Mode 11300 - Printable Version

Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

Mode 11300 - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Developer (https://hashcat.net/forum/forum-39.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-40.html)
+--- Thread: Mode 11300 (/thread-9521.html)

Mode 11300 - MalumaDev - 09-21-2020

Hi,
I'm trying to understand how the hashcat's brute-force attack works for bitcoin wallets (11300). Until now, I have understood how decrypt the secret key:

Code:
data = pasw+salt

for i in range(rounds):

    data = sha512(data)

key = data[0:32]

iv = data[32:32+16]

dec = AES(key, CBC_MODE, iv).decrypt(cry_master)

But, how can I know that the decrypted key is the correct one?

RE: Mode 11300 - philsmd - 09-24-2020

the padding is known, we exploit this (padding attack, last few bytes 16 or 8 depending on the wallet type):

https://github.com/hashcat/hashcat/blob/3dd89bc63c2614b57db58bd7b05d2d61dcc5ab75/OpenCL/m11300-pure.cl#L340-L352

or course you need to decrypt the full last blocks with the correct padding (not removing/replacing the padding, "none") to get the full decrypted block and see what the padding bytes are