Password recovery

[Tomek]

Hi everyone,

Here's the situation : I have an encrypted virtual machine (VMware) with a bunch of bitcoins in it, from the time when I was doing some business experimentations with the cryptocurrency. I had something like 1.5 BTC, which is currently worth ~$750. The problem is : I only have a very, very vague idea of the password I used to encrypt the virtual machine. I already tried a lot of possible combinations, without success.

I'm running out of ideas. There's no password recovery software for this kind of encryption, and bruteforcing the thing might take a couple of millenias.

The technical approach : because I have a vague idea of the password I used, I might be able to generate a wordlist with crunch or john the ripper, then having a shell script trying all these generated passwords one by one, which could take a few weeks (that's more acceptable). If someone here has some experience on IT security and pentesting, I'll be glad to hear about it. I don't exactly know how to generate a wordlist with determined patterns, because that's how I compose my passwords : I have about a dozen of "words", like, let's say, "bacon", "eggs" and "sausage", mixed with % and @ and a few digits, like "56" or "65". A typical Tomek password looks like :

EGGS56%bacons65@

So, question for the techies : do you think it's possible to generate a wordlist with my patterns, so that I can test this wordlist in a reasonable delay ?

The "other" approach : I'll leave the spirit board out of the picture for the moment ;p but if members knows about some techniques to remember something you forgot, meditation or whatever, well, that could be handy too.

 

[Altair]

Can't you just switch off the encryption? Look here: _http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2005714

 

[Tomek]

Can't you just switch off the encryption? Look here: _http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2005714

It's not possible without the password.

1.Shut down the virtual machine.
2. From the Fusion menu bar, go to Virtual Machine > Settings.
3. Click Encryption.
4. Set the switch beside Encryption to OFF.
5. You are prompted to enter the password. Enter the encryption password, then click OK.

 

[Altair]

Important

Make sure that you record the encryption password you use. If you forget the password, Workstation does not provide a way to retrieve it.

_http://pubs.vmware.com/workstation-9/index.jsp#com.vmware.ws.using.doc/GUID-8A64D0EF-CB0E-4C50-A034-3FD5C0A0F905.html

 

[Tomek]

Important

Make sure that you record the encryption password you use. If you forget the password, Workstation does not provide a way to retrieve it.

_http://pubs.vmware.com/workstation-9/index.jsp#com.vmware.ws.using.doc/GUID-8A64D0EF-CB0E-4C50-A034-3FD5C0A0F905.html

Yep I noticed that too :p hence this thread to find alternative ways to recover the password.

 

[IncenDiary]

You won't be able to get the original password, but can you try this? Is it applicable?

http://www.top-password.com/knowledge/reset-vmware-administrator-password.html

 

[Tomek]

You won't be able to get the original password, but can you try this? Is it applicable?

http://www.top-password.com/knowledge/reset-vmware-administrator-password.html

Not applicable : PCUnlocker allows you to reset the administrator password of your Windows installation, physical or virtual. In my case, I can't even access the Windows installation because the virtual hard drive files are encrypted.

 

[Gawan]

A non technical approach, and it may help or not, nonetheless you have a very vague idea about your password. Try to let the password issue rest for some days and maybe it comes back to mind? At least this helped me a lot in the past.

 

[Altair]

It may sound strange but what about doing carefully kind of hypnotic session with somebody who you trust to restore the password from your memory?

 

[Mikey]

Welcome to the club! Some time ago, I lost 2 bitcoins stored on my hard drive because of a careless rm -rf command. If you can't restore your password, and once you get over the frustration, maybe you can turn it into a positive experience by taking it as a general lesson/sign to be more aware and careful in the future.

 

[Tomek]

It may sound strange but what about doing carefully kind of hypnotic session with somebody who you trust to restore the password from your memory?

I don't know any qualified practitioner, so I'm not gonna venture into that.

Welcome to the club! Some time ago, I lost 2 bitcoins stored on my hard drive because of a careless rm -rf command. If you can't restore your password, and once you get over the frustration, maybe you can turn it into a positive experience by taking it as a general lesson/sign to be more aware and careful in the future.

Yeah, that's probably what's gonna happen... Okay it happened... Lesson learned... Now, Universe, give me back my bitcoins, please !

 

[angelburst29]

I know very little about bitcoins other than news articles but is there a way of transferring bitcoins (like they do for transactions) into another account?

 

[Jacques]

A non technical approach, and it may help or not, nonetheless you have a very vague idea about your password. Try to let the password issue rest for some days and maybe it comes back to mind? At least this helped me a lot in the past.

I would go with that too.

Before going to bed, ask for your password and have a good night of sleep.

 

[3DStudent]

There was a thread a few years ago about numerology where this book was discussed. There is a finding things section in the book. I tried it once, and it didn't seem to work. But I eventually found the item later, fwiw.

 

[Tomek]

I know very little about bitcoins other than news articles but is there a way of transferring bitcoins (like they do for transactions) into another account?

Yes, that's possible, assuming that you have access to you wallet file (a file simply called wallet.dat). That's the file that "contains" yout bitcoins. But in my case, this file is encrypted, and I can't have access to this file unless I decrypt the virtual machine. That's why I need the password.