Skip to content

Instantly share code, notes, and snippets.

@xnyhps
Created November 11, 2013 11:21
Show Gist options
  • Save xnyhps/7411754 to your computer and use it in GitHub Desktop.
Save xnyhps/7411754 to your computer and use it in GitHub Desktop.
import base58
import scrypt
import pycoin
from Crypto.Cipher import AES
from hashlib import sha256
import hashlib
import os, sys
from pycoin.ecdsa import generator_secp256k1, public_pair_for_secret_exponent
N = int('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', 16)
d = base58.b58decode('6PfYU8C5sLGsjDNWsCHRYD6G5noFmc184Q4owtnfvXrUdpsfNkeTq2HDV8')
address = '1KmMbhS2hSmLFDNXTYH3okE4k84gwZaiwV'
assert(sha256(sha256(d[0:-4]).digest()).digest()[0:4] == d[-4:])
raw_address = base58.b58decode(address)[1:21]
for i in range(ord(' '), ord('~') + 1):
for j in range(ord(' '), ord('~') + 1):
for k in range(ord(' '), ord('~') + 1):
try:
print(("%c%c%c" % (i,j,k)).encode("string-escape"))
ownersalt = d[7:15]
encryptedpart1 = d[15:23]
encryptedpart2 = d[23:39]
addresshash = d[3:7]
prefactor = scrypt.hash("%c%c%c" % (i,j,k), ownersalt, 16384, 8, 8, 32)
passfactor = int(prefactor.encode('hex'), 16)
passpoint = generator_secp256k1 * passfactor
compressed_passpoint = ("%02x%064x" % (2 + (passpoint.y() & 1), passpoint.x())).decode('hex')
seedbkey = scrypt.hash(compressed_passpoint, addresshash + ownersalt, 1024, 1, 1, 64)
derivedhalf1 = seedbkey[0:32]
derivedhalf2 = seedbkey[32:64]
c = AES.new(derivedhalf2, AES.MODE_ECB)
decryptedpart2 = c.decrypt(encryptedpart2)
dec = "".join(map(chr, [ord(x) ^ ord(y) for (x,y) in zip(decryptedpart2, derivedhalf1[16:32])]))
encryptedpart1 += dec[0:8]
seedb = dec[8:16]
decryptedpart1 = c.decrypt(encryptedpart1)
dec = "".join(map(chr, [ord(x) ^ ord(y) for (x,y) in zip(decryptedpart1, derivedhalf1)]))
seedb = dec + seedb
factorb = int(sha256(sha256(seedb).digest()).hexdigest(), 16)
private_key = (passfactor * factorb) % N
print("%X" % private_key)
(public_point_x, public_point_y) = public_pair_for_secret_exponent(generator_secp256k1, private_key)
public_key = ("%02X%064X%064X" % (0x04, public_point_x, public_point_y)).decode('hex')
m = hashlib.new('ripemd160')
m.update(sha256(public_key).digest())
ripe = m.digest()
# address_checksum = sha256(sha256(ripe).digest()).digest()[0:4]
# ripe += address_checksum
if ripe != raw_address:
continue
print("\aFOUND!")
sys.exit()
except Exception as e:
print(e)
continue
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment