Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 10 Oct 2020 20:48:31 +0200
From: Albert Veli <>
Subject: Re: how bitcoin2john works

On Sat, Oct 10, 2020 at 6:47 PM Jack Anderson <> wrote:

> I want to understand and more information on how to execute it, I want to know how the output hash is reached by file analysis and calculation.

Well first run bitcoin2john and redirect the output to a new file.
Then start john, give the hash file as argument and specify the attack
mode. You might want to start with a wordlist attack using for
instance the rockyou.txt wordlist. That is a good starting point.

I don't know how the hash is extracted from wallet.dat, but I guess
that wallet.dat is password protected and it is this password that can
be cracked with john. In general most hash formats work like this with

1. A candidate password is calculated by john
2. The candidate is run through the relevant format algorithm and a
hash is calculated
3. Compare the calculated hash with the relevant hash(es) in the hash file

Then loop back to 1 and calculate another password candidate. Your
attack specifies how the candidates are calculated. There are many
different ways to calculate candidate passwords, "attacks". See the
doc folder for more information. The wordlist attack is the most
basic, it just tries each word in the list.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.