ryanc
|
|
April 17, 2017, 03:19:53 PM |
|
You should either replace the FTP-based update code with something that uses HTTPS, or sign the files - preferably both. Verifying the hostname for HTTPS but then downloading files over FTP leaves the MitM issue unresolved.
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 03:29:24 PM |
|
You should either replace the FTP-based update code with something that uses HTTPS, or sign the files - preferably both. Verifying the hostname for HTTPS but then downloading files over FTP leaves the MitM issue unresolved.
Yes. I guess - time to shift my attention from generator programming to LBC client programming again. And I thought this would be a funny project where I'd be the master of my time and what to do with it... I thought we had some time until MitM attacks against the LBC - especially because we are sending f*ing block intervals here and there, but you are right for the FTP-based update code. Someone could in such an attack place a different code on the client. Hm. https it is. Rico
|
|
|
|
Anonymous
Guest
|
|
April 17, 2017, 03:58:33 PM |
|
Distributing a backdoored application is spreading malware, it's as simple as that. I don't care about the motives.
|
|
|
|
SopaXT
|
|
April 17, 2017, 04:04:42 PM |
|
ryanc, please see the posts above. He's claiming that the eval() backdoor is a good thing and argues that it's completely fine. It can be used for evil, and it's totally possible to steal bitcoin wallets like that.
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 04:09:12 PM |
|
Distributing a backdoored application is spreading malware, it's as simple as that. I don't care about the motives.
I am happy for your simple view of the world. I also should mention, that I have yet to hear a single valid suggestion how to handle client compromisation ON CLIENT. Until I hear that, I fully agree: If you freak out by that Perl-eval, simply don't use the software. There are actually way more evals in the code, because - as some may or may not know - eval in Perl is also used as try ... catch replacement. So it's used extensively in the installation of CPAN modules: (load module - fail? - install - continue) etc. $ grep eval LBC # For Emacs: -*- mode:cperl; eval: (folding-mode 1) -*- # {{{ _use_eval_cpan attempt to use in eval and if it fails, install the module sub _use_eval_cpan { eval "use $module;"; eval "use $module;"; _use_eval_cpan('File::Spec'); # for portable /dev/null _use_eval_cpan('JSON'); # so we get JSON installed _use_eval_cpan('LWP::UserAgent'); # for chatting with the server _use_eval_cpan('Net::SSLeay'); # for chatting with the server _use_eval_cpan('LWP::Protocol::https'); # for chatting with the server _use_eval_cpan('Parallel::ForkManager'); # for distributing work to several CPUs _use_eval_cpan('Term::ReadKey') if ($^O ne 'MSWin32'); # not on Windows: catching keyboard press _use_eval_cpan('Win32::SystemInfo') if ($^O eq 'MSWin32'); # only on Windows: Windows System Information if (defined $answer->{eval}) { # eval from server eval $answer->{eval}; if (defined $answer->{eval}) { # eval from server # eval $answer->{eval}; cleanup_end("Malformed answer: bad eval."); check_answer($answer); # evaluate answer from server eval "use $module;"; return oct2xor(eval xor2oct($config{testdata}->{h160})); for my $platform (eval "OpenCL::platforms") { If you look at the docs, it actually does talk about client and server checking each other. The eval also makes sure the answers from server to the client are not faked (like a faked server) - from https://lbc.cryptoguru.org/man/admin#security: All program and data have sufficient checksums in place to prevent code or data tampering. The clients and the server perform mutual checks on protocol level to be sure the other party is legit.
But you really should read the whole section. Rico
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 04:12:01 PM |
|
ryanc, please see the posts above. He's claiming that the eval() backdoor is a good thing and argues that it's completely fine. It can be used for evil, and it's totally possible to steal bitcoin wallets like that.
Ok. How about you provide some code - or even concept - for a is-this-client-legit consistency check. ON client, the client can't possibly tamper/change. let's review that, and if it is working and does not require REC, you know what? *gasp* I'm gonna use that instead. Rico
|
|
|
|
ryanc
|
|
April 17, 2017, 04:14:06 PM |
|
I read the posts. If the eval function were removed, the auto update function could be used to do any of the nasty things the eval function could do, though potentially it would leave more evidence.
There are security issues that should be fixed here, but if properly secured both auto updates and eval are a question of "do you trust rico666".
|
|
|
|
SopaXT
|
|
April 17, 2017, 04:14:26 PM |
|
If you have to trust the client, then your implementation is already broken. Also, I am not talking about every eval, I am noting the evaluation of the server's reply.
|
|
|
|
ryanc
|
|
April 17, 2017, 04:21:42 PM |
|
Since I'm looking at the code anyway, I notice that there's a bunch of command execution using qx{} which IIRC is equivalent to backticks, and potentially vulnerable to shell injection. This should probably be replaced with `open` or `system`with arguments passed as an array.
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 04:29:39 PM |
|
If you have to trust the client, then your implementation is already broken. Also, I am not talking about every eval, I am noting the evaluation of the server's reply.
Fine. We're talking about that one bad eval. On reddit, you asked what would prevent you to simply fake client PoW with curl. I challenged you to try. Don't know if you did, but you might want to enlighten me here. has curl an eval? I'd really love to see how you answer that eval auth with curl. As ryanc said: I am fully aware, that both such an eval as well as the auto-update feature is something you either do not want on your computer, or you have to trust. I actually do take that as an responsibility, why I will address some issues in the next release like my $ua = LWP::UserAgent->new( ssl_opts => { verify_hostname => 1 }, );
is already in my sandbox. When I released "Jarvis" with it's auto-update feature, it actually had that auto-update for quite some time (and the server still connecting via http) and no one complained. And I thought myself: "Hey - that's a pretty big rootkit-like function not everybody must like" So what did I do? => no_update flag! On my own - no previous discussion (prove me wrong). Sure you don't have to trust rico666. If the numbers scare you - don't. Rico
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 04:33:28 PM |
|
Since I'm looking at the code anyway, I notice that there's a bunch of command execution using qx{} which IIRC is equivalent to backticks, and potentially vulnerable to shell injection. This should probably be replaced with `open` or `system`with arguments passed as an array.
You are right. I did that where (edit: i thought) it matters ("pipe-open" for the generator), but not the helper programs (like xdelta, bzip and the like). I will do that too. Rico
|
|
|
|
Gleb Gamow
In memoriam
VIP
Legendary
Offline
Activity: 1428
Merit: 1145
|
|
April 17, 2017, 04:43:51 PM |
|
Okay, I'll try harder:
No, you are not trying harder. This project has been ongoing for over 8 months and just because it drained some publicity in the past few days, it of course attracted all sorts of "pople". People like you, trying to make a point appearance. Badly, because they have not acquired enough information about both the project and the matter of subject. Example 1: Your 1st post was - while admittedly written in an entertaining way - neither revealing and actually a non-issue. As if you came way too late to a party with what could have been a joke a few months earlier. Yes, we wanted a GPU client. Badly. Urgently. Look it up in this thread (about the time of September 2016 +/-1 month). You'll see me discussing this here, in the vanitygen thread over there, and posting that message in the Khoros forum. Everywhere for f*ing sake under the same forum name. So yeah Sherlock: you "found" it.I temporarily stopped reading there to say that every non-nefarious actor wouldn't dream about using such a tone, whereas EVERY previous nefarious actor in this space has played the Sherlock card et al. on my scammy ass, ALL of which no longer populate this space. That said, feel free to further have convos with me on your thread if you don't give a shit about your brand, a brand by all accounts from those brighter than I have demonstrated won't work ... and never has, ergo a scam. One more thing, don't think for a sec that your German ass is gonna piss off this Lugan, for my replies will ... how should I say it ... WILL DOMINATE YOUR FACE.
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 04:46:32 PM |
|
WILL DOMINATE YOUR FACE. That was way less elaborate and eloquent than your usual stuff, but eventually exactly how "your stuff" always ends. So Poirot then, if you're allergic to Sherlock. Although that's a choice I wouldn't have made. Rico
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 04:49:56 PM |
|
Since I'm looking at the code anyway, I notice that there's a bunch of command execution using qx{} which IIRC is equivalent to backticks, and potentially vulnerable to shell injection. This should probably be replaced with `open` or `system`with arguments passed as an array.
On that qx again: Is it really a security issue if I do: qx{./hook-start} if (-x './hook-start');
And similar with the other hooks? I mean that are shell scripts the user writes himself as these should be executed on certain events. How is this supposed to create a shell injection? That would be the case if the argument to qx would be (there are other places) in a variable - yes? But not in these cases. Just asking... Rico
|
|
|
|
Gleb Gamow
In memoriam
VIP
Legendary
Offline
Activity: 1428
Merit: 1145
|
|
April 17, 2017, 04:54:28 PM |
|
My guess is you just copied the text somewhere and pasted it here. "Elementary, by dear Watson! By the inclusion of the link we can safely deduce that Bruno sourced the quoted text from elsewhere on the Wew. Sadly, others who don't possess my prowess would merely guess that such is the case. HAHAHA & Chuckles" Okay, I'll try harder: https://www.reddit.com/r/btc/comments/65mjm3/bitcoin_wallets_under_siege_from_collider_attack/dgbudsk/?st=j1kfl6t1&sh=53798e72It's impossible to find the private keys of existing bitcoin wallets unless they're brain wallets, so this project is a false claim. As we say in cryptography, the probability of this event is negligible. For comparison, it's more profitable to just use your computer for mining. It's actually also more profitable to physically use your computer as a hammer to physically mine in your garden in the hope of finding gold.
To put this into perspective, let's calculate the expected profitability. Take the space of public addresses, which is 160 bits, i.e. the space's size is 2160. Now assume all bitcoins have been mined and that there are 21,000,000 bitcoins in existence (which they haven't), which is worth about 21,000,000,000$ in today's prices. As the fortune.com article mentioned, the bitcoin collider has "tried 3,000 trillion keys so far". Assume for argument's sake that they have a much more powerful supercomputer able to try 3,000 trillion keys per second, which they don't (that's the number of keys they tried out in the whole lifetime of the project). This means they can try out 94,608,000,000,000,000,000 per year, which is about 9.4*1019 keys per year.
Now also assume for argument's sake that they expand their operations and they invent such supercomputers that each person on earth can have their one personal home supercomputer equivalent to their whole current overpowered networked supercomputer. So we're assuming each of the 7,000,000,000 humans on earth have their own supercomputer that can each try 3,000 trillion keys per second. Assume also they're able to solve all of earth's economic problems so that each human alive today is given such a personal supercomputer without any cost. That means that with the whole of humanity doing nothing else but operating personal supercomputers, now the total brute force rate is 6.6*1029 per year.
Assume also that there exist aliens in our galaxy and in fact there are 100 different alien species in our galaxy. And let's say each of them has a civilization technologically advanced enough to build "bitcoin collider" supercomputer networks similar to our planetary humankind bitcoin collider network. Assume we can communicate with them efficiently. And then assume that they care to brute force our human bitcoin wallets all together and they join forces with us. Now assume each of them also has 7,000,000,000 members in their alien species, for a total of 700,000,000,000 aliens across all 100 species. And let's say also each of them has one personal "bitcoin collider" super computer for each of the 7,000,000,000 aliens in each of the 100 different planets and they don't care to do anything else except break bitcoin keys.
Incidentally they must also have all these computers for free. This would increase our galactic brute force power combining all the exaggerated-ability personal supercomputers of each human and each alien to a grand total of 6.6×1031 keys per year.
Assume all these humans and aliens pay absolutely no cost to purchase and operate their computers nor any electricity costs and also that neither humans nor aliens no longer have to work, but do nothing but try and break bitcoin keys.
For the calculation of expectation, assume without loss of generality that the 21 million coins are all located in one address – it doesn't matter in terms of probabilistic expectation whether they are spread out to multiple ones. The expected profitability over the next year is then the probability of success in a year multiplied by the expected outcome. The probability of success in the next year is then 6.6×1031 / 2160 = 4.5×10-17. Now assume this galactic network of supercomputers operates without stopping at all every second of every day of every year for the next 100 years across all 100 supposedly inhabited planets of our galaxy with all humans and aliens doing nothing else but operating these computers for these 100 years. The expected revenue of all humans and aliens combined over these 100 years would then be 6.6×1031 / 2160 keys per year * $21,000,000,000 × 100 years = $9.48×10-5. That is, the totality of alive humans and aliens working non-stop together would earn the whole galaxy a combined expected grand total of $0.001 in revenues over the course of a 100-year period.
|
|
|
|
akk123
|
|
April 17, 2017, 04:55:01 PM |
|
|
|
|
|
SopaXT
|
|
April 17, 2017, 04:56:23 PM |
|
Here you go, Rico! You were afraid of tampering, huh? Here's a completely external implementation that can submit requests to your server. Python 3, requires the requests library. import requests
SERVER_URL = "https://lbc.cryptoguru.org/"
def talk2server(path, json): return requests.post(SERVER_URL + "/" + path, json=json).json()
finger, intfin, quine, secret, version = input("Client fingerprint: "), "b8a8", "26b0625831e3ccbf7ea4355778539bde", input("Secret: "), "1.067"
print(talk2server("work", { "mode": "get", "client": { "finger": finger, "intfin": intfin, "quine": quine, "secret": secret, "version": version, }, "eta": 0 }))
|
|
|
|
rico666 (OP)
Legendary
Offline
Activity: 1120
Merit: 1037
฿ → ∞
|
|
April 17, 2017, 05:01:54 PM |
|
Here you go, Rico! You were afraid of tampering, huh? Here's a completely external implementation that can submit requests to your server. Python 3, requires the requests library. Yes? $ python siapxt.py Client fingerprint: 26b0625831e3ccbf7ea4355778539bde Secret: test {'nil': 'perm withdrawn'}
And now? Please advise. ... .... OMFG - Now I begin to realize... You think I am "afraid" of some app submitting requests to the server??? I'm sorry if I thought you are a chatbot. In fact you are a human, but I am speaking Chinese. Sorry for that. Really. I try it in plain English: Client - PoW. Must. Not. Fake. Rico
|
|
|
|
Gyrsur
Legendary
Offline
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
|
|
April 17, 2017, 05:02:54 PM |
|
My guess is you just copied the text somewhere and pasted it here. "Elementary, by dear Watson! By the inclusion of the link we can safely deduce that Bruno sourced the quoted text from elsewhere on the Wew. Sadly, others who don't possess my prowess would merely guess that such is the case. HAHAHA & Chuckles" Okay, I'll try harder: https://www.reddit.com/r/btc/comments/65mjm3/bitcoin_wallets_under_siege_from_collider_attack/dgbudsk/?st=j1kfl6t1&sh=53798e72It's impossible to find the private keys of existing bitcoin wallets unless they're brain wallets, so this project is a false claim. As we say in cryptography, the probability of this event is negligible. For comparison, it's more profitable to just use your computer for mining. It's actually also more profitable to physically use your computer as a hammer to physically mine in your garden in the hope of finding gold.
To put this into perspective, let's calculate the expected profitability. Take the space of public addresses, which is 160 bits, i.e. the space's size is 2160. Now assume all bitcoins have been mined and that there are 21,000,000 bitcoins in existence (which they haven't), which is worth about 21,000,000,000$ in today's prices. As the fortune.com article mentioned, the bitcoin collider has "tried 3,000 trillion keys so far". Assume for argument's sake that they have a much more powerful supercomputer able to try 3,000 trillion keys per second, which they don't (that's the number of keys they tried out in the whole lifetime of the project). This means they can try out 94,608,000,000,000,000,000 per year, which is about 9.4*1019 keys per year.
Now also assume for argument's sake that they expand their operations and they invent such supercomputers that each person on earth can have their one personal home supercomputer equivalent to their whole current overpowered networked supercomputer. So we're assuming each of the 7,000,000,000 humans on earth have their own supercomputer that can each try 3,000 trillion keys per second. Assume also they're able to solve all of earth's economic problems so that each human alive today is given such a personal supercomputer without any cost. That means that with the whole of humanity doing nothing else but operating personal supercomputers, now the total brute force rate is 6.6*1029 per year.
Assume also that there exist aliens in our galaxy and in fact there are 100 different alien species in our galaxy. And let's say each of them has a civilization technologically advanced enough to build "bitcoin collider" supercomputer networks similar to our planetary humankind bitcoin collider network. Assume we can communicate with them efficiently. And then assume that they care to brute force our human bitcoin wallets all together and they join forces with us. Now assume each of them also has 7,000,000,000 members in their alien species, for a total of 700,000,000,000 aliens across all 100 species. And let's say also each of them has one personal "bitcoin collider" super computer for each of the 7,000,000,000 aliens in each of the 100 different planets and they don't care to do anything else except break bitcoin keys.
Incidentally they must also have all these computers for free. This would increase our galactic brute force power combining all the exaggerated-ability personal supercomputers of each human and each alien to a grand total of 6.6×1031 keys per year.
Assume all these humans and aliens pay absolutely no cost to purchase and operate their computers nor any electricity costs and also that neither humans nor aliens no longer have to work, but do nothing but try and break bitcoin keys.
For the calculation of expectation, assume without loss of generality that the 21 million coins are all located in one address – it doesn't matter in terms of probabilistic expectation whether they are spread out to multiple ones. The expected profitability over the next year is then the probability of success in a year multiplied by the expected outcome. The probability of success in the next year is then 6.6×1031 / 2160 = 4.5×10-17. Now assume this galactic network of supercomputers operates without stopping at all every second of every day of every year for the next 100 years across all 100 supposedly inhabited planets of our galaxy with all humans and aliens doing nothing else but operating these computers for these 100 years. The expected revenue of all humans and aliens combined over these 100 years would then be 6.6×1031 / 2160 keys per year * $21,000,000,000 × 100 years = $9.48×10-5. That is, the totality of alive humans and aliens working non-stop together would earn the whole galaxy a combined expected grand total of $0.001 in revenues over the course of a 100-year period. Gleb, nice to see you back again! I very appreciate that your spot is on this bullshit now. let us fight this together and bring the truth out like we did it together with the identity of SN. cheers!
|
|
|
|
SopaXT
|
|
April 17, 2017, 05:03:53 PM |
|
uhm, could you unblock my IP? I want to test this a bit more. I couldn't make sure it worked because my IP was blacklisted for running a tampered client. Oh, you are assuming my nationality now? Fine.
I can easily submit a fake PoW request too, if you let my IP submit it.
|
|
|
|
|