Topic: # ThiefBot - 1000 BTC Puzzle Transaction Replacer (Read 337 times)

For that, refer to the other puzzle transaction outputs with public key exposed (divisible by 5, by arrangement, not 'vout').
Specially; #70, #75, #80 which was solved after a few minutes/days after the solver(s) noticed that the creator leaked their pubKeys,
If it's officially announced, it would have been spent in seconds to a minute.
#67 will be a lot easier than #70 once its pubKey is exposed.

For actual testing, here's my result using a mid-2019 PC for solving puzzle 66's private key (merely 53.57 MK/s):

inFile:
Command Line:

That's with a CPU, no GPU used and it's still within the average block time.
#67 is harder than #66 but with 10GPUs of an actual "stealer", it will be solved in literally a second, even 1GPU will be fast enough.

Thanks for this confirmation, i owe an apology to ErikSatooo. Already removed the negative tag from his profile.

Is hard to trust in those .exe files, and more when VT show us a result like that, but looks like it was a mistake, not sure why it print that positive result on trojans, maybe it was a false positive, who knows...

Now getting back to topic, i still think it's impossible to fins that private key before the transaction is confirmed. But good luck to OP, if you believe it's possible then try it and prove we are wrong.

I guess when a solver of puzzle #67 is stupid enough to move the coins in public, the solver deserves to be robbed? The morality of this is questionable at least. Discussing moral aspects isn't the topic here though.

I know that one could argue, if the public withdrawal of a puzzle's address exposes the public key then anybody else has the right to find the low entropy private key via sufficiently fast known methods without being a thief. (Oh well, it's still somewhat amoral to let someone do the hard work and exploit that...)

Now that's a confidence booster. You could've at least the decency to fully test it, couldn't you? Oh wait, it's obviously too much to ask for, because you would've to spend little coins to test this from start to finish (create your own low entropy private key, fund it with few 10k sats, make a withdrawal transaction to expose the public key and then see if your ChatGPT code shit actually does it's thing from start to finish, i.e. submitting the "stealing" transaction successfully to slipstream.mara.com).

I've doubts that you even tested how to successfully submit a transaction to slipstream.mara.com which would be a crucial step to succeed the whole thing.


Why do you want to waste such an absurdly high transaction fee, totally unnecessary, except you want slipstream.mara.com to become alert of something unusual and respond to your submit in a manner you certainly didn't anticipate. Just pay 20k or 50k Sats fee and it's more than enough (slipstream.mara.com seems to take about double of current high priority fee as minimum). Your transaction is anyway prioritized to be mined in a Mara pool block and only in those, so it can take a while.

I don't know, but @nc50lc guess sounds reasonable.


We could just check whether the SHA-256 hash of your Kangoroo.exe and JeanLucPons Kangoroo.exe. I just did that and I can confirm both have same SHA-256 hash. And for future reference, i downloaded both .exe from these
https://github.com/erikzera/ThiefBot/tree/29e72de97372e042b421c773addc6c71391bd714
https://github.com/JeanLucPons/Kangaroo/releases/tag/2.2

I agree, it's not easy at all if not impossible to find a private key of a specific btc address without knowing the specific range where the key lies, but in this case, this is about the 1000 BTC Puzzle Transcation, which the creator of the puzzle gave clues to where the ranges are, and if you have a specific range , and a public key, the program called Kangaroo.exe finds the private key within around 1 minute or less (depending on your hardware power)

It's not a trojan see here: https://github.com/JeanLucPons/Kangaroo , and the forum for it https://bitcointalksearch.org/topic/pollards-kangaroo-ecdlp-solver-5244940

Seems like you misunderstood the purpose of my post, it's not some magical private key finder , it's built specifically for a puzzle. NOT FOR FINDING ANYONES PRIVATE KEY , that'd be absurd and if it were to exist , btc would plummet to 0$

That's actually incorrect, as soon as a signature is available you have the public key. No need to wait for the transaction to be confirmed. So it is possible to run some kind of a bot like this and make some bitcoins, under the condition that someone else actually works on puzzle 67.

I can gaurantee i used the same kangaroo as from pollards kangaroo in https://github.com/JeanLucPons/Kangaroo

Scan that and if you dont get the same results, you can ban me. I have no use to lie to you.   

This is a nice joke, if you really think it would be that easy to find a private key then just run your kangaroo.exe all day and become millionaire in the next 24 hours.

That's the main problem with your code, there is no way to find the private key before the transaction confirms, if you want to bruteforce an address it will take years, a lot of years to find that private key, so, brutforce is not was real way to attack bitcoin, it's impossible to find privatekeys that way.

And you shouldn't share troyanized software in the forum, that's a cruel move, i will have to leave a negative reputation for that.

There is room for improvement.

Since nobody would want to send out partial amounts from the puzzle addresses, you have to figure out how you're going to fetch address balances and send everything - while leaving room for the transaction fee.

Obviously you don't want to set the fee to 1BTC, that is way too much. Maybe 0.001 BTC is enough if you want to get a high priority.

The solver could have contracted the miner of block 861068 to exclusively include the transaction to their block.
Without getting in any other node's mempool, no bot will find its public key.

That's my best guess since the solver of puzzle 66 didn't left any remarks.

Thats true, but how come it didnt happen last time? With puzzle 66, im assuming atleast 2-3 people had bots, so they would've wasted the fee into the miners pool anyway.

---

Yes, no problem. I think i can make it better, directly scanning transactions from the puzzle 67 wallet, I dont know why i didnt do that from that start, but the current method to scan is just transactions happening live on mempool, it scans through them till it finds a transaction from the puzzle 67 wallet, i think it'd be more efficient if the code just scanned only that specific wallet for transactions and not the whole mempool

It doesn't really work because multiple bots will keep increasing TX fee, until most of the coin "taken" by miner. Here's an example on mainnet, Re: Paid 0.7 btc fee! Any chance to return it?.

My anti virus (windows defender) blocks it instantly, but i'll try to swap out the kangaroo binary with mine and let you know how it work on a testnet. besides that, very nice for sharing!

BTC # ThiefBot - 1000 BTC Puzzle Transaction Replacer

BEFORE ANY GENIUSES COME AT ME, THIS IS FOR THE PUZZLE TRANSACTION, NO THIS DOESNT WORK ON ANY BTC ADDRESS, ONLY ON THE BTC ADDRESSES LISTED HERE: https://privatekeys.pw/puzzles/bitcoin-puzzle-tx

Guys, I've never developed with Python before.
 I made this using chatgpt, to my knowledge, It seems to be working, I havent tested it to the full capability, but im confident it could work (Probably not since there are faster bots out there, but it's a fun little thing, it also submits the transaction hex into the mara slipstream, so thats fun.)

A python code which scans the BTC mempool for transaction from a specific wallet, and if found, then it takes public key from the transaction, and uses it to run Kangaroo.exe, which quickly finds the private key within a specified range using that Public Key.
After getting the private key, it creates a raw transaction to a specified address
Signs the transaction using the private key
Then submits the transaction hex into the https://slipstream.mara.com/ Mining Pool for fast confirmation (hopefully) (couldnt find their api so i just used selenium webdriver to automate this yes its slow again im not an expert at coding nor do i know how to code Python that good myself)

The default fee is 1.0 BTC ( i assumed the transaction would be confirmed faster if the fee was this high, probably not though.)
You'll get 6.0 BTC if it actually works.

If you guys see any issues or have suggestions for the code, please let me know i would love to try and fix anything.

github link :  https://github.com/erikzera/ThiefBot/tree/main