public
Created

  • Download Gist
gistfile1.py
Python
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86
import base58
import scrypt
import pycoin
from Crypto.Cipher import AES
from hashlib import sha256
import hashlib
import os, sys
 
from pycoin.ecdsa import generator_secp256k1, public_pair_for_secret_exponent
 
N = int('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', 16)
 
d = base58.b58decode('6PfYU8C5sLGsjDNWsCHRYD6G5noFmc184Q4owtnfvXrUdpsfNkeTq2HDV8')
address = '1KmMbhS2hSmLFDNXTYH3okE4k84gwZaiwV'
 
assert(sha256(sha256(d[0:-4]).digest()).digest()[0:4] == d[-4:])
 
raw_address = base58.b58decode(address)[1:21]
 
for i in range(ord(' '), ord('~') + 1):
for j in range(ord(' '), ord('~') + 1):
for k in range(ord(' '), ord('~') + 1):
try:
print(("%c%c%c" % (i,j,k)).encode("string-escape"))
 
ownersalt = d[7:15]
encryptedpart1 = d[15:23]
encryptedpart2 = d[23:39]
addresshash = d[3:7]
 
prefactor = scrypt.hash("%c%c%c" % (i,j,k), ownersalt, 16384, 8, 8, 32)
 
passfactor = int(prefactor.encode('hex'), 16)
 
passpoint = generator_secp256k1 * passfactor
 
compressed_passpoint = ("%02x%064x" % (2 + (passpoint.y() & 1), passpoint.x())).decode('hex')
 
seedbkey = scrypt.hash(compressed_passpoint, addresshash + ownersalt, 1024, 1, 1, 64)
 
derivedhalf1 = seedbkey[0:32]
derivedhalf2 = seedbkey[32:64]
 
c = AES.new(derivedhalf2, AES.MODE_ECB)
 
decryptedpart2 = c.decrypt(encryptedpart2)
 
dec = "".join(map(chr, [ord(x) ^ ord(y) for (x,y) in zip(decryptedpart2, derivedhalf1[16:32])]))
 
encryptedpart1 += dec[0:8]
seedb = dec[8:16]
 
decryptedpart1 = c.decrypt(encryptedpart1)
 
dec = "".join(map(chr, [ord(x) ^ ord(y) for (x,y) in zip(decryptedpart1, derivedhalf1)]))
 
seedb = dec + seedb
factorb = int(sha256(sha256(seedb).digest()).hexdigest(), 16)
 
private_key = (passfactor * factorb) % N
 
print("%X" % private_key)
 
(public_point_x, public_point_y) = public_pair_for_secret_exponent(generator_secp256k1, private_key)
 
public_key = ("%02X%064X%064X" % (0x04, public_point_x, public_point_y)).decode('hex')
 
m = hashlib.new('ripemd160')
 
m.update(sha256(public_key).digest())
 
ripe = m.digest()
 
# address_checksum = sha256(sha256(ripe).digest()).digest()[0:4]
 
# ripe += address_checksum
 
if ripe != raw_address:
continue
 
print("\aFOUND!")
 
sys.exit()
except Exception as e:
print(e)
continue

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.