Recovering Blockchain.com Wallets
Previously known as blockchain.info
Note: The YouTube video and examples were made before OpenCL acceleration was added to Blockchain.com wallets and can give at least a 10x performance improvement. (See GPU Accleration for more info)
Once you have that file, there are two ways that blockchain.com wallets can be recovered.
1) Using the wallet file directly
Running BTCRecover with a wallet.aes.json file downloaded from blockchain.com. This is the "normal" way of running BTCRecover where the person/PC running BTCRecover will have enough information to immediately use the recovered wallet file. (You will therefore want to take precautions around the environment you run BTCRecover in)
2) Using a wallet file "extract"
Extracting a small amount of data from the wallet file and running BTCRecover with that... What this means is that you can either give this portion of data to someone else to recover for you, or run it on some cloud based machine, without having to worry about it leaking info that would allow someone to steal your crypto. (You therefore don't need to worry as much about the security of the environmen in which you run BTCRecover)
Using a wallet extract requires a few extra steps... See here for more info about Extract Scripts...
Example 1 - Using a TokenList to recover wallet Main Password from a wallet file
Download the wallet file...
After doing the process above, we will save the wallet data in a file called wallet.aes.json (Which can just be left in your BTCRecover folder be used instead of the wallet file in any of the examples below)
Create the TokenList File
Example Tokenlist - tokenListTest.txt
1 2 3 4 5 6 7 8
This file contains some basic tokens that make up the password. (Useful if you re-use sentences, words or phrases in passwords) It has one anchored token (eg: We know which token we started with) as well as some examples of OR type tokens where it will only select one per row. (In this case, let's say you used one of these characters - _ ! = @ in between words and also tended to add the year in there somewhere)
Run BTCRecover on the Wallet File
python btcrecover.py --wallet btcrecover/test/test-wallets/blockchain-v3.0-MAY2020-wallet.aes.json --typos-capslock --tokenlist ./docs/Usage_Examples/2020-05-08_Recovering_Blockchain_Wallet_Passwords/tokenListTest.txt
If you had downloaded the wallet file as above, you would have a file wallet.aes.json in your BTCRecover folder. (You can copy it from this example folder if you like) You would then just use the command:
python btcrecover.py --wallet wallet.aes.json --typos-capslock --tokenlist ./docs/Usage_Examples/2020-05-08_Recovering_Blockchain_Wallet_Passwords/tokenListTest.txt
Example 2 - Using a PasswordList+CommonTypos to recover a wallet Second Password from a wallet file
Download the Wallet File the same as in the previous example...
Using the password that we found from the previous step... btcr-test-password
Create the PasswordList File
Example Passwordlist: passwordListTest_1.txt
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
Run BTCRecover on the Wallet File
python btcrecover.py --wallet btcrecover/test/test-wallets/blockchain-v2.0-wallet.aes.json --blockchain-secondpass --typos-case --typos-delete --typos 4 --passwordlist docs/Usage_Examples/2020-05-08_Recovering_Blockchain_Wallet_Passwords/passwordListTest_1.txt
Example 3 - Same as example 2 but using a wallet extract
Extract Sample Data from a Wallet File to solve a second password
python ./extract-scripts/extract-blockchain-second-hash.py ./btcrecover/test/test-wallets/blockchain-v2.0-wallet.aes.json
We will then be prompted for the main wallet password which we know is btcr-test-password
This script will then return the data:
Blockchain second password hash, salt, and iter_count in base64:
Run BTCRecover with the Extracted Script
python btcrecover.py --data-extract --typos-case --typos-delete --typos 4 --passwordlist docs/Usage_Examples/2020-05-08_Recovering_Blockchain_Wallet_Passwords/passwordListTest_1.txt
You will be prompted to enter the data extract, so paste
YnM6LeP7peG853HnQlaGswlwpwtqXKwa/1rLyeGzvKNl9HpyjnaeTCZDAaC4LbJcVkxaECcAACwXY6w= from the previous step.