Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 10 Oct 2020 20:48:31 +0200
From: Albert Veli <albert.veli@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: how bitcoin2john works

On Sat, Oct 10, 2020 at 6:47 PM Jack Anderson <jakrson@...mail.com> wrote:

> I want to understand and more information on how to execute it, I want to know how the output hash is reached by file analysis and calculation.

Well first run bitcoin2john and redirect the output to a new file.
Then start john, give the hash file as argument and specify the attack
mode. You might want to start with a wordlist attack using for
instance the rockyou.txt wordlist. That is a good starting point.

I don't know how the hash is extracted from wallet.dat, but I guess
that wallet.dat is password protected and it is this password that can
be cracked with john. In general most hash formats work like this with
john:

1. A candidate password is calculated by john
2. The candidate is run through the relevant format algorithm and a
hash is calculated
3. Compare the calculated hash with the relevant hash(es) in the hash file

Then loop back to 1 and calculate another password candidate. Your
attack specifies how the candidates are calculated. There are many
different ways to calculate candidate passwords, "attacks". See the
doc folder for more information. The wordlist attack is the most
basic, it just tries each word in the list.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.