atomic_pwn - Atomic Vault Extractor & Decryptor
-
Title: atomic_pwn
Author:cyclone
URL:https://github.com/cyclone-github/atomic_pwn
Description:Tools to extract and decrypt Atomic crypto vaults/wallets.
Atomic Vault Extractor & Decryptor
POC tools to extract and decrypt Atomic vault wallets
This toolset is proudly the first publicly released Atomic Vault extractor / decryptor.
- Contact me at https://forum.hashpwn.net/user/cyclone if you need help recovering your Atomic wallet password or seed phrase
Atomic vault location:
- Linux:
/home/$USER/.config/atomic/Local\ Storage/leveldb/ - Mac:
~/Library/Application Support/atomic/Local Storage/leveldb/ - Windows:
C:\Users\$USER\AppData\Roaming\atomic\Local Storage\leveldb\
Extractor Example Usage:
./atomic_extractor.bin atomic_dir/ ---------------------------------------------------- | Cyclone's Atomic Vault Hash Extractor | | Use Atomic Vault Decryptor to decrypt | | https://github.com/cyclone-github/atomic_pwn | ---------------------------------------------------- Encrypted Mnemonic Seed Phrase: {atomic_salt_ciphertext} ----------------------------------------------------- | hashcat -m 30020 hash | ----------------------------------------------------- $atomic${salt}${ciphertext}Decryptor Example Usage:
./atomic_decryptor.bin -h atomic.txt -w wordlist.txt ----------------------------------------------- | Cyclone's Atomic Vault Decryptor | | https://github.com/cyclone-github/atomic_pwn | ----------------------------------------------- Vault file: atomic.txt Valid Vaults: 1 CPU Threads: 16 Wordlist: wordlist.txt 2025/01/13 16:49:42 Working... Hash: {foobar hash} Password: {password} Seed Phrase: {decrypted seed phrase} 2025/01/13 16:49:50 Finished 2025/01/13 16:49:50 Decrypted: 1/1 1786145.15 h/s 00h:00m:08s-w {wordlist} (omit -w to read from stdin) -h {atomic_wallet_hash} -o {output} (omit -o to write to stdout) -t {cpu threads} -s {print status every nth sec} -version (version info) -help (usage instructions) ./atomic_decryptor.bin -h {atomic_wallet_hash} -w {wordlist} -o {output} -t {cpu threads} -s {print status every nth sec} ./atomic_decryptor.bin -h atomic.txt -w wordlist.txt -o cracked.txt -t 16 -s 10 cat wordlist | ./atomic_decryptor.bin -h atomic.txt ./atomic_decryptor.bin -h atomic.txt -w wordlist.txt -o output.txtCredits
- Many thanks to blandyuk for his help with the AES Key and IV implementation - https://github.com/blandyuk
Compile from source:
- If you want the latest features, compiling from source is the best option since the release version may run several revisions behind the source code.
- This assumes you have Go and Git installed
git clone https://github.com/cyclone-github/atomic_pwn.git- atomic_extractor
cd atomic_pwn/atomic_extractorgo mod init atomic_extractorgo mod tidygo build -ldflags="-s -w" .- atomic_decryptor
cd atomic_pwn/atomic_decryptorgo mod init atomic_decryptorgo mod tidygo build -ldflags="-s -w" .
- Compile from source code how-to:
Changelog:
Sysadmin by day | Hacker by night | Go Developer | hashpwn site owner
3x RTX 4090 -
atomic_pwnv0.2.3 released
https://github.com/cyclone-github/atomic_pwn/releases/tag/v0.2.3Changelog - atomic_decryptor:
- fix https://github.com/cyclone-github/atomic_pwn/issues/5
- modified codebase to mirror phantom_decryptor
- readded -o {output_file} flag
Sysadmin by day | Hacker by night | Go Developer | hashpwn site owner
3x RTX 4090 -
Dear Admin,
I hope you can help me, two weeks ago I accidentally overwrote my file with my seed phrases and my Atomic wallet password. I know the exact number of coins that were there and I can confirm that it is my wallet. At the moment I need to enter my wallet password, which I don't have. Can you help me get my money back? It's a significant amount of money for me.
What can I do to get your help?
Regards
-
Dear Admin,
I hope you can help me, two weeks ago I accidentally overwrote my file with my seed phrases and my Atomic wallet password. I know the exact number of coins that were there and I can confirm that it is my wallet. At the moment I need to enter my wallet password, which I don't have. Can you help me get my money back? It's a significant amount of money for me.
What can I do to get your help?
Regards
@sdfr01101 The Atomic wallet seed phrase may still be recoverable if you have the original wallet files located at:
Linux: /home/$USER/.config/atomic/Local\ Storage/leveldb/ Mac: ~/Library/Application Support/atomic/Local Storage/leveldb/ Windows: C:\Users\$USER\AppData\Roaming\atomic\Local Storage\leveldb\This directory should contain files like
000005.ldb,MANIFEST-000233,000232.log, etc. If those files have been overwritten, the wallet will not be recoverable without having the seed phrase previously written down or backed up.Steps to recover your Atomic wallet:
- Run
atomic_extractorand point it to your Atomic directory described above - If successful, the tool will output the encrypted seed phrase that you can run with hashcat or
atomic_decryptor(see example output in the OP above and on GitHub) - Run the extracted hash with
atomic_decryptorand a wordlist containing password candidates for the wallet - If the password is cracked, the password and seed phrase will be printed to terminal
- You can use the recovered seed phrase to recover your Atomic wallet
- Note, there is no guarantee of recovering the wallet since the password must be guessed (similar to hashcat, john, mdxfind, etc)
If you need further help, send me a DM on here on hashpwn or Matrix.
- Run
-
Nice job! And what about browser extension? It comes withs "iv", "data", "tag" and "salt" fields
-
Nice job! And what about browser extension? It comes withs "iv", "data", "tag" and "salt" fields
@potato100500
Thanks! If there is enough interest, I can add support for the Atomic Wallet Chrome extension.
https://atomicwallet.io/web3-walletSysadmin by day | Hacker by night | Go Developer | hashpwn site owner
3x RTX 4090
