is complete and the tokens have been
> added to a (www.myetherwallet.com). If you follow that link, at the top
> of the page you will see "Send Ether & Tokens", press that. Those are
> the options to open the wallet. The only option I can use is
> "Keystore / JSON File". The problem is I don't have that password.

Hi,

Just to recap, once I visit https://www.myetherwallet.com/#send-transaction,
I see an option "Keystore / JSON File" for the "How would you like to
access your wallet?" question.

Clicking on this option allows me to upload my MyEtherWallet format
wallet, and I am prompted for a password with a "Your wallet is
encrypted. Good! Please enter the password." message.

My test wallet's name is "UTC--2017-12-3229e9dd6205edb1638fec28843d",
and its contents are,

---

{
    "version": 3,
    "id": "XXXaa9-7afc-41aa-be8f-0a803fdca0e9",
    "address": "XXX3043a7d3229...",
    "Crypto": {
        "ciphertext": "XXX5ba65dec4d32...",
        "cipherparams": {
            "iv": "7XXX21a3246f59bb722ab5acd54"
        },
        "cipher": "aes-128-ctr",
        "kdf": "scrypt",
        "kdfparams": {
            "dklen": 32,
            "salt": "XXXab9e48297c413e10..",
            "n": 1024,
            "r": 8,
            "p": 1
        },
        "mac": "XXX102ae63"
    }
}

---

Does your JSON wallet file have similar contents in it? Are you able to
make sure that your JSON file is a MyEtherWallet format wallet file?

If yes, you can use ethereum2john.py to extract a "hash" out of this
JSON wallet file. Then you can john for cracking the extracted hash.

$ ../run/john --test --format=ethereum  # i7-6600U
Will run 4 OpenMP threads
Benchmarking: ethereum, Ethereum Wallet [PBKDF2-SHA256/scrypt... AVX2]
Speed for cost 1 (iteration count) of 1024
Raw:	1587 c/s real, 432 c/s virtual


If not, how does your JSON wallet file look like? Posting the structure
of the JSON wallet file without including any of its contents is safe.

> Is it possible to give a hacker just the salted hash out of the JSON
> and let them try to extract it?

Please do *not* share your extracted hash with anyone you don't trust.

-- 
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.