GO BACK TO THE FIRST POST

Chapter 5. Recovering the passphrase.

This is going to be two long chapters. So grab your beverage of choice, get cozy and keep on hacking.

Practice makes perfect

Instead of making the boring tutorial on how to recover your funds I’m going to give you the opportunity to recover the Dogecoin wallet specially created for this purpose. It’s going to have some funds (at least at the time of publishing). I want you to play fair and take 10 DOGEs max per person. But hey… it’s not that I care, but please, if you decide to take funds, at least leave some in the wallet so the next person going through this tutorial can have the chance too.

All of the necessary details regarding the Doge contest will be in the BONUS CONTENT section of this tutorial.

Are we clear? OK! Let’s start with the empty wallet first.

Download the wallet file here and put it into the BTCRecover folder. This file is the MultiDoge file containing private keys.

First we need to write a script for the tool to work with.

I am certain that the passphrase contains this set of words:

But I don’t remember whether it should contain any spaces or dashes or underscores between the words. But I tried on handpicking and it did not work. So it must contain some extra symbol either on the end or in the beginning of the phrase. Or both. I also don’t remember whether I capitalised the words or not.

Picking all the variants by hand would take a significant amount of time. That’s why we are going to let the BTCRecover tool do the hard work for us.

First of all we need to read the documentation of the tool in order to make the so-called Token file: conwaytransport.com.au

I’d suggest you to read it thoroughly and understand how it all works.

Well… Let’s create file and put it into the BTCRecover folder along with the wallet file.

Our first attempt would be to try and put every single word in there to try all the possible combinations (simple brute forcing without «wildcards»)

So our should contain the following:

Now to test this token we need to into our BTCRecover directory using the command line and run the following command:

It does NOT start the recovery process but rather just lists the possible variations of the given token.

It’s always a good idea to test the script before the actual recovery to see whether it includes all of the given words.

To start the actual recovery you need to use the following command:

Once again, is our «attack script» and is our passphrase-protected wallet file. You can change these to suit your needs.

From this token you would get different combinations. Here are a small number of combos that BTCRecover will try:

So you get the point.

Now let’s try something different. Since we don’t know whether the letters are capitalised or not, let’s try to modify our original token:

Here we are trying all of the different capitalisation options.

NB: Note how the possible variations of a single word are on the same line. It is VERY IMPORTANT to put the variations of a single word into one continuous line of text due to the nature of the tool’s scripting language.

It results in a whopping number of combinations: . That’s the quite some work for a computer to analyse (It could take at least 1 hour to complete)

But we know that it should be the phrase, right? Ok… Let’s try something different:

Here we are putting the numbers between the two symbols to show the tool that goes first, second, third, etc. This significantly reduces the number of combinations: .

NB: Use the so-called «anchors» ONLY if you know the order of words in your passphrase. In the example above we assumed that the passphrase is the actual phrase with some variations. When you would recover a wallet, you may not know the order.

Below is the snippet of different combos:

Notice how it’s picking the words exactly as we put them in queue. As you can see there are no spaces between the words. We did not tell the program to type them yet. Let’s do this now.

In order to put a space between the words we are going to use a «wildcard» in order to indicate the space.

> NB: There are many other wildcards supported by the BTCRecover tool. All of them are described in the tutorial section on GitHub page.

Notice how our token became bloated. Therefore there are combinations to go through. Unfortunately, there is just no way to make this shorter (like in the previous section).

But we have not cracked the passphrase yet. It can be dashes instead of spaces or underscores. Let’s add those to the mix.

At this point it’s very difficult to keep track of the stuff that goes into the passphrase. That’s why I like to add some comments by doing at the beginning of the line.

Whew… That was a very tedious to write. But hey… We are slowly approaching the complexity of the real wallet recovery job. Yay!

Let’s calculate how many guesses would it take to process this beast!… ! That’s a lot of guesses, isn’t it? It’s gonna take at least 4 hours of guesswork from the regular PC. But thanks god, we don’t have to do this all by hand!

Ok. What was our initial request again?

But I don’t remember whether it should contain any spaces or dashes or underscores between the words. But I tried on handpicking and it did not work. So it must contain some extra symbol ether in the end or in the beginning of the phrase. I also don’t remember whether I capitalised the words or not.

Aha! The words and may contain any symbol in the beginning (for ) or the end (`forum’).

But we can’t just type all of the symbols of the ASCII table. Plus there are «special» characters, like tab, line feed, and carriage return. Yes! The characters are everywhere! There are just too many of them! I’ll never be able to comprehend them all! I AM SCREWED! PANIC MODE!!!

What did I tell you about panicking? Keep calm and keep on coding!

Don’t fret! There is a wildcard for everything, literally. If you read the documentation of the BTCRecover tool, this must look familiar:

So… Based on our original request, we can assume that we need . But if that fails, we can always run

Let’s adjust our to include this stuff:

Notice how I changed the dashes and underscores with wildcard in word. Because it’ll include both of them in the queue. I also added to try and guess that last symbol. But when we try to run the BTCRecovery with this it gives us the error, telling us that (which is by default set to hours of guesswork). There are ways to overcome this (like running the tool with command to give it basically infinite amount of time [more than YEARS]), but it’s just not the most efficient way, because on a regular PC this queue would take more than 28 days and will likely result in memory overflow (in my case it was memory overflow which prevented me from giving you the exact amount of variants, which was in the realm of 1 BILLION before my home PC gave up and became unresponsive). So… We need to change our `conwaytransport.com.au’ file.

Since we are sure of the order of words and the appearance of those words in the passphrase we can use sign in front of the line to indicate that this word SHOULD be included (along with its variations)

Plus we are sure we’ve used some characters between the words (either , or , or and NOT).

Our new should look like this:

This is our final token file for this job, which should include ALL of our requirements:

1. with all the variants of the capitalisation with the possibility of any ASCII symbol in the beginning.
2. , , , , with all the variants of the capitalisation plus ether dash or underscore or space between them.
3. The possibility of any ASCII symbol in the end of the passphrase

So, like I said, when recovering your wallet before doing anything make a list of all the necessary requirements for the passphrase. What it may and may not contain. Make a list of the possible variants of the words and symbols, etc.

Putting this all into our should give you *67 variants . So the will be reached anyway. Take it to the extreme, and add into the command. By the way, ETA of this particular job on a regular PC should be about days. Which seems like a very long time, considering the whopping amount of variants the tool is required to go through. But, trust me, this job is not as complex as it can be.

NB: Remember that with every additional variant, symbol or word the difficulty of the wallet is raised to the power of all the variants combined. So the less variants we put in our token file the better. And faster.

Given the fact we can’t run the PC for two weeks straight (as it uses all of the CPU threads by default, significantly crippling the performance. Plus there is always a chance of the power outage and overheating) we are going to use the BTCRecover’s autosave feature.

Just add the into the command.

The final command should look like that:

If the power outage has occurred or you accidentally closed your CLI instance, you can run the following command to resume the recovery job:

If you need to do some performance-heavy task you can interrupt the BTCRecover tool by doing to interrupt the recovery process

You can read more on the autosave and interrupt features in the tutorial section on the tool’s GitHub page.

After a long while you should finally get the wallet unlocked with the following passphrase:

Congratulations!

YOU NOW KNOW HOW TO RECOVER YOUR PASSPHRASE! YAY!

TL;DR for Chapter 5:

1. 1. Read and understand the documentation
2. 1. Try to make the token file and run the tool.
3. 1. Problems? Go and ACTUALLY READ the chapter.