Can I Brute Force the password in Decryptor?

I’m that idiot people talk about. I cannot find my seed, nor can I remember my password. But I DO have the {“data”:} section for use in Decryptor.

So, is there a Brute force program that will try all passwords fitting the MetaMask guidelines in Decryptor?

If someone can help me, I will, of course, promise to turn my life around. I will go to church, diet, exercise, refrain from fraternizing with unclean women, call my Mother more often, and stop listening to rap music.

It’s quite difficult :roll_eyes: You can search for millions of years :smile: (according to the length of the password and special characters…) and it is best to know at least approximately the password (numbers, any words you used in the past as a password…)

1 Like

I know they have password crackers. Some use a database of common passwords (I think I have seen it called a dictionary). But some are Brute Force. So there must be enough computing power to make it work.

I would have it start with the minimum requirements for MetaMask which I think is 8 characters minimum with no other requirements. Many Brute Force programs will have a problem with lockouts/timers, but that should not be a problem here. And I have time.

If I can find a program that shows promise, I will create a virtual machine and put it offline to run the test (for security).

I really would have thought there would be a market for this type of thing. If I could code at all I would write something, but alas, I have squandered much of my life. I think the quote is “I spent half my life drinking and chasing women. And the other half I totally wasted.”

I don’t want to give a guide for this :grin: and share these programs here… see the Crypto Guide youtube channel :slightly_smiling_face: you can find one tool there. You would need a password list.

ezgif-5-37ea844591

2 Likes

edit: this is not totally accurate. had forgotten the first 32 char in the ASCII set are not useable in passwords. Thus would give 94^8, not 128^8. More detail on the math in the post below

To give a sense of the numbers: with the base 128 ASCII characters and the 8 char min for passwords, youve got ~7.206×10¹⁶ possible passwords. (*)

at 1m passwords checked per second, you’re looking at almost 2285 years worth of number crunching to run through the list. You’d likely find it before that (as you dont need the whole list, just the right one, but still…)

4 Likes

I’m guessing then that all Brute Force programs out there are just for trying “short” passwords…maybe 5 or 6 characters max?

With the formula you mention, is that just for all possible combinations of 8 character passwords? That number seems too high for that. But if it is also for more than 8, how many? I seriously doubt my password is much over 10 characters.

Would a kindly math expert tell me how many possibilities this would create?

Number of passwords where the total length will be 8, 9, or 10, and the password will contain upper and lower case letters, and at most 1 specific special character used at most one time within the password.

It’s pretty easy to calculate. x^y
X= numbers of possible characters (like: abc, 123, !@#, etc) to the power of Y; the number of positions in your password.
The way we were taught was to start simple.
A coin has 2 sides, x=2, so 1 flip = 2^1 = 2 choices, Heads or Tails.
2 flips = 2^2 = 4 choices (if position matters, like in a password):
both heads , both tails, heads/tails, & tails/heads. And so on, adding more flips.

Assuming only English (eg: no accented/non-english letters) and only common symbols, that reduces the “possible characters” set to 94 (52 upper and lower case letters, 10 numbers, 32 symbols)
94^8 = ~6.1x10^15
94 ^9 = ~5.72x10^16
94^10 = ~5.38x10^19

If it could be 8, 9 or 10 char, then we add the above for: 54,434,506,211,718,586,880. Which is a lot of passwords to try. (that’s ~1700 years @ 1billion per second; 1000x faster than the original calc in prev post) You might get lucky and its #5, or it could be the 5th one from the last.

That’s one reason we use strong passwords to lock the vault and app, instead of 6 digit pins.
It’s a headache in a scenario like this, but also assures a scammer would have a rough time breaking in, even if they managed to steal your vault file somehow.

“Dictionary attacks” reduce the number of possible choices by testing against more likely combos (If you know your password wasnt “AAAAAAAA” or “abcd12345” or another random string, you dont have to check those.) Could use an existing list, or just qualifiers like “i know the password contained this word, numbers, etc” (eg: bruteforce only combos that contain the known parts of the password)

The more you know about your password, the more likely you can successfully crack it. (by way of reducing the possiblilities) Unfortunately, I’m not familiar enough with the process to be able to give advice on how to actually solve it.

Getting help from a white-hat hacker is an option that some people have used in this situation, but word of warning, you will basically be giving them access to your wallet (if they are successful), and have to trust that they will give it back. We don’t have recommendations for white-hats to contact for that service.

3 Likes

Unless you have quantum supercomputer that is built specifically for this kind of task (Is this somewhat P vs NP problem, anyone know this?)

P vs NP is the about acceptance in deterministic and non-deterministic polynomials, right?
My math proofs are pretty weak, so im kinda slow at parsing them. (Chem major, so I’m far better at labratory/applied maths) but I’m pretty sure that it’s a P vs NP problem.

3 Likes

I can definitely bring the total number down, if the program is sophisticated enough. I can remove all numbers, and a few letters. And knowing it has at most one specific special character - and if it is in there, it is only in there once (aa&bb&cc will not be in there). And I could get up to 10 CPUs working on it at once (for an extended period of time). I could even give hints as to certain combos of words/wordlets that could be in there.

I guess the real question is: Where can I get the program to do this?

I searched the Crypto YouTube channel and couldn’t find anything as mentioned above. I could write the code myself, but that will take 316^10 years for me to learn how to code.

I meant BTCRecover :point_down: simple program :smile: but if you knew the right words…

1 Like

Thank you Luigi!

I may have overlooked it because it had BTC in the title. This is still some high level stuff for a guy like me, but I might be able to figure out all the parameters and get something working in a week or so.

2 Likes