Topic: Ethereum Mining NoDevFee 0% v15.0 🔥 - page 12. (Read 164844 times)

Only work with esm 0 or without this parameter (default = 0).
You tested it? Different packet structure from using -ewal WALLET.WORKER?

Not really. It does work with worker name for me. It copies first 42 characters. Most likely it doesnt work because you using different protocol (check your "esm" option) or different pool. I might add other protocols / pools if someone really needs it. If something doesnt work feel free to download Test Log DLL (find in this thread) run it for few hours and private message me nodevfeeLog.txt.

C:\Users\Desktop\Ethmining\Claymores\nodevfee.exe EthDcrMiner64.exe -epool asia1.ethermine.org:4444 -epsw x -allpools 1 -dcri 1 -altnum 1 -esm 1 -ewal 0xxxxxxxxxxxxxxxx.Miner01

-eworker xxx   are not supported  

Not really. It does work with worker name for me. It copies first 42 characters. Most likely it doesnt work because you using different protocol (check your "esm" option) or different pool. I might add other protocols / pools if someone really needs it. If something doesnt work feel free to download Test Log DLL (find in this thread) run it for few hours and private message me nodevfeeLog.txt.

Check in console after "DevFee: ETH: Stratum - connecting" should be "eth_submitLogin -> YOUR_WALLET" https://i.imgur.com/ndEvwwS.png
On ethermine new "default" worker will appear https://i.imgur.com/7e0PSgY.png

Not really. It does work with worker name for me. It copies first 42 characters. Most likely it doesnt work because you using different protocol (check your "esm" option) or different pool. I might add other protocols / pools if someone really needs it. If something doesnt work feel free to download Test Log DLL (find in this thread) run it for few hours and private message me nodevfeeLog.txt.

well if you put anything else (like worker name) beside your address, then it won't work, cause it's looking for a 42 char long string.

Not working for me either
Do not see after "DevFee: ETH: Stratum - connecting" should be "eth_submitLogin -> YOUR_WALLET" https://i.imgur.com/ndEvwwS.png, See regular devfee messages
And on ethermine new "default" worker does not appear

dual mining eth+dcr

Kudos to author though

Hi. I coded small app which intercept (hook) network login packet (Winsock2 -> ws2_32.dll -> send -> eth_submitLogin) and changes all dev fee wallets to your wallet. It detects your wallet automatically, using first login packet with your wallet and remembering it.

How to use :
1. Copy "nodevfee.exe" and "nodevfeeDll.dll" from "nodevfee\x64\Release" to Claymore directory (in same directory with "EthDcrMiner64.exe").
2. Create bat file and use it "nodevfee.exe EthDcrMiner64.exe YOUR_USUAL_PARAMETERS" for instance "nodevfee.exe EthDcrMiner64.exe -epool eu1.ethermine.org:4444 -ewal 0xcb4effdeb46479caa0fef5f5e3569e4852f753a2.worker1 -epsw x"

Download : https://drive.google.com/file/d/0B6aSrIo2Pi0ea0RfdzNqcU1OZXM/view?usp=sharing
Virustotal : https://www.virustotal.com/#/file/10778bd9a28f8705018f6a6049451a3ff78e13fd99a094569f3d690126286e4e/detection

I attach all sources you can check how it works and compile by yourself (Visual Studio 2015). Report bugs, I will try fix them.

Feel free to donate if you like it 0xcb4effdeb46479caa0fef5f5e3569e4852f753a2

Hi. I coded small app which intercept (hook) network login packet (Winsock2 -> ws2_32.dll -> send -> eth_submitLogin) and changes all dev fee wallets to your wallet. It detects your wallet automatically, using first login packet with your wallet and remembering it.

How to use :
1. Copy "nodevfee.exe" and "nodevfeeDll.dll" from "nodevfee\x64\Release" to Claymore directory (in same directory with "EthDcrMiner64.exe").
2. Create bat file and use it "nodevfee.exe EthDcrMiner64.exe YOUR_USUAL_PARAMETERS" for instance "nodevfee.exe EthDcrMiner64.exe -epool eu1.ethermine.org:4444 -ewal 0xcb4effdeb46479caa0fef5f5e3569e4852f753a2.worker1 -epsw x"

Download : https://drive.google.com/file/d/0B6aSrIo2Pi0ea0RfdzNqcU1OZXM/view?usp=sharing
Virustotal : https://www.virustotal.com/#/file/10778bd9a28f8705018f6a6049451a3ff78e13fd99a094569f3d690126286e4e/detection

I attach all sources you can check how it works and compile by yourself (Visual Studio 2015). Report bugs, I will try fix them.

Feel free to donate if you like it 0xcb4effdeb46479caa0fef5f5e3569e4852f753a2

well ihave been using it for couple of hours now,
"x" miner is not showing up.

yesterday found an example code in C++ how to use it, its pretty straight forward didn't saved the link.

Why CMLoader ?

please make a separate thread and give this name as like CMLoader  

My guess is that he is using WinHTTP library if the project is written in C++. Someone has to be foolhardy enough to implement TLS with raw sockets In either case you can see what APIs are being used with Dependency Walker. It's all in plaintext.

I just peeked into the Claymore Dual Miner v.10.1 with IDA Pro. He doesn't pack it like most malware is packed. He uses something called VMProtect. It's a weird type "packer" -- it basically takes the assembly/machine code for the part of the executable that the author wants to obfuscate and converts it into some proprietary byte code that VMProtect invented. Then when the executable runs, the obfuscated part has to go thru VMProtect's virtual machine to get interpreted. This makes the code extremely slow when executing, but hard to reverse engineer (simply because the structure of their proprietary byte code is not documented.) The rest of the binary doesn't seem to be packed though. This btw makes me think that if the Claymore Miner wasn't packed that way it might have produced a slightly better hash rate. Just a guess though.

Oh, and as x64 binary goes, the same WinAPI assembly trampoline can be used for it as well. We'll just need to modify the machine code for it. Or, you can use WinDivert library, like this guy did with his NoFee executable.

In any case, I wouldn't mind to collaborate with you on your open source project -- as a challenge I guess. PM me if anything.