(Link to Brainflayer https://github.com/ryancdotorg/brainflayer)
Brainflayer is a Proof-of-Concept brainwallet cracking tool that uses libsecp256k1 for pubkey generation. It was originally released as part of my DEFCON talk about cracking brainwallets (slides, video, why).
The name is a reference to Mind Flayers, a race of monsters from the Dungeons & Dragons role-playing game. They eat brains, psionically enslave people and look like lovecraftian horrors.
The current release is more than four times faster than the DEFCON release, and many features have been added.
Brainflayer’s design is heavily influenced by Unix philosophy. It (mostly) does one thing: hunt for tasty brainwallets. A major feature it does not have is generating candidate passwords/passphrases. There are plenty of other great tools that do that, and brainflayer is happy to have you pipe their output to it.
Unfortunately, brainflayer is not currently multithreaded. If you want to have it keep multiple cores busy, you’ll have to come up with a way to distribute the work yourself (brainflayer’s -n and -k options may help). In my testing, brainflayer benefits significantly from hyperthreading, so you may want to run two copies per physical core. Also worth noting is that brainflayer mmaps its data files in shared memory, so additional brainflayer processes do not use up that much additional RAM.
Hopefully you have installed Ubuntu, Updates, Repositories and Moudles if not check out the Install Ubuntu Guide.
Basic Commands
Precompute the bloom filter: hex2blf example.hex example.blf
Run Brainflayer against it: brainflayer -v -b example.blf -i phraselist.txt
Run Brainflayer with adon generator: your_generator | brainflayer -v -b example.blf
Advanced Commands
-m FILE Load the ecmult table from FILE (generated with ecmtabgen) rather than computing it on startup. This will allow multiple brainflayer processes to share the same table in memory, and signifigantly reduce startup time when using a large table.
-f FILE Verify check bloom filter matches against FILE, a list of all hash160s generated with sort -u example.hex | xxd -r -p > example.bin Enough addresses exist on the Bitcoin network to cause false positives in the bloom filter, this option will suppress them.
-t keccak passphrases to be hashed with keccak256 (some ethereum tools)
-t priv raw private keys – this can be used to support arbitrary deterministic wallet schemes via an external program. Any trailing data after the hex encoded private key will be included in brainflayer’s output as well, for reference. See also the -I option if you want to crack a bunch of sequential keys, which has special speed optimizations.
-t warp salts or passwords/passphrases for WarpWallet
-t bwio salts or passwords/passphrases for brainwallet.io
-t bv2 salts or passwords/passphrases for brainv2 – this one is very slow on CPU, however the parameter choices make it a great target for GPUs and FPGAs.
-t rush passwords for password-protected rushwallets – pass the fragment (the part of the url after the #) using -r. Almost all wrong passwords will be rejected even without a bloom filter.
Address types can be specified with the -c option:
-c u uncompressed addresses
-c c compressed addresses
-c cu compressed addresses & uncompressed addresses
-c e ethereum addresses
-c x most signifigant bits of public point’s x coordinate
- git clone https://github.com/ryancdotorg/brainflayer.git
- cd brainflayer
- make (This only has to be done Once)
If you have not yet Built a Bitcoin Address Database then here is a good place to start – BTC Address in Base58 and H160 Sorted by Satoshi Balance (here) to download your CSV file. Thanks to bitkeys.work Bitcoin Private Key Generator | All Bitcoin Address with Balance (bitkeys.work)
On a Windows 10 runing Ubuntu will need to extract file to this location :
- Ubuntu18.04 LTS : C:\Users\Your_Username\AppData\Local\Packages\CanonicalGroupLimited.Ubuntu18.04onWindows_79rhkp1fndgsc\LocalState\rootfs\home\Your_Username
- Ubuntu20.04 LTS : C:\Users\Your_Username\AppData\Local\Packages\CanonicalGroupLimited.Ubuntu20.04onWindows_79rhkp1fndgsc\LocalState\rootfs\home\Your_Username
Copy Your CVS file to Brainflayer Folder
- sudo cp btc_balance_sorted.csv /home/Your_Username/brainflayer/btc_balance_sorted.csv
Copying the file this way into Brainflayer folder Alows Ubuntnu to use it in brainflayer without permission issuse. Make sure you in the root directory.
Make your Bloom File and Bin File
- sudo cut -d, -f 1 btc_balance_sorted.csv > btc_base58.txt
(The resulting file “btc_base58.txt” will be a huge list of BTC base58 address line by line.)
- sudo cut -d, -f 4 btc_balance_sorted.csv > btc_h160.txt
(The resulting file “btc_h160.txt” will be a huge list of BTC H160 address line by line.)
- ./hex2blf btc_h160.txt btcaddress.blf
(The resulting file “btcaddress.blf” will be a list of BTC H160 address for much quicker lookup)
- sort -u btc_h160.txt | xxd -r -p > btc_h160.bin
(The resulting file “btc_h160.bin” we be a list of all hash160s generated verify check bloom filter matches that cause false positives in the bloom filter, this option will suppress them)
Examples:
Standard Commands
- (Run brainflayer -v Visual -b bloomfilter -i includefile -o Outputfile)
./brainflayer -v -b btcaddress.blf -i wordlist.txt -o found.txt - (Run brainflayer -t salts/passwordsWarpWallet -b bloomfilter -i includefile -o Outputfile)
./brainflayer -t warp -v -b btcaddress.blf -i wordlist.txt -o found.txt - (Run brainflayer -t salts/passwordsWarpWalletbrainwallet.io -b bloomfilter -i includefile -o Outputfile)
./brainflayer -t bwio -v -b btcaddress.blf -i wordlist.txt -o found.txt - (Run brainflayer -v Visual -c Compressionboth -b bloomfilter -f VerifycheckbloomFile -o Outputfile)
./brainflayer -v -c cu -b btcaddress.blf -f btc_h160.bin -o found.txt - (Run brainflayer -v Visual -c Compressionboth -t rawprivatekeys -b bloomfilter -f VerifycheckbloomFile -o Outputfile)
./brainflayer -v -c cu -t priv -x -b btcaddress.blf -f btc_h160.bin -o found.txt
Incremental Private Key Brute Force Mode
- (Run brainflayer -v Visual -I StartingRange -b bloomfilter -o Outputfile)
./brainflayer -v -I 0000000000000000000000000000000000000000000000000000000000000001 -b btcaddress.blf -o found.txt - (Run brainflayer -v Visual -c Compressionboth -I StartingRange -b bloomfilter -f VerifycheckbloomFile -o Outputfile)
./brainflayer -v -c cu -I 1000000000000000000000000000000000000000000000000000000000000000 -b btcaddress.blf -f btc_h160.bin -o found.txt
First install Crunch Run Command : sudo apt-get install crunch
Example Crunch Commands:
crunch 1 64 abcdefghijklmopqrstuvwxyz | ./brainflayer -v -c cu -t priv -x -b btcaddress.blf -o found.txt
crunch 1 64 abcdefghijklmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890\!\@\#\$\%\^\&\*\(\)\-\_\+\=\~\’\[\]\{\}\:\;\<\>\,\.\?\/ | ./brainflayer -v -c cu -t priv -x -b btcaddress.blf -o found.txt
crunch 51 51 abcdefghijklmopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890\!\@\#\$\%\^\&\*\(\)\-\_\+\=\~\’\[\]\{\}\:\;\<\>\,\.\?\/ -t 5@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | ./brainflayer -v -c cu -t priv -x -b btcaddress.blf -o found.txt
crunch 34 34 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890 -t @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | ./brainflayer -v -b btcaddress.blf -o found.txt
Find random private keys in hex
Copy Random Hex to Brainflayer folder:
sudo cp randomhex /home/Your_Name/brainflayer/randomhex
RandomHex Commands
1st Time on windows run: sudo chmod +x
sudo chmod +x ./randomhex | ./brainflayer -v -c cu -t priv -x -b btcaddress.blf -f btc_h160.bin -o found.txt
Every time after
./randomhex | ./brainflayer -v -c cu -t priv -x -b btcaddress.blf -f btc_h160.bin -o found.txt
Both Compressed and Uncompressed
./randomhex | ./brainflayer -v -c cu -t priv -x -b btcaddress.blf -o found.txt
Compressed
./randomhex | ./brainflayer -v -c c -t priv -x -b btcaddress.blf -o found.txt
Uncompressed
./randomhex | ./brainflayer -v -c u -t priv -x -b btcaddress.blf -o found.txt
Random With Starting Range
./randomhex | ./brainflayer -v -c cu -I 1000000000000000000000000000000000000000000000000000000000000000 -b btcaddress.blf -f btc_h160.bin -o found.txt
RandomHex Download (Here)
MiniKey for brute-force bitcoin mini private keys.
Copy MiniKey to Brainflayer folder:
sudo cp minpks /home/Your_Name/brainflayer/minpks
1st Time on windows run: sudo chmod +x
Or Move MiniKey to Brainflayer folder:
sudo mv minpks /home/Your_Name/brainflayer/minpks
1st Time on windows run: sudo chmod +x
MiniKey Commands
./minpks | ./brainflayer -c uc -a -v -b btcaddress.blf -o found.txt
./minpks | ./brainflayer -v -c cu -b btcaddress.blf -f btc_h160.bin -o found.txt
MiniKey Download (Here)