script stops

[easyname889]

Hi,

I am running python btcrecover.py --data-extract --passwordlist weakpass2.txt --utf8 --no-eta --no-dupchecks

on a iMac i7 and trying to get a password for a Multibit Classic wallet. I am using a 87gb wordlist file since it was years ago i made the wallet. The script says it crunches a massive rate: 160.45 kP/s, could this be right?

And after about 8-9h the script just stops, i have tried to change the sleep settings and such to no avail. Any ideas what could be wrong?

Best wishes

[gurnec]

The script says it crunches a massive rate: 160.45 kP/s, could this be right?

That looks right. MultiBit Classic .key files have no key stretching; checking passwords against them is very fast. John the Ripper is even faster against them.

And after about 8-9h the script just stops

Are you using a recent version? There was a bug prior to v0.14.2 that could cause this...

Can you be more specific as to what happens? Does it exit with any error messages? Does it freeze with no new updates to the progress bar?

If it does freeze, how much CPU is it using after it freezes (use the Activity Monitor which you can find in the Launchpad)? When it freezes, if you press Ctrl-C does it respond with any messages?

[easyname889]

I downloaded the new files again and then i crunched a 97gb password file on it without breaks.

i loaded a 200gb file and started it last night, when i woke up it had stopped again.

Wallet difficulty: 3 MD5 iterations Using 8 worker threads / 4856924685 elapsed: 9:39:16 rate: 139.74 kP/s

its just frozen, no errors. i felt on the back and the CPUs are cool, the activity monitor says 99% of the processor is idle so no activity whats so ever.

pushed Ctrl-C

^C4856924685 elapsed: 9:39:16 rate: 139.74 kP/s
Interrupted after finishing password # 4856936330

I just realized the integer was a bit higher when i quitted but since i realized the freeze and the quitting it was like 3-4minutes so it should have been going further if it was running in background.

I restarted the script and it uses around 42% of the processor load, i have 50% idle.

I am intresteg in how i could push it with the JTR to do it faster. i tried to google without avail on how to use JTR with multibit classic files/keys.

[easyname889]

New update,

This morning when been crunching the 200gb file i got

Wallet difficulty: 3 MD5 iterations Using 8 worker threads pthread_cond_wait: Resource busy rate: 131.83 kP/s

• 9019698319 elapsed: 19:36:15 rate: 127.80 kP/s

it is now frozen again

did a ctrl+c

Using 8 worker threads pthread_cond_wait: Resource busy rate: 131.83 kP/s
^C9019698319 elapsed: 19:36:15 rate: 127.80 kP/s
Interrupted after finishing password # 9019699701

It has been running since yesterday morning and when i went to bed it was still running without any message.

[gurnec]

Thanks for the additional details and testing. You could try with an upgraded version of Python (I recently changed the install docs to recommend this here). If you do, you'll also need to reinstall PyCrypto. However if I were you, I'd focus on getting JtR up and running instead.

This feels like a spurious race condition or deadlock in CPython (not in the script, but in Python itself), possibly one which only occurs on OS X, and if that's true it will be very difficult to track down and fix. I'm not sure I have the time to devote to that... so if you want to try this with an upgraded version of Python, please don't do it for my sake.

I'll follow up later with some pointers on getting JtR compiled and running on OS X (the latest binaries I could find for OS X don't support MultiBit).

[gurnec]

This should get John the Ripper up and running on OS X using Apple's Xcode tools. If you already have brew installed on your system, using it instead may be a better option (I haven't tried that)...

If you get any error messages below, you'll need to stop and figure out what went wrong before continuing. (Warning messages can be ignored.)

Install the Xcode command line developer tools:

xcode-select --install

Download and begin compiling JtR (the gpg modules don't compile correctly without brew, so they're removed below):

cd
curl -LO https://github.com/magnumripper/JohnTheRipper/archive/bleeding-jumbo.zip
unzip bleeding-jumbo.zip
cd JohnTheRipper-bleeding-jumbo/src
rm *gpg_*
./configure

You may get this error from the last step above:

configure: error: JtR requires OpenSSL headers being installed

If you do get that error, run these steps to download the OpenSSL header files and try again (if there was no error above, skip this step):

cd
OSSLVER=`openssl version | cut -d' ' -f2`
curl -LO https://www.openssl.org/source/old/0.9.x/openssl-$OSSLVER.tar.gz
tar xvfz openssl-$OSSLVER.tar.gz
cd openssl-$OSSLVER/
./config
cd ../JohnTheRipper-bleeding-jumbo/src
./configure CPPFLAGS=-I../../openssl-$OSSLVER/include

Change the 2 below to be the number of CPU cores your machine has, if you're unsure leave it at 2. Finish building JtR:

make -sj2

Run the MultiBit tests and then run JtR (your wallet and word list will have different filenames):

cd ../run/
./john --format=multibit --test
./multibit2john.py walletname-20140407200743.key > multibit.hashes
./john --wordlist=bigwordlist.txt multibit.hashes

Note that unlike btcrecover "data extracts", the multibit.hashes file (together with the correct password) might reveal a single unencrypted key.

[easyname889]

Thanks,

Two questions: if i extract the hash with the multibit2john script and give it to another person, would they be able to take control and transfer the BTC if they crack the hash?

Question 2, do you have a ETH other crypto address for donations? The transaction fee is above 10usd for btc transfers =(

Tried and it was a success in running the program, but not the cracking. Due to various reasons i need to use hashcat since they have the combinator attack.

Do you know how i set the multibit classic hash format in hashcat?