Lost BTC access

I’d like to continue what I started asking about in the thread


and try to rescue my sister’s BTC that she acquired in 2013.

I have the address.
I have something that looks like a private key starting with “U2FsdGVkX1”
I also have a (possible?) password.
My sister thinks she might have used the following wallet on an android phone back then:

How should I go about trying to get to the coins?

If you have a good guess at a password then john the ripper is the tool you should grab. It saved us from a near-total loss at one time :wink:

6 Likes

I guess you mean this:

The password I have may even be correct. I think by problem is more basic. I don’t know what kind of key it is I have (salted or somehow encrypted) and where I should try sticking it to see if it works.

The wallet I linked to doesn’t take text based keys as input for sweeping. I generated a qr code and tried to feed that to the wallet, but it didn’t think it was valid. I do think the 239 characters long key is correct. I just don’t know what kind of key it is and where to try putting it.

2 Likes
3 Likes

So I tried entering the following in Linux but got “bad magic number”. What does that mean?

$ openssl enc -d -aes-256-cbc -in key.txt -out decrypted.txt
enter aes-256-cbc decryption password:
bad magic number

I’m afraid I don’t know how to use the openssl command.
Is there an argument that would let me pass the password in the same command?
Are there other encryption methods I could try substituting “aes-256-cbc” for?
What would a one-liner look where the file containing my key is named “key.txt”, the password is “password”, and the output file is decrypted.txt?

man openssl is your friend here.

Your error looks like it’s not ```
-aes-256-cbc

3 Likes

Maybe 128, 192, 512 and obc, cfb, xts, ctr, ecb https://stackoverflow.com/questions/1220751/how-to-choose-an-aes-encryption-mode-cbc-ecb-ctr-ocb-cfb

I’m just guessing but worth a try.

1 Like

They say something about adding -base64 to the command

3 Likes

Ah yes it is base64 encoded I think @Sascha that usually has some = as padding at the end of the key. It will be encoded base64 or similar though for sure.

2 Likes

I did reply in that other thread

It is almost certainly an encrypted master private key from “Bitcoin Wallet for Android” by Andreas Schildbach, which uses this encryption method and this file naming system. Have you used this app in the past? You will need to use that app to restore the file

So… “You will need to use that app”

Yes, I tested the argument -base64 and the app mentioned, but still no cigar. The app doesn’t take a string of characters as input for sweeping, so I generated a qr code using QtQr, but it’s not working. I’m afraid I’ll need some more hand-holding instructions.

I’m trying to use
key.txt as the key input file
pass.txt as the password input file

$ openssl enc -d -salt -base64 -pass pass.txt -in key.txt -out decrypted.txt

Can you see what’s wrong with the above?

$ openssl enc -d -salt -base64 -pass pass:“PASSWORD” -in key.txt -out decrypted.txt

Or the above, where I try to put the password in the command itself?

You haven’t included the encryption algorithm eg -aes-256-cbc

Please post complete lines of code. I thought -base64 was it. I’m really new to this.

above you suggested

openssl enc -d -aes-256-cbc -in key.txt -out decrypted.txt

compare with the readme that follows from the source… https://github.com/bitcoin-wallet/bitcoin-wallet

openssl enc -d -aes-256-cbc -md md5 -a -in bitcoin-wallet-backup-testnet-2014-11-01 > bitcoin-wallet-decrypted-backup

from https://github.com/bitcoin-wallet/bitcoin-wallet/blob/master/wallet/README.md

If you want to recover coins from manual backups and for whatever reason you cannot use the app itself to restore from the backup, see the separate README.recover.md guide.

see [ DECRYPTING ] https://github.com/bitcoin-wallet/bitcoin-wallet/blob/master/wallet/README.recover.md

good luck and if it works …
usual rate 10% :wink:

1 Like

So am I! I just tried encrypting a file with -aes-256-cbc and decrypting it without the -aes-256-cbc flag and decryption didn’t work.

This worked (you don’t need -salt to decrypt but it doesn’t seem to make any difference)

openssl enc -d -aes-256-cbc -pass pass:'qwerty' -in encr.txt -out decrypted.txt

The above gives me “bad magic number”.

Maybe add the -a flag for base64

openssl enc -d -aes-256-cbc -a -pass pass:‘qwerty’ -in encr.txt -out decrypted.txt

edit and add -md md5

I did something and got this:

*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
bad decrypt

Please post complete lines of code. I don’t know where to put those arguments.

openssl enc -d -aes-256-cbc -md md5 -a -pass pass:‘qwerty’ -in encr.txt -out decrypted.txt

Dunno. Maybe play around with some other encryption algorithms as posted above -aes-128-cbc etc or post on Stackoverflow

It’s not a huge sum, but I’m sure my sister would pay the person who actually resolves this.

(Let’s assume that you don’t know anything about hunting, skinning or tanning. You ask me for help about how to get from a live fox to a nice fur coat. It wouldn’t be helpful if I said: Get the fox. Take its skin. Prepare it, and sew coat.)