Topic: Re: [AXIOM] AxiomMemHash, Schnorr Sigs Implemented, APOS 3.0, AXH 2.0 Proposed - page 82. (Read 204903 times)
August 02, 2015, 11:02:39 AM
The strange thing to me was that one of the stollen wallets was unlocked only for staking. IDK how the thief got that one - it was fully encrypted ...
August 02, 2015, 10:56:55 AM
I do know what I am talking about regarding cryptography, it is my job. Explain to me what is wrong with my explanation if you know it better.
Ok, answer the following for me:
1) Can you tell me the key length of the private key of a wallet?
2) Can you tell me who "chooses" the private key - the "wallet" or the user?
3) At which point does the redundancy of the language come into play - a) upon private key generation or b) when a user decides to encrypt his wallet with a password of his choosing?
4) After you have explained 1-3 can you explain the relevance of the users wallet password and redundancy of a language to the private key in the wallet and how you will derive the private key of the private/public key pair from the public key if you happen to obtain the users wallet password from a rainbow table of some sorts that you are referring to?
Sure I can:
1) The lenght is 256 bit or 32 bytes if you like, which results in 16^64 or 2^256 possibilities.
2) The input for the hash function that produces the private key can be from human input or from a (strong) random generator (that is built into the wallet)
3) If I understand this question right (bit of a language barrier): In both situations
4) It is not about getting the users wallet password with a rainbow table. See answer 2 where it is possible to have human input (so called brain wallet) for the hash function that results in the private key. Those can be brute forced with a rainbow table. Also see the details of the sausage example.
August 02, 2015, 10:55:49 AM
I got hacked today through one of axioms CPU miners. Beware mates , all the appdata content were downloaded...
thats why i dl only from op sad to say but you risk a lot when u trust a stranger from the internet
August 02, 2015, 10:54:09 AM
It was definitely a troyan to me, I found it and cleaned it , but it was too late. It have been archived almost every single wallet.dat in my appdata folder. I moved the unharmed coins to brand new wallet.dat encrypted files...
EDIT: Yes I had rpc ports exposed to the network for solo mining , of course ...
EDIT: Yes I had rpc ports exposed to the network for solo mining , of course ...
For myself, just curious, and others who might want to know. Did you get the name of the trojan?
EDIT: It might others who were infected also.
August 02, 2015, 10:52:11 AM
All this wallet hacking got my nervous I just encrypted my wallet and added the local rpc. I run mine off a server right now for staking purposes and to have the wallet on 24/7.
August 02, 2015, 10:50:32 AM
It was definitely a troyan to me, I found it and cleaned it , but it was too late. It have been archived almost every single wallet.dat in my appdata folder. I moved the unharmed coins to brand new wallet.dat encrypted files...
EDIT: Yes I had rpc ports exposed to the network for solo mining , of course ...
EDIT: Yes I had rpc ports exposed to the network for solo mining , of course ...
For myself, just curious, and others who might want to know. Did you get the name of the trojan?
EDIT: It might others who were infected also.
August 02, 2015, 10:47:36 AM
It was definitely a troyan to me, I found it and cleaned it , but it was too late. It have been archived almost every single wallet.dat in my appdata folder. I moved the unharmed coins to brand new wallet.dat encrypted files...
EDIT: Yes I had rpc ports exposed to the network for solo mining , of course ...
EDIT: Yes I had rpc ports exposed to the network for solo mining , of course ...
August 02, 2015, 10:44:27 AM
I do know what I am talking about regarding cryptography, it is my job. Explain to me what is wrong with my explanation if you know it better.
Ok, answer the following for me:
1) Can you tell me the key length of the private key of a wallet?
2) Can you tell me who "chooses" the private key - the "wallet" or the user?
3) At which point does the redundancy of the language come into play - a) upon private key generation or b) when a user decides to encrypt his wallet with a password of his choosing if he actually decides to encrypt his wallet?
4) After you have explained 1-3 can you explain the relevance of the users wallet password and redundancy of a language to the private key in the wallet and how you will derive the private key of the private/public key pair from the public key by using the wallet password if you happen to obtain the users wallet password from a rainbow table of some sorts that you are referring to? My question in point 4 is what you are in fact saying is possible in your argument.
August 02, 2015, 10:37:42 AM
So the dumper at trex is hacker not whale?
August 02, 2015, 10:33:21 AM
So many people have gotten hacked 
. Good thing I run my miner on a different computer than my wallet and I always encrypt no matter what.
. Good thing I run my miner on a different computer than my wallet and I always encrypt no matter what. August 02, 2015, 10:30:29 AM
Even with that, can't some hacker just generate a rainbow table? They would compare their rainbow table to the blockchain, and when they get a match, just import the private key into their wallet and steal those coins? Or would that be too unwieldy?
http://directory.io <-- bitcoin
http://buttcoins.com <-- bitcoin, clamcoin, dogecoin, litecoin
Start searching. Those websites contain every possible address and private key.
Those sites are probably fake or maybe contains only a tiny fraction of the keyspace. It is not possible to create a rainbow table for Bitcoin with today's technology. It will take too much time and energy and storage space. There are so many links to quote where people have already answered why this is not possible at this point. Just google it. Ill past a few:
Link 1
Link 2
Link 3
Rainbow tables can still be usefull for weak private keys. As I have read the private key can be a sha256 hash of every possible (non zero) input. Now if you take a dictionary of common words there is a change of hitting a valid private key. Like for example 'sausage' if you hash the string 'sausage' and import the (base58 encoded) outcome in your bitcoin wallet you will see that it was used. They are als usefull for keys generated with weak random number generators (like in Android or Java). I investigated the hack where I lost my coins and I do not think it was done with a trojan. My geuss is that the axiom wallet rpc interface is vulnerble for buffer overflow or maybe it uses a weak random generator. I am still investigating it, but my network logging does not show signs of a trojan.
You dont have a clue what you are talking about regarding public/private key cryptography do you?
I guess this also applies to you. Are you sure you have no signs of a trojan on your system? Upload your wallet and minerd again and compare the virustotal hashes.
https://bitcointalksearch.org/topic/m.12024102
I do know what I am talking about regarding cryptography, it is part of my daily job. Explain to me what is wrong with my explanation if you know it better.
Let me explain the sausage example (all uncompressed):
SHA256(sausage) = 30caae2fcb7c34ecadfddc45e0a27e9103bd7cfc87730d7818cc096b1266a683
BASE58(30caae2fcb7c34ecadfddc45e0a27e9103bd7cfc87730d7818cc096b1266a683) = 5JBmuBc64pVrKLyDc8ktyXJmAeEwKQogn6jsk6taeq8zRMtGZrE
Now the derived public key will be 1TnnhMEgic5g4ttrCQyDopwqTs4hheuNZ
Check the block explorer: https://blockchain.info/address/1TnnhMEgic5g4ttrCQyDopwqTs4hheuNZ
The result, a public and private key based on the word 'sausage':
1TnnhMEgic5g4ttrCQyDopwqTs4hheuNZ
5JBmuBc64pVrKLyDc8ktyXJmAeEwKQogn6jsk6taeq8zRMtGZrE
Now tell me, where am I wrong?
August 02, 2015, 10:27:26 AM
I got hacked today through one of axioms CPU miners. Beware mates , all the appdata content were downloaded...
not so long i lost all my crave and various ppl are reporting of different hack on different coins getting stolen. funny thing is i believe there is some sort of 0day exploit as recently malwarebyte blocked one IP trying to remote control axoim running wallet. maybe someone with skills could explore that area.Rainbow tables can still be usefull for weak private keys. As I have read the private key can be a sha256 hash of every possible (non zero) input. Now if you take a dictionary of common words there is a change of hitting a valid private key. Like for example 'sausage' if you hash the string 'sausage' and import the (base58 encoded) outcome in your bitcoin wallet you will see that it was used. They are als usefull for keys generated with weak random number generators (like in Android or Java). I investigated the hack where I lost my coins and I do not think it was done with a trojan. My geuss is that the axiom wallet rpc interface is vulnerble for buffer overflow or maybe it uses a weak random generator. I am still investigating it, but my network logging does not show signs of a trojan.
getting closer?I have the same thoughts. Somehow the axiom wallet has a vulnerability but I am not sure what. Looking through the sourcecode now to see if I can find unchecked buffers or other vulnerabilities.
August 02, 2015, 10:23:11 AM
Sorry , I misunderstood , The Hack weren't trough Axiom's miner , it was elsewhere..
Did you had the RPC or P2P port exposed to the internet? What address were the coins sent to?
August 02, 2015, 10:05:51 AM
Even with that, can't some hacker just generate a rainbow table? They would compare their rainbow table to the blockchain, and when they get a match, just import the private key into their wallet and steal those coins? Or would that be too unwieldy?
http://directory.io <-- bitcoin
http://buttcoins.com <-- bitcoin, clamcoin, dogecoin, litecoin
Start searching. Those websites contain every possible address and private key.
Those sites are probably fake or maybe contains only a tiny fraction of the keyspace. It is not possible to create a rainbow table for Bitcoin with today's technology. It will take too much time and energy and storage space. There are so many links to quote where people have already answered why this is not possible at this point. Just google it. Ill past a few:
Link 1
Link 2
Link 3
Rainbow tables can still be usefull for weak private keys. As I have read the private key can be a sha256 hash of every possible (non zero) input. Now if you take a dictionary of common words there is a change of hitting a valid private key. Like for example 'sausage' if you hash the string 'sausage' and import the (base58 encoded) outcome in your bitcoin wallet you will see that it was used. They are als usefull for keys generated with weak random number generators (like in Android or Java). I investigated the hack where I lost my coins and I do not think it was done with a trojan. My geuss is that the axiom wallet rpc interface is vulnerble for buffer overflow or maybe it uses a weak random generator. I am still investigating it, but my network logging does not show signs of a trojan.
You dont have a clue what you are talking about regarding public/private key cryptography do you?
I guess this also applies to you. Are you sure you have no signs of a trojan on your system? Upload your wallet and minerd again and compare the virustotal hashes.
https://bitcointalksearch.org/topic/m.12024102
August 02, 2015, 10:05:33 AM
I got hacked today through one of axioms CPU miners. Beware mates , all the appdata content were downloaded...
not so long i lost all my crave and various ppl are reporting of different hack on different coins getting stolen. funny thing is i believe there is some sort of 0day exploit as recently malwarebyte blocked one IP trying to remote control axoim running wallet. maybe someone with skills could explore that area.Rainbow tables can still be usefull for weak private keys. As I have read the private key can be a sha256 hash of every possible (non zero) input. Now if you take a dictionary of common words there is a change of hitting a valid private key. Like for example 'sausage' if you hash the string 'sausage' and import the (base58 encoded) outcome in your bitcoin wallet you will see that it was used. They are als usefull for keys generated with weak random number generators (like in Android or Java). I investigated the hack where I lost my coins and I do not think it was done with a trojan. My geuss is that the axiom wallet rpc interface is vulnerble for buffer overflow or maybe it uses a weak random generator. I am still investigating it, but my network logging does not show signs of a trojan.
getting closer?make sure you add this to your conf file
rpcallowip=127.0.0.1
There are people out there that ping the nodes and try the blogged username and passwords. It only takes a couple seconds before you loose everything once they have RPC access.
So binding the above ip and using alphanumeric user name and password should be sufficient?
August 02, 2015, 09:49:18 AM
I take it the minerd from the original post is still safe?
August 02, 2015, 09:39:28 AM
I don't have a .conf in my directory... still getting 55 connections and staking though.. is ther aneed for the config file?
August 02, 2015, 09:31:10 AM
I got hacked today through one of axioms CPU miners. Beware mates , all the appdata content were downloaded...
not so long i lost all my crave and various ppl are reporting of different hack on different coins getting stolen. funny thing is i believe there is some sort of 0day exploit as recently malwarebyte blocked one IP trying to remote control axoim running wallet. maybe someone with skills could explore that area.Rainbow tables can still be usefull for weak private keys. As I have read the private key can be a sha256 hash of every possible (non zero) input. Now if you take a dictionary of common words there is a change of hitting a valid private key. Like for example 'sausage' if you hash the string 'sausage' and import the (base58 encoded) outcome in your bitcoin wallet you will see that it was used. They are als usefull for keys generated with weak random number generators (like in Android or Java). I investigated the hack where I lost my coins and I do not think it was done with a trojan. My geuss is that the axiom wallet rpc interface is vulnerble for buffer overflow or maybe it uses a weak random generator. I am still investigating it, but my network logging does not show signs of a trojan.
getting closer?make sure you add this to your conf file
rpcallowip=127.0.0.1
There are people out there that ping the nodes and try the blogged username and passwords. It only takes a couple seconds before you loose everything once they have RPC access.
August 02, 2015, 08:59:32 AM
Sorry , I misunderstood , The Hack weren't trough Axiom's miner , it was elsewhere..
o ok ...
and im assuming this is windows ... again ...
:| ...
#crysx
August 02, 2015, 08:56:07 AM
Sorry , I misunderstood , The Hack weren't trough Axiom's miner , it was elsewhere..
Jump to: