Can old GETH wallets be recovered?
GETH client or Ethereum wallet was one of the first of its kind when it was introduced in 2015. Many ETH OGs used it to move their GENESIS block Ethereum and many has remained untouched.
There are various reports of missing accounts or password bugs, so what can be done if you still have an old JSON file from the GETH client?
First you would need to check the authenticy of the wallet, by opening it with a general text editor, check for the string address, and paste it into etherscan.io adding a 0x in front. If the address still holds some ETH the the wallet file is most likely genuine.
Where is the GETH JSON wallet file located?
If you have the computer but are unable to find the wallet file, then there are various locations to look out for. Depending on your operating system, the wallet client uses different locations
For MAC check this folder: ~/Library/Ethereum
For Windows OS check here: %LOCALAPPDATA%\Ethereum
For Linux box you shoul find it here: ~/.ethereum
Once the file is located and you are confident there are some Dinosaur ETH stored inside it, its time to move to the next step.
Create a text file with the most common passwords you have been using in the past.
Next head to hashcat open source cracking software and get the Hashcat, the recovery mode for Geth clients is 15700. You can use Jack The Ripper ethereum2john.py tool to extract the hash.
You should be aware that GETH uses a strong encryption and using a GPU card will not help. You should have a strong CPU, although speed is very slow. Usually 15–20 Password tries per second.
Although KeychainX has developed a custom built tool that speeds up 30x compared to Hashcat. In same instances even 100x.
What is the hashcat prompt to recover the GETH wallet?
lets say you export the hash to hash.txt and your password guesses are stored in passwords.txt your prompt could be looking like this.
You might also add rules or rule sets and put them into a file called rules.rule. You can also download the famous One Rule to rule them all. You can read about rules here:
https://hashcat.net/wiki/doku.php?id=rule_based_attack
hashcat -m 15700 hash.txt passwords.txt -r oner.rule — status — status-timer=5 -w3 -d1
- d1 flag is the device you want to use. Timer 5 is updating the status every 5 seconds etc.
If the whole hashcat deal is overwhelming you can find some help in this forum:
Once you get the password to your file, you will be able to decrypt the wallet and import the private key to Metamask.
If you still got your head spinning and needs some help, dont hesitate to reach out to keychainx@protonmail.com
Disclaimer! This article was written by KeychainX Crypto Recovery Services. To read more about our company please visit https://keychainx.io or send us an email to keychainx@protonmail.com if you need to talk about password recovery.