Note to people living in warzones:
Initially, we wrote this tutorial for the victims of scammers.
However:
Take the money of your enemies, and they must give up.
Without money, no army can keep fighting.
In this tutorial, we explain how to steal back your Bitcoins.
Responsibly use this knowledge:
To take back only your assets.
1) Vulnerability Hunt
First, you have to find a vulnerability.
You have to find a good database.
If you are lucky, your target was lazy to patch up a system.
You might succeed with a public database.
You can find many using Google.
We have cracked Bitcoins using public vulnerabilities in:
- https://www.cnvd.org.cn/ (best one, successfully used)
- https://jvn.jp/en/ (successfully used)
- https://nvd.nist.gov/ (successfully used)
- https://vuldb.com/ (successfully used)
- https://www.cvedetails.com/ (successfully used)
- https://security.snyk.io/ (partners recommended)
- https://www.whitesourcesoftware.com/vulnerability-database/ (never tried)
If you do not know what system your targets use, talk to them.
Spy on them.
Look up where they are active.
Social media?
What products do they like/follow?
Do they have a website?
Can they afford Apple products?
You get the names you will find vulnerabilities, too.
2) Exploit Jack
An exploit is a code that utilizes a vulnerability and injects a payload into the target system.
Payload might be malware.
Or something else.
It is supposed to get your Bitcoins.
We explain a technique to build an exploit without programming skills.
Thus, we call it "Exploit Jack" and not "Exploit Programming."
2.1) Malware Exploits
If the payload is malware, it might be any variation of ransomware, trojan, keylogger, RAT, virus, worm, spyware, and many more.
These exploits are called Malware Exploits.
Since we do not want to infect this community accidentally, we do not publish these now.
Contact me in private if you want to discuss this particular group of exploits!
2.2) Malicious Exploits
If the payload is a malicious code, not malware, we call it a malicious exploit.
It is "malicious" only from the perspective of the scammer.
(Since you are taking back only your assets, I assume.)
Unlike malware, the malicious exploit does not infect you if you click on it.
You will have to send it using an Application Programming Interface (API).
So, we shared many examples for educational purposes already:
- Low Liquidity Elevation of Privilege (LLEP) - API Cracking on Binance: https://bitcointalksearch.org/topic/binance-api-cracking-low-liquidity-elevation-of-privilege-llep-5383676
- Liquidity Pool Block Exploit: https://bitcointalksearch.org/topic/m.59011949
- Transfer Block Exploit: https://bitcointalksearch.org/topic/m.58947334
You already found a vulnerability.
To jack an exploit, guess what you will use:
An exploit database.
Vulnerability databases, exploit databases are all free.
You do not have to spend a satoshi.
We have found working exploits out of the box in:
- 0day.today (best one, successfully used)
- https://www.exploit-db.com/ (successfully used)
- https://www.rapid7.com/db/ (successfully used)
- https://github.com/offensive-security/exploitdb (successfully used)
- https://cxsecurity.com/exploit/ (successfully used)
- https://packetstormsecurity.com/files/tags/exploit/ (successfully used)
You have the vulnerability.
You find an exploit for this vulnerability.
You smash it.
3) Attack
First, you need a VPN.
https://nordvpn.com is a good primary software.
Hackers usually write exploits in Python.
You do not have to install anything, though.
You may use this cloud IDE:
https://www.pythonanywhere.com/
It also functions as a secondary VPN, server, and DDoS shield.
All in one.
And you do not have to develop (=understand) anything.
Copy & paste the exploit.
Paste the data of the target (IP, username, whatever the exploit requires.)
Run.
They might ask questions because of your suspicious traffic.
However, you are taking back / protecting your assets, aren't you?
Good luck!
If you have any problem, come to us.
We help everyone and ask only small favors in return.
Thank you for your attention!
Thanks to Bitcointalk for hosting our educational materials!
- Team Code X, founders of Empyria Market