metamask_pwn - Metamask Vault Extractor & Decryptor
-
Title: metamask_pwn
Author: cyclone
URL: metamask_pwn
Description:
Tools to extract and decrypt metamask vaults. Supports previous versions and the new Metamask wallet vaults which have a dynamic iteration.Metamask Vault Extractor Usage:
- Linux:
./metamask_extractor.bin {metamask_vault_dir} - Windows:
metamask_extractor.exe {metamask_vault_dir}
Metamask Vault location for Chrome extensions:
- Linux:
/home/$USER/.config/google-chrome/Default/Local\ Extension\ Settings/nkbihfbeogaeaoehlefnkodbefgpgknn/ - Mac:
Library>Application Support>Google>Chrome>Default>Local Extension Settings>nkbihfbeogaeaoehlefnkodbefgpgknn - Windows:
C:\Users\$USER\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
Metamask Vault Decryptor Usage:
POC tool to decrypt metamask vault wallets
This tool is proudly the first publicly released Metamask Vault decryptor / cracker to support the new Metamask wallet vaults which have a dynamic iteration.
./metamask_decryptor_amd64.bin -h metamask_json.txt -w wordlist.txt ------------------------------------ | Cyclone's Metamask Vault Decryptor | ------------------------------------ Vault file: metamask_json.txt Valid Vaults: 1 CPU Threads: 16 Wordlist: wordlist.txt Working... Decrypted: 0/1 5430.89 h/s 00h:01m:00sInfo:
- Supports previous Metamask vaults as well as new vaults with "KeyMetadata" which have dynamic iterations
Metamask Vault Decryptoris superseded by hashcat, however,Metamask Vault Decryptorcan extract the seed phrase from the json vault extracted withmetamask_extractor, which hashcat does not currently support
Example vaults supported:
- Old vault format:
{"data": "","iv": "","salt": ""} - New vault format:
{"data": "","iv": "","keyMetadata": {"algorithm": "PBKDF2","params": {"iterations": }},"salt": ""}
Usage example:
./metamask_decryptor.bin -h {wallet_json} -w {wordlist}
Output example:
If the tool successfully decrypts the vault, tool will print the vault json, seed phrase and vault password
Decrypted Vault: '{}' Seed Phrase: '' Vault Password: '' - Linux:
