Pages:
Author

Topic: BrainWallet Defcon Attack Discussion, Advice, Q&A, Brainflayer Info, etc. - page 2. (Read 12576 times)

member
Activity: 105
Merit: 59
I plan to release an update adding support for this "passphrase plus xor" brainwallet variant, so don't go using it.
member
Activity: 178
Merit: 10
I have several times changed the source of https://brainwalletx.girhub.io/ for supporting a different coins,
but now I was not too lazy and took the time to write a universal brainwallet for all coins.
You can download test it here "CКAЧATЬ": http://rgho.st/8hlwbSy98
1. Unzip to the folder.
2. Drag and drop index.html -> to the tab of your browser.
3. See changes.txt

Just for you all I did add random_seed and XOR
and also I did unlock the "Secure random" button (just found it in the source code).  Grin

Maybe need to add or change anything else? Just PM me.

Cant make up my mind if this is phishing or an honest typo, but the rating suggests phisher!
member
Activity: 67
Merit: 13
Out of curiosity, where does the vulnerability originate? Is it in the seed phrase itself, or the way it makes use of the seed phrase? This is important because I noticed that with electrum wallets it will accept any seed phrase I give it meaning that I could technically just think up my own seed phrase to use the same way I'd use a brain wallet. If the issue is with the 12 word seeds it would mean that no seed wallet is safe, but if the issue is something else I'd like to know what that is and what if anything it might mean for other wallets. 
full member
Activity: 1588
Merit: 214
I have several times changed the source of https://brainwalletx.girhub.io/ for supporting a different coins,
but now I was not too lazy and took the time to write a universal brainwallet for all coins.
You can download test it here "CКAЧATЬ": http://rgho.st/8hlwbSy98
1. Unzip to the folder.
2. Drag and drop index.html -> to the tab of your browser.
3. See changes.txt

Just for you all I did add random_seed and XOR
and also I did unlock the "Secure random" button (just found it in the source code).  Grin

Maybe need to add or change anything else? Just PM me.
full member
Activity: 146
Merit: 100
Wow. Just read about this tonight. Experimenting with Brain Wallet and found an empty wallet with 2 previous transactions.

It's true. People have no imaginations   :/

edit ... up to 4 now ..  Grin all empty though
edit.. make that 6 ...
member
Activity: 105
Merit: 59
ryanc, I would like to see more documentation about brainflayer as there is almost none.

The initial release of brainflayer deliberately has very limited documentation to keep unskilled people from using it. I will be releasing an enhanced version (with better documentation) soon, now that it's made some news and convinced some people to stop using brainwallets.

In regards a commentary you made in your presentation on how to advert people that they have a weak address. You said that it could be thought sending a small amount to a vanity address but you could send it to a burn address like '1DontUseThisWeakBrainWa11etAf1F98T'. Here you have a python scrypt for generating them, also check the bitcoin address validation wiki entry.

This would pollute the UTXO set, and I don't think it's really any better than using multiple vanity addresses in the same transaction. I was going for subtle at the time.
hero member
Activity: 784
Merit: 500
I want to be absolutely clear - other than by accident (and those coins were returned within minutes) - I have not taken anyone's bitcoins. I will be following up with a blog post sharing more details of my research soon.

You could try asking btcrobinhood on reddit - they have a bot that sweeps brainwallets. I believe that their policy is to return 100% if you are able to demonstrate ownership sufficiently.

I would consider helping to recover forgotten brainwallet passphrases (using a tailored search), but I don't have a policy on this at the moment.

ryanc, I would like to see more documentation about brainflayer as there is almost none.

In regards a commentary you made in your presentation on how to advert people that they have a weak address. You said that it could be thought sending a small amount to a vanity address but you could send it to a burn address like '1DontUseThisWeakBrainWa11etAf1F98T'. Here you have a python scrypt for generating them, also check the bitcoin address validation wiki entry.
member
Activity: 132
Merit: 17
So no news for my Bitcoins?

No, not really.  Someone else stole them.  It is very unlikely that it was BrainWallet's operators who stole them, so it simply can be concluded that you just used a weak passphrase to generate the wallet.
full member
Activity: 179
Merit: 100
So no news for my Bitcoins?
member
Activity: 132
Merit: 17
On paper, the idea of Brainwallet sounded great. But the biggest problem is the human element in the equation Smiley

If you remove the human part, you're stuck with a third party.

There is no proper implementation to do this in a trustless environment.

The problem is that BrainWallets don't implement a random number generator in any way.  That's the thing that pretty much every other wallet implementation has in common - they don't trust the user to supply the piece that everything is generated from.
legendary
Activity: 1764
Merit: 1000
I was never a fan of brainwallet... The idea sounded too insecure to me. I hope those seed words used by electrum are safer.

If you memorize Electrum seed, it will be a brainwallet. Roll Eyes Wink

Yeah, but as far as I know it can't be cracked as easy as brainwallet.org keys. That's what I was questioning
legendary
Activity: 1596
Merit: 1010
On paper, the idea of Brainwallet sounded great. But the biggest problem is the human element in the equation Smiley

If you remove the human part, you're stuck with a third party.

There is no proper implementation to do this in a trustless environment.
member
Activity: 132
Merit: 17
I was never a fan of brainwallet... The idea sounded too insecure to me. I hope those seed words used by electrum are safer.

If you memorize Electrum seed, it will be a brainwallet. Roll Eyes Wink

Different type of brainwallet.  You seem like the kind of person who shows up at a crane convention, and while everyone else has a little bird, you show up with this giant crane for lifting things.

The brainwallet in this case refers to those generated by Brainwallet.org (which uses SHA256(passphrase) to generate the private key).
member
Activity: 105
Merit: 59
If you memorize Electrum seed, it will be a brainwallet. Roll Eyes Wink

There's a couple of things people use the term "brainwallet" to mean.

1. The weak cryptocurrency private key generation scheme of SHA256(passphrase)

2. Brainwallet.org, a site implementing the SHA256(passphrase) algorithm as well as some miscellaneous tools

3. Any scheme turning a user chosen passphrase into a cryptocurrency private key

4. Any scheme where a user memorizes a generated passphrase representing a cryptocurrency private key

Brainflayer specifically targets number one in that list.

member
Activity: 105
Merit: 59
So who is that whitehat who has 800BTC.

btcspry said that based on a misunderstanding of some sort. What I said was that I ran a "peak balance analysis" on all the brainwallets I cracked, and the total was about 733 BTC. This does not reflect the balances they had when I found them - it's the most they ever held. I do not know how much of this was moved out by the legitimate owners and how much was stolen.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
I was never a fan of brainwallet... The idea sounded too insecure to me. I hope those seed words used by electrum are safer.

If you memorize Electrum seed, it will be a brainwallet. Roll Eyes Wink
legendary
Activity: 1764
Merit: 1000
I was never a fan of brainwallet... The idea sounded too insecure to me. I hope those seed words used by electrum are safer.
legendary
Activity: 952
Merit: 1005
--Signature Designs-- http://bit.ly/1Pjbx77
Quote

I originally thought there was a backdoor to the key generation algorithm. After reading the PDF, I believe it's boarder list generation and more efficient way of checking balance. At the end, boils down to weak phrases: Brainwallet users believe they can created a phrase that no one could ever think of.  Grin

I don't use brainwallets because I do not trust myself with remembering the phrase. If I need to write it down, it defeats the purpose of using brainwallets.
hero member
Activity: 938
Merit: 1000
I want to be absolutely clear - other than by accident (and those coins were returned within minutes) - I have not taken anyone's bitcoins. I will be following up with a blog post sharing more details of my research soon.

You could try asking btcrobinhood on reddit - they have a bot that sweeps brainwallets. I believe that their policy is to return 100% if you are able to demonstrate ownership sufficiently.

I would consider helping to recover forgotten brainwallet passphrases (using a tailored search), but I don't have a policy on this at the moment.
i'm glad we have a white hacker like you. you inform us about bug on brain wallet and didn't steal anyone bitcoin.
mostly people will take their bitcoin if they found the bug, but you are not. thanks to you.
full member
Activity: 179
Merit: 100
I want to be absolutely clear - other than by accident (and those coins were returned within minutes) - I have not taken anyone's bitcoins. I will be following up with a blog post sharing more details of my research soon.

You could try asking btcrobinhood on reddit - they have a bot that sweeps brainwallets. I believe that their policy is to return 100% if you are able to demonstrate ownership sufficiently.

I would consider helping to recover forgotten brainwallet passphrases (using a tailored search), but I don't have a policy on this at the moment.
So you mean you not only don't have my BTC you don't have anyone's BTC?So who is that whitehat who has 800BTC.I already messaged robinhood but he didn't seem to post for months.And I don't need to get my passphrase back I have a private key of that wallet.
Pages:
Jump to: