john --format=bitcoin hash.txt --wordlist=rockyou.txt
If you installed John the Ripper (Jumbo), the script is usually in the run/ directory: /path/to/john/run/bitcoin2john.py Bitcoin2john
To understand why a tool like bitcoin2john.py is necessary, one must first look at how standard Bitcoin Core desktop clients secure sensitive data. john --format=bitcoin hash
Alternatively, you can find the standalone script in the Bitcoin Core source code under contrib/bitcoin2john/ . It takes a base wordlist (like rockyou
This is a very effective method. It takes a base wordlist (like rockyou.txt ) and applies a set of transformation rules (e.g., adding numbers, changing case). One powerful rule set is OneRuleToRuleThemAll .
: Simply run john hash.txt with your desired wordlist.
You have an old, encrypted Bitcoin wallet (wallet.dat, or from Multibit, Armory, etc.), and you have forgotten or partially remember the passphrase. Bitcoin2john extracts the cryptographic hash derived from that passphrase, allowing you to brute-force or dictionary-attack it.