Jump to content

sajkox

Member
  • Content Count

    17
  • Joined

  • Last visited

  1. There was a lot of good discussion here recently but imo it got a little bit difficult to find useful information. Especially for non-technical people it might be quite confusing. Kudos to @amulecregg for pointing out the comment about old passkey which helped eiprol get his master_seed out and also for new build allowing to use a flag to control that. Sadly I no longer see your repo/build available so for the rest of these instructions I will just use DChapes repo only. Kudos to @eiprol for providing wallet contents for test - I will use that quite a bit in my instructions below. While you also created new repo with built-in option for bruteforcing - I will stay away from it to avoid potential of future changes becoming potentially insecure - althouhg for anyone stuck in big bruteforcing please refer to @eiprol's repository as it is probably much faster ! So my idea now is to provide instructions that will be easy to follow for anyone regardless of OS and skill level that is safe and easy to follow. I tested that on both Windows and Mac with success and I would love to hear from you about whether it looks ok. Top level summary of what's below: - create linux VM on your PC using trusted sources (automated) - create environment for GO and wallter-recover executable (automated) - create bruteforcing script that only requires you to put your username/password wordlists (obviously manual) - prevent any scripts run in VM to access internet (by removing network from VM) - test recovery works using test wallet First let's install virtualbox (https://www.virtualbox.org/wiki/Downloads) and vagrant (https://www.vagrantup.com/downloads.html) Why ? because these are used by millions of people and are considered safe. You can do it on any OS and will be the only thing to uninstall after you are done. Virtualbox wil lallow us to create Ubuntu VM on your PC and Vagrant will help to automate majority of set up. Since we will run everything in virtual machine you will be able to unplug virtual network cable and there is no risk then that your secrets will be stolen as VM will have no internet connectivity. I won't go into steps of how to install them - refer to instructions on software vendor website. You should restart your pc after installation Now that we have both installed let's create Ubuntu Virtual Machine. To do that with minimal hassle create a new folder (i.e. ripple_recover) and Inside it create another one called ‘stuff’. Then in ripple_recover create new file “Vagrantfile” (no extension !) with following contents: Explanation: ubuntu/trusty is an official Ubuntu prebuild VM picked up from this list of public machines: https://app.vagrantup.com/boxes/search Provisionning script will install docker as per instructions from https://docs.docker.com/install/linux/docker-ce/ubuntu/#install-using-the-repository I could have installed go etc but I prefer using docker- much simpler imo. It will also make it so that ‘stuff’ folder from your PC is mirrored in /stuff folder in VM - this allows for easier file modification of wallet or bruteforcing usernames/passwords. Then scipt adds vagrant user to docker group so we can run docker commands later once we log in into VM Creates Dockerfile that will have wallet-recover from DChapes It will also replace passkey to use old method and build that as wallet-recoer-old executable Furthermore vagrant will create (in stuff folder) bruteforcing script, test wallet file and username/password wordlists with test entries for bruteforcing Vagrant will also also prepare 3 aliases: wallet-recover - will trigger docker command to execute wallet-recover from within docker wallet-recover-old - will trigger docker command to execute wallet-revoer-old from within docker bruteforce - will trigger bruteforcing through docker I would like to ask community to review this script and confirm what I'm saying is true (@amulecregg, @eiprol ?) Once we have the file created lets try creating the VM: Open command line in this new folder (riplle_recover ?) and execute ‘vagrant up --provider=virtualbox’ What you should see is that: And it might take good few minutes to finish. Once it's done our VM should be running. To get to it, open up virtualbox where you will see your box running: When you dobule click on that you will notice sht like that: you can type in vagrant for login and vagrant for password to get into the box When you get message about the mouse just read it and click ‘capture’, (Note: to get back to your host and have mouse normally moving press right-ctrl (by default)) Lets switch to stuff folder by typing cd /stuff And check whether we have internet connection with: curl https://google.com We do - so lets disable it in virtualbox menu: click Devices -> Network -> Connect Network Adapter This should unplug your cable from VM Try curl again. It should get stuck for a while and then return error. From now on no program or script run within VM can go out to internet so even if it's something dodgy it won't be able to steal your secrets. Now lets test that everything is ok by trying to recover test wallet: wallet-recover --json -name eiprol -pass TestPass01 -wallet test-wallet-old.txt wallet-recover-old -name eiprol -pass TestPass01 -wallet test-wallet-old.txt bruteforce test-wallet-old.txt First one should fail and next two should be successful. Result of wallet-recover: Result of bruteforce: Now that we know things work and your data is safe we can start to work on own wallet. Copy your ripple-wallet.txt to ripple_recover/stuff folder on your PC (your ! not VM) This actually makes it available on VM in /stuff directory (VM directory) try running wallet-recover --json -name YOUR_USER -pass YOUR_PASS and wallet-recover-old --json -name YOUR_USER -pass YOUR_PASS If either is successful - GRATS ! If not, open up on your PC two files in ripple_recover/stuff directory: brute-passwords.txt and brute-usernames.txt remove all the contents (these were used for test only) And put any user you can think of -(in user file) same with passwords (in password file) space delimited. Run (in VM) ‘bruteforce’ and hope for the best. If it fails you will need to basically think of new usernames/passwords to put in for bruteforcing. Might be worth reading on crunch https://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-passwords-part-4-creating-custom-wordlist-with-crunch-0156817/ Hope it makes sense - I was really rushing and it still took me a good while. Even if you don;t plan to use it lets hope it might work as a reference for any questions being asked. EDIT: if you copy text to Vagrantfile and it complain with undefined method - look at the line it points to and edit manually any quotes or spaces as copy-pasting could have changed characters to unicode - sorry. Not My fault EDIT 2: bruter script must be updated to encapsulate username/password and possible even encode for save bash use - will try to update it sometime soon I might create repo just for this part of the work and organize the scripts a little bit better - if only I find time
  2. the path was wrong for sure - missing cmd there. I just tried it and am 100% sure
  3. see my edit: I copied it from some1 elses comment not mine original one (see page eight of this topic with image)
  4. what does this output ? $GOPATH/bin/wallet-recover I think it's already there EDIT: my bad it was supposed to be go get bitbucket.org/dchapes/ripple/cmd/wallet-recover
  5. should be: unset GOROOT I think EDIT: in my environment I had no GOROOT set GOPATH is more important you got problems because both point to same directory. If you unset GOROOT as above you should be fine to do go get bitbucket.org/dchapes/ripple/wallet-recover with no errors
  6. to get linux install virtualbox on windows and just download some prebuilt VM in .ova file from some trusted source (google for ubuntu I guess/https://www.osboxes.org/ubuntu/) as I mentioned before docker might be an option.as it's even simpler (imo, but I do have some dev experience) Its right thing to be afraid though - it's internet, it's your money, use limited trust !
  7. wow @eiprol thats fantastic - I was missing a wallet to play with and it's great @amulecregg is willing to improve that tool - I was thinking of it but simply have no time recently ... cheers guys
  8. I myself use gatehub occasionally as you can delete your wallet after use. S you can create new wallet by inserting secret key - move xrp to ledger nano and delete it afterwards (although it won't matter as apart from 20 locked xrps there will be nothing left to steal) - but I do understand your concerns. I usually use minimalist ripple client because its client side only - meaning everything happens in your browser and only encrypted data leaves your pc to act on on the ripple ledger but it might be confusing as to how to use it (and you can actually screw up your account (i..e if you rekey by accident or sth) also some people say you shouldn;t use that as it didn't update ripple libs for a ling time - but I can confirm it worked for me last time I used it ~5 months ago As to where it is: https://jatchili.github.io/minimalist-ripple-client/ - hosted https://github.com/jatchili/minimalist-ripple-client - github
  9. yeah sorry - I made update to my post as you typed - minimalist client might be confusing and its unlikely you have seen your secret but rather newly generated one However I like @eiprol's bruting script - give it a go (on linux!) and also we have confirmation that @amulecregg's suggestion to swap 'passkey=' line was a good one.
  10. Thats fantastic news eiprol ! grats As to OP I'm finding more gems in history: "the minimalist wallet showed it : my account, the balance, and the secret key" WTF ! bowler99 it sounds like you had your secret key for over a year now and didn't realise it ? EDIT: I myself don't use anything else still but just minimalist client - you can send xrp directly from there ... I honestly think now that you had access to your xrp all the time 😮 EDIT 2: and now I don't - its easy to get confused with minimalist ripple client. I assume you created new account and seen secret key for that and used address to see your account balance ... sorry for my comments then ...
  11. I don't think an email would be a username but it dsn't hurt to try. (edit - ok not according to limitations shared by amulecreg above_ Bear in mind that I might be wrong about importance of bithump showing the username but I thought that was the case for accounts create by original ripple trade. Might be worth to ask OP from reddit if they can see their username displayed there for confirmation? But I don;t think that will be your username for decryption purposed tbh...
  12. You sure its in username ? I looked up your account in https://bithomp.com/explorer/ and actually it doesn't show any username agaisnt it which is weird 😮
  13. use https://bithomp.com/explorer/ - I don't see user eiprol there neither can I find any remotely close using google on this website. Could wrong username be your problem ? What if you put your ripple address there - does it not show username ? (should be there with tilde ~, but remember that its not part of your username for decrypt purposes) Take a look at crunch https://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-passwords-part-4-creating-custom-wordlist-with-crunch-0156817/ You want to generate full wordlist with anything remotely close to what you remember. If it has 5 million passwords in it its fine - the limit I guess is how long its going to take to try them all. If you run it with large wordlist you might want to adjust your script slightly i.e.
  14. I think what you might also add as param is --json to display decrypted data ? or maybe its jut to display it in different format, not sure but the wording "dump the encrypted wallet JSON data" seems to suggest you need that Crappy thing is I never had a wallet file to test it with so tbh don't even know what output specifically to expect. Amulecregg seems to know there should be masterseed (dunno if its other name for secret key or sth else tbh) so once you see that you can be sure that you got your stuff back.
×