How to recover Ethereum Presale wallet
During the summer of 2014, Ethereum or ETH did a successful presale that would change the crypto currency market forever. An investment of 2000USD would skyrocket to 10 million USD as of beginning of 2021. 8893 lucky investors participated and were given tokens as per seen in the GENESIS block
While many who took part in the presale enjoyed amazing returns, there are still over 300 presale wallets stuck when examining the GENESIS block. They range from modest tens of ETH up to over 10000ETH wallets.
With V2 approaching, those “lost” pre-sale wallets now worth staggering 1+ Billion USD may be gone forever, or will they?
While many complain of bugs and mishaps by the devs during the presale (change of code, problems with browser, foreign language keyboard settings etc) enough can be said that most of those lost wallets are due to bad security practices or simply ignorance.
As this is not an article to lecture those in constant pain by the knowledge of their loss, it is a humble reminder, that those funds may still be recoverable. All you need is time and patience. And of course some luck.
First, it is important to know that your pre-sale wallet is not empty, many purchases went wrong and the wallets sent out were pointing to wallets containing 0 eth.
To check the balance of your wallet you need to open the ethereum_wallet_backup.json file with a text editor, scroll to the string “ethaddr”: “
The numbers after that is your wallet address on the Ethereum blockchain, by adding 0x in front of the number you can view the amount of eth stored in it using
If your balance is anything more than 0, then it is time for some work, if it is 0 then your wallet is empty. To start you need to know what were the requirements for the password.
- Minimum 11 characters
- At least one uppercase
- At least one lowercase character
- At least one special characters
- At least one number.
Meaning your password should at least look like this: P@ssw0rd123!
If you would like to try to open the file yourself you have a set of handy tools to help you, you would need to follow these steps
STEP 1. Extract some code (hash) that represents the password of your encrypted wallet. You can extract the hash from your .json file using btcrecover script ethereum2john.py. A hash represents your password in an encrypted format that your computer will be able to decrypt (give that you have a good idea of the password or at least some part of it). You can download btcrecover from here:
btcrecover is an open source Bitcoin wallet password and seed recovery tool. It is designed for the case where you…
This is the ORIGINAL btcrecover script and there are many forks of it. Beware of scammy versions that would instead of generating the hash, steal your wallet.
STEP 2. Create a list of passwords that you might used in the past and or have a vauge idea of using for your wallet. This is your list of passwords that will be tried together with a software called Hashcat. Place the password list inside a .txt file called passwords.txt
STEP 3. Create a rule set for Hashcat that will change your passwords in order to make variations. A good tutorial on rule sets could be found here:
rule_based_attack [hashcat wiki]
The rule-based attack is one of the most complicated of all the attack modes. The reason for this is very simple. The…
Create a rule list for Hashcat to run variations of your password guesses like $! that will add ! to all your guesses or C that will toggle your password and lowercase first character. Another cool rule is sa@ or si1 that will change all a characters with @ or all i characters with 1.
Once you have extracted a hash, build your password list and created a rule set, it is time for you to run Hashcat. Although any computer is able to run and break an Ethereum wallet it is adviced to use some GPU card. If you do not have one, you could always rent them with AWS (Amazon Cloud Services). A nice tutorial on how to setup an Amazon instance is here:
Published: 19 October 2020 Password cracking is a common step during compromising networks, from cracking wireless…
Trying to open the wallet with a simple desktop or laptop is possible, but not recommended. You could burn the computer and the speed would not be favorable.
To try to find the password with hashcat use mode 16300 which is for eth-presale wallets. A decent GPU card will give you a handy speed of 200k password checks per second. Your Hashcat command would look like this
Hashcat -m 16300 wallethash.txt passwordhints.txt -r passwordrules.rule
This will run your wallet against the password list with some of your rules. If you want to see progress you can always add the flag — status — status-timer=5 it will show and update progress every 5 seconds.
If your password is found, it will be stored in a file called hashcat.potfile
Although Ethereum presale took place 6 years ago it is sill possible to recover those funds. You just need patience, experience and a bit of luck.
Disclaimer! This article was written by Robert Rhodin, the CEO of Wallet Recovery Service KEYCHAINX AG, based in Zug Switzerland. To read more about our company please visit https://keychainx.io or send us an email to firstname.lastname@example.org if you need to talk about password recovery.