crash.software
Projects
Pull Requests
Issues
Builds
btcrecover
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY btcrecover Commits b26f20f6
🤬
  • ■ ■ ■ ■ ■
    btcrecover/btcrpass.py
    skipped 1057 lines
    1058 1058   @classmethod
    1059 1059   def load_from_data_extract(cls, privkey_data):
    1060 1060   assert len(privkey_data) == 24
     1061 + print(prog + ": WARNING: read the Usage for MultiBit Classic section of Extract_Scripts.md before proceeding", file=sys.stderr)
    1061 1062   self = cls(loading=True)
    1062 1063   self._encrypted_block = privkey_data[8:] # a single 16-byte AES block
    1063 1064   self._salt = privkey_data[:8]
    skipped 4558 lines
  • ■ ■ ■ ■ ■ ■
    docs/Extract_Scripts.md
    skipped 275 lines
    276 276   
    277 277  ### Usage for MultiBit Classic ###
    278 278   
     279 +***Warning:*** Using the `extract-multibit-privkey.py` script on a MultiBit Classic key file, as described below, can lead to *false positives*. A *false positive* occurs when *btcrecover* reports that it has found the password, but is mistaken—the password which it displays may not be correct. If you plan to test a large number of passwords (on the order of 10 billion (10,000,000,000) or more), it's **strongly recommended** that you use *btcrecover* directly with a key file instead of using `extract-multibit-privkey.py`.
     280 + 
    279 281  *btcrecover* doesn’t operate directly on MultiBit wallet files, instead it operates on MultiBit private key backup files. When you first add a password to your MultiBit wallet, and after that each time you add a new receiving address or change your wallet password, MultiBit creates an encrypted private key backup file in a `key-backup` directory that's near the wallet file. These private key backup files are much faster to try passwords against (by a factor of over 1,000), which is why *btcrecover* uses them. For the default wallet that is created when MultiBit is first installed, this directory is located here:
    280 282   
    281 283   %appdata%\MultiBit\multibit-data\key-backup
    skipped 22 lines
    304 306   Password found: xxxx
    305 307   
    306 308  #### MultiBit Classic Technical Details ####
     309 + 
     310 +**Warning:** MultiBit Classic data-extracts have a false positive rate of approximately 1 in 3×10<sup>11</sup>. See the warning above for more information.
    307 311   
    308 312  The *extract-multibit-privkey.py* script is intentionally short and should be easy to read for any Python programmer. This script extracts 8 bytes of password salt plus the first 16 encrypted base58-encoded characters (out of 52) from the first private key from a MultiBit private key backup file. Because less than 34% of a single private key is extracted, the private key itself cannot be feasibly reconstructed even after these first 16 bytes are decrypted (assuming the password search succeeds). Because these 16 characters, once decrypted, are base58 encoded, *btcrecover* can use them alone to check passwords. It tries decrypting the bytes with each password, and once the result is a valid 16-character long base58-encoded private key prefix, it has found the correct password.
    309 313   
    skipped 37 lines
  • ■ ■ ■ ■ ■ ■
    extract-scripts/extract-multibit-privkey.py
    skipped 54 lines
    55 55   print(prog+": error: file is not a MultiBit private key file (too short)", file=sys.stderr)
    56 56   sys.exit(1)
    57 57   
     58 +print("\nWARNING: please read the important warning in the Usage for MultiBit\n"
     59 + " Classic section of Extract_Scripts.md before proceeding.\n")
     60 + 
    58 61  print("MultiBit partial first encrypted private key, salt, and crc in base64:", file=sys.stderr)
    59 62   
    60 63  # salt_privkey[8:32] now consists of:
    skipped 8 lines
Please wait...
Page is in error, reload to recover