Bitcoin Forum
March 29, 2024, 10:40:47 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: WTF? bitcoin-qt Wallet Passphrase in history??? (Bitcoin Knots)  (Read 5504 times)
rico666 (OP)
Legendary
*
Offline Offline

Activity: 1120
Merit: 1037


฿ → ∞


View Profile WWW
September 16, 2016, 08:41:36 AM
Last edit: November 15, 2016, 10:58:27 AM by gmaxwell
Merited by ABCbits (1)
 #1

I just found out, that my wallet passphrase is kept SOMEWHERE in the history of the debug window in my bitcoin-qt client.

WTF!?

For importing private keys (or whatever other operation needs this), you have to unlock the wallet if it is protected by a passphrase.
You do this by typing

walletpassphrase "<your passphrase here>" <time>

in the CLI of the debug window to get it unlocked for a <time> limit. Now when someone gained access to the computer, and fired up the debug window, all he had to do was going up the history (arrow up) to see the passphrase in clear text.

"Ich glaube, mein Schwein pfeift" as some Germans would comment on that.

How do I get rid of this unbelievable behavior? How do I find out which "developer" is responsible for that?


Rico

all non self-referential signatures except mine are lame ... oh wait ...   ·  LBC Thread (News)  ·  Past BURST Activities
In order to achieve higher forum ranks, you need both activity points and merit points.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
Foxpup
Legendary
*
Offline Offline

Activity: 4312
Merit: 3037


Vile Vixen and Miss Bitcointalk 2021-2023


View Profile
September 16, 2016, 09:44:41 AM
Merited by ABCbits (2)
 #2

How do I get rid of this unbelievable behavior?
By clicking the Clear Console button (shortcut: Control-L), which has the added benefit that your passphrase is no longer displayed right there on the screen, so why on Earth would you not clear it anyway if other people have access to your machine? Huh

Will pretend to do unspeakable things (while actually eating a taco) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
I am not on the scammers' paradise known as Telegram! Do not believe anyone claiming to be me off-forum without a signed message from the above address! Accept no excuses and make no exceptions!
rico666 (OP)
Legendary
*
Offline Offline

Activity: 1120
Merit: 1037


฿ → ∞


View Profile WWW
September 16, 2016, 09:58:43 AM
 #3

By clicking the Clear Console button (shortcut: Control-L), which has the added benefit that your passphrase is no longer displayed right there on the screen, so why on Earth would you not clear it anyway if other people have access to your machine? Huh

There is no "Clear Console button", but Control-L works. Thanks.

I did not write other people have access to my machine, I wrote "when someone gained access". Big difference - you're welcome.

I will use Control-L from now on, but I still fail to see why this isn't default after bitcoin-qt has been closed, at least cleanse history from all critical or potentially critical information (passphrase, private keys etc.).

Quite a security risk IMHO, especially as I cannot recall to have read that big fat warning to "not forget doing Ctrl-L" after entering some sensitive information. Actually the help states Ctrl-L is for clearing the screen - not screen and history.


Rico

all non self-referential signatures except mine are lame ... oh wait ...   ·  LBC Thread (News)  ·  Past BURST Activities
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 3346
Merit: 6473


Just writing some code


View Profile WWW
September 16, 2016, 01:07:57 PM
Merited by EFS (2), ABCbits (1)
 #4

By clicking the Clear Console button (shortcut: Control-L), which has the added benefit that your passphrase is no longer displayed right there on the screen, so why on Earth would you not clear it anyway if other people have access to your machine? Huh

There is no "Clear Console button", but Control-L works. Thanks.
It's the x in the circle on the top left of the debug window.

I did not write other people have access to my machine, I wrote "when someone gained access". Big difference - you're welcome.

I will use Control-L from now on, but I still fail to see why this isn't default after bitcoin-qt has been closed, at least cleanse history from all critical or potentially critical information (passphrase, private keys etc.).
It should clear the history every time you restart Bitcoin Core. It doesn't do that when you close the debug window though.

Quite a security risk IMHO, especially as I cannot recall to have read that big fat warning to "not forget doing Ctrl-L" after entering some sensitive information. Actually the help states Ctrl-L is for clearing the screen - not screen and history.


Rico

You're a programmer. You should submit a PR to fix this, or at the very least, open an issue and suggest it. The developers don't frequent this forum anymore.

rico666 (OP)
Legendary
*
Offline Offline

Activity: 1120
Merit: 1037


฿ → ∞


View Profile WWW
September 16, 2016, 01:36:13 PM
 #5

It should clear the history every time you restart Bitcoin Core. It doesn't do that when you close the debug window though.

(i found the pale blue (x))

unfortunately, v0.13.0.0-ga402396 (64-bit) doesn't clear the history at all. Not if I restart Bitcoin Core, not if restart the computer.

You're a programmer. You should submit a PR to fix this, or at the very least, open an issue and suggest it. The developers don't frequent this forum anymore.

Ok, I'll submit a press release.  Wink


Rico

all non self-referential signatures except mine are lame ... oh wait ...   ·  LBC Thread (News)  ·  Past BURST Activities
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 3346
Merit: 6473


Just writing some code


View Profile WWW
September 16, 2016, 01:40:53 PM
 #6

It should clear the history every time you restart Bitcoin Core. It doesn't do that when you close the debug window though.

(i found the pale blue (x))

unfortunately, v0.13.0.0-ga402396 (64-bit) doesn't clear the history at all. Not if I restart Bitcoin Core, not if restart the computer.
Really? That is quite strange. It works for me on multiple systems. The history is never written to the disk so it should not persist across instances of Bitcoin Core.

You're a programmer. You should submit a PR to fix this, or at the very least, open an issue and suggest it. The developers don't frequent this forum anymore.

Ok, I'll submit a press release.  Wink


Rico

Pull requests: https://github.com/bitcoin/bitcoin/pulls

rico666 (OP)
Legendary
*
Offline Offline

Activity: 1120
Merit: 1037


฿ → ∞


View Profile WWW
September 16, 2016, 02:03:27 PM
 #7

Really? That is quite strange. It works for me on multiple systems. The history is never written to the disk so it should not persist across instances of Bitcoin Core.

Not sure about being written to disk, but it definitely had to read it from the disk.
My only explanation so far would be, that some old version of bitcoin core did write this.

I have not yet restarted my server since I found out with the 0.13.0, I actually cannot claim id does write something to the disk.
But as I have restarted Bitcoin core several times on the running server  (uptime like 2 days), I can confirm that the history stored on disk - obviously, but maybe from earlier versions - 0.13.0 did read on every startup.

Let me check again:

Yup. My bitcoin-qt definitely stores history to disk, as even garbage I put in, like

walletpassphrase "shitty passphrase" timeout

appears again after I shutdown and restart my bitcoin-qt and then simply press arrow up.


of course I know what a git PR is.


Rico

all non self-referential signatures except mine are lame ... oh wait ...   ·  LBC Thread (News)  ·  Past BURST Activities
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 3346
Merit: 6473


Just writing some code


View Profile WWW
September 16, 2016, 02:15:07 PM
 #8

Really? That is quite strange. It works for me on multiple systems. The history is never written to the disk so it should not persist across instances of Bitcoin Core.

Not sure about being written to disk, but it definitely had to read it from the disk.
My only explanation so far would be, that some old version of bitcoin core did write this.

I have not yet restarted my server since I found out with the 0.13.0, I actually cannot claim id does write something to the disk.
But as I have restarted Bitcoin core several times on the running server  (uptime like 2 days), I can confirm that the history stored on disk - obviously, but maybe from earlier versions - 0.13.0 did read on every startup.

Let me check again:

Yup. My bitcoin-qt definitely stores history to disk, as even garbage I put in, like

walletpassphrase "shitty passphrase" timeout

appears again after I shutdown and restart my bitcoin-qt and then simply press arrow up.

Rico

Huh. That should never happen. Can you make a video of it please? I am not able to reproduce this.

Foxpup
Legendary
*
Offline Offline

Activity: 4312
Merit: 3037


Vile Vixen and Miss Bitcointalk 2021-2023


View Profile
September 16, 2016, 03:08:01 PM
 #9

Not sure about being written to disk, but it definitely had to read it from the disk.
My only explanation so far would be, that some old version of bitcoin core did write this.

I have not yet restarted my server since I found out with the 0.13.0, I actually cannot claim id does write something to the disk.
But as I have restarted Bitcoin core several times on the running server  (uptime like 2 days), I can confirm that the history stored on disk - obviously, but maybe from earlier versions - 0.13.0 did read on every startup.

Let me check again:

Yup. My bitcoin-qt definitely stores history to disk, as even garbage I put in, like

walletpassphrase "shitty passphrase" timeout

appears again after I shutdown and restart my bitcoin-qt and then simply press arrow up.
No version I've ever used saves history when closed. Are you quite sure you're not just minimising it?

Will pretend to do unspeakable things (while actually eating a taco) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
I am not on the scammers' paradise known as Telegram! Do not believe anyone claiming to be me off-forum without a signed message from the above address! Accept no excuses and make no exceptions!
rico666 (OP)
Legendary
*
Offline Offline

Activity: 1120
Merit: 1037


฿ → ∞


View Profile WWW
September 16, 2016, 03:32:26 PM
Merited by ABCbits (2)
 #10

No version I've ever used saves history when closed. Are you quite sure you're not just minimising it?

Minimising?  Smiley You're talking to someone who starts (and sees ending) his bitcoin-qt like this:

Code:
# bitcoin-qt
[1]+  Done                    bitcoin-qt

it's a self-compiled version under Gentoo linux:

Code:
# eix bitcoin-qt
[I] net-p2p/bitcoin-qt
     Available versions:  0.10.2 (~)0.10.2-r1 (~)0.11.0 (~)0.11.1 (~)0.11.2 (~)0.12.0 (~)0.12.1 (~)0.13.0 **9999 {1stclassmsg bitcoin_policy_cltv bitcoin_policy_cpfp bitcoin_policy_dcmp (+)bitcoin_policy_rbf bitcoin_policy_spamfilter dbus +http kde +libevent libressl ljr +qrcode qt4 qt5 test +tor upnp +wallet xt zeromq LINGUAS="ach af af_ZA ar be_BY bg bg_BG bs ca ca@valencia ca_ES cmn cs cs_CZ cy da de el el_GR en en_GB eo es es_419 es_AR es_CL es_CO es_DO es_ES es_MX es_UY es_VE et eu_ES fa fa_IR fi fil fr fr_CA fr_FR gl gu_IN he hi_IN hr hu id_ID it it_IT ja ka kk_KZ ko_KR ku_IQ ky la lt lv_LV mk_MK mn ms_MY nb nl pam pl pt_BR pt_PT ro ro_RO ru ru_RU sah sk sl_SI sq sr sr@latin sv ta th_TH tr tr_TR uk ur_PK uz@Cyrl uz@Latn vi vi_VN zh zh_CN zh_HK zh_TW"}
     Installed versions:  0.13.0(06:14:35 PM 08/30/2016)(dbus ljr qrcode qt4 wallet -bitcoin_policy_rbf -bitcoin_policy_spamfilter -http -kde -libevent -libressl -qt5 -test -tor -upnp -zeromq LINGUAS="cs de en -af -af_ZA -ar -be_BY -bg -bg_BG -ca -ca@valencia -ca_ES -cs_CZ -cy -da -el -el_GR -en_GB -eo -es -es_AR -es_CL -es_CO -es_DO -es_ES -es_MX -es_UY -es_VE -et -eu_ES -fa -fa_IR -fi -fr -fr_CA -fr_FR -gl -he -hi_IN -hr -hu -id_ID -it -it_IT -ja -ka -kk_KZ -ko_KR -ku_IQ -ky -la -lt -lv_LV -mk_MK -mn -ms_MY -nb -nl -pam -pl -pt_BR -pt_PT -ro -ro_RO -ru -ru_RU -sk -sl_SI -sq -sr -sr@latin -sv -ta -th_TH -tr -tr_TR -uk -ur_PK -uz@Cyrl -vi -vi_VN -zh -zh_CN -zh_HK -zh_TW")
     Homepage:            http://bitcoincore.org/

of course, when I end it, no bitcoin* process runs anymore

Code:
# ps aux | grep bitcoin
root     17280  0.0  0.0 114584   772 pts/0    S+   17:28   0:00 grep --colour=auto bitcoin


So if you say I'm experiencing something no one has seen so far... interesting...


Rico

all non self-referential signatures except mine are lame ... oh wait ...   ·  LBC Thread (News)  ·  Past BURST Activities
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 3346
Merit: 6473


Just writing some code


View Profile WWW
September 16, 2016, 03:37:24 PM
Merited by ABCbits (1)
 #11

So if you say I'm experiencing something no one has seen so far... interesting...


Rico

Indeed, you are experiencing an issue that no one else has before.

Here, I made a PR fixing this: https://github.com/bitcoin/bitcoin/pull/8746.

Foxpup
Legendary
*
Offline Offline

Activity: 4312
Merit: 3037


Vile Vixen and Miss Bitcointalk 2021-2023


View Profile
September 16, 2016, 03:46:37 PM
 #12

interesting...
Very interesting, considering the RPCConsole constructor initialises the history by calling clear() and there is no code anywhere for saving or restoring history from previous sessions. Unless you (or someone else) has modified this code, what you're claiming is... impossible.

Will pretend to do unspeakable things (while actually eating a taco) for bitcoins: 1K6d1EviQKX3SVKjPYmJGyWBb1avbmCFM4
I am not on the scammers' paradise known as Telegram! Do not believe anyone claiming to be me off-forum without a signed message from the above address! Accept no excuses and make no exceptions!
2112
Legendary
*
Offline Offline

Activity: 2128
Merit: 1060



View Profile
September 16, 2016, 05:04:58 PM
 #13

Please carefully read the manpages for https://en.wikipedia.org/wiki/GNU_Readline . Depending on the version and the settings it is capable of saving history per each application linked with libreadline.so .

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
rico666 (OP)
Legendary
*
Offline Offline

Activity: 1120
Merit: 1037


฿ → ∞


View Profile WWW
September 17, 2016, 07:49:35 AM
 #14

ldd doesn't indicate libreadline or libhistory is linked:

Code:
# ldd /usr/bin/bitcoin-qt
        linux-vdso.so.1 (0x00007ffea858d000)
        libunivalue.so.0 => /usr/lib64/libunivalue.so.0 (0x00007f54822ec000)
        libleveldb.so.1 => /usr/lib64/libleveldb.so.1 (0x00007f548208e000)
        libmemenv.so.1 => /usr/lib64/libmemenv.so.1 (0x00007f5481e86000)
        libboost_system.so.1.61.0 => /usr/lib64/libboost_system.so.1.61.0 (0x00007f5481c82000)
        libboost_filesystem.so.1.61.0 => /usr/lib64/libboost_filesystem.so.1.61.0 (0x00007f5481a68000)
        libboost_program_options.so.1.61.0 => /usr/lib64/libboost_program_options.so.1.61.0 (0x00007f54817e7000)
        libboost_thread.so.1.61.0 => /usr/lib64/libboost_thread.so.1.61.0 (0x00007f54815be000)
        libboost_chrono.so.1.61.0 => /usr/lib64/libboost_chrono.so.1.61.0 (0x00007f54813b6000)
        libQtGui.so.4 => /usr/lib64/qt4/libQtGui.so.4 (0x00007f548083d000)
        libQtNetwork.so.4 => /usr/lib64/qt4/libQtNetwork.so.4 (0x00007f5480530000)
        libQtDBus.so.4 => /usr/lib64/qt4/libQtDBus.so.4 (0x00007f54802c9000)
        libQtCore.so.4 => /usr/lib64/qt4/libQtCore.so.4 (0x00007f547fdb2000)
        libqrencode.so.3 => /usr/lib64/libqrencode.so.3 (0x00007f547fba6000)
        libprotobuf.so.10 => /usr/lib64/libprotobuf.so.10 (0x00007f547f72d000)
        libdb_cxx-4.8.so => /usr/lib64/libdb_cxx-4.8.so (0x00007f547f38b000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f547f16f000)
        libcrypto.so.1.0.0 => /usr/lib64/libcrypto.so.1.0.0 (0x00007f547ed98000)
        libsecp256k1.so.0 => /usr/lib64/libsecp256k1.so.0 (0x00007f547eb72000)
        libanl.so.1 => /lib64/libanl.so.1 (0x00007f547e96e000)
        libstdc++.so.6 => /usr/lib/gcc/x86_64-pc-linux-gnu/5.4.0/libstdc++.so.6 (0x00007f547e5ec000)
        libm.so.6 => /lib64/libm.so.6 (0x00007f547e2e9000)
        libgcc_s.so.1 => /usr/lib/gcc/x86_64-pc-linux-gnu/5.4.0/libgcc_s.so.1 (0x00007f547e0d2000)
        libc.so.6 => /lib64/libc.so.6 (0x00007f547dd39000)
        librt.so.1 => /lib64/librt.so.1 (0x00007f547db31000)
        libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f547d820000)
        libpng16.so.16 => /usr/lib64/libpng16.so.16 (0x00007f547d5ed000)
        libz.so.1 => /lib64/libz.so.1 (0x00007f547d3d7000)
        libfreetype.so.6 => /usr/lib64/libfreetype.so.6 (0x00007f547d128000)
        libSM.so.6 => /usr/lib64/libSM.so.6 (0x00007f547cf1f000)
        libICE.so.6 => /usr/lib64/libICE.so.6 (0x00007f547cd02000)
        libXi.so.6 => /usr/lib64/libXi.so.6 (0x00007f547caf2000)
        libXrender.so.1 => /usr/lib64/libXrender.so.1 (0x00007f547c8e8000)
        libXrandr.so.2 => /usr/lib64/libXrandr.so.2 (0x00007f547c6dd000)
        libXfixes.so.3 => /usr/lib64/libXfixes.so.3 (0x00007f547c4d7000)
        libXcursor.so.1 => /usr/lib64/libXcursor.so.1 (0x00007f547c2cc000)
        libfontconfig.so.1 => /usr/lib64/libfontconfig.so.1 (0x00007f547c088000)
        libXext.so.6 => /usr/lib64/libXext.so.6 (0x00007f547be75000)
        libX11.so.6 => /usr/lib64/libX11.so.6 (0x00007f547bb36000)
        libssl.so.1.0.0 => /usr/lib64/libssl.so.1.0.0 (0x00007f547b8ca000)
        libQtXml.so.4 => /usr/lib64/qt4/libQtXml.so.4 (0x00007f547b68e000)
        libdbus-1.so.3 => /usr/lib64/libdbus-1.so.3 (0x00007f547b447000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f547b243000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f54824fe000)
        libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f547afff000)
        libbz2.so.1 => /lib64/libbz2.so.1 (0x00007f547adef000)
        libbsd.so.0 => /usr/lib64/libbsd.so.0 (0x00007f547abd8000)
        libexpat.so.1 => /usr/lib64/libexpat.so.1 (0x00007f547a9ae000)
        libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x00007f547a785000)
        libXau.so.6 => /usr/lib64/libXau.so.6 (0x00007f547a581000)
        libXdmcp.so.6 => /usr/lib64/libXdmcp.so.6 (0x00007f547a37b000)


The only other "anomaly" of my bitcoin-qt I am aware of, is that I start it on my server with remote display to my notebook (X Server Protocol). It should be completely transparent, but not sure if that could do something.

Naturally I would want this mystery to be solved, but I am quite reluctant to put my bitcoin-qt binary somewhere to download for inspection, as I do not know what could be stored in it.


Rico

all non self-referential signatures except mine are lame ... oh wait ...   ·  LBC Thread (News)  ·  Past BURST Activities
Luke-Jr
Legendary
*
expert
Offline Offline

Activity: 2576
Merit: 1186



View Profile
September 27, 2016, 01:28:25 AM
 #15

Code:
# eix bitcoin-qt
[I] net-p2p/bitcoin-qt
     Available versions:  0.10.2 (~)0.10.2-r1 (~)0.11.0 (~)0.11.1 (~)0.11.2 (~)0.12.0 (~)0.12.1 (~)0.13.0 **9999 {1stclassmsg bitcoin_policy_cltv bitcoin_policy_cpfp bitcoin_policy_dcmp (+)bitcoin_policy_rbf bitcoin_policy_spamfilter dbus +http kde +libevent libressl ljr +qrcode qt4 qt5 test +tor upnp +wallet xt zeromq LINGUAS="ach af af_ZA ar be_BY bg bg_BG bs ca ca@valencia ca_ES cmn cs cs_CZ cy da de el el_GR en en_GB eo es es_419 es_AR es_CL es_CO es_DO es_ES es_MX es_UY es_VE et eu_ES fa fa_IR fi fil fr fr_CA fr_FR gl gu_IN he hi_IN hr hu id_ID it it_IT ja ka kk_KZ ko_KR ku_IQ ky la lt lv_LV mk_MK mn ms_MY nb nl pam pl pt_BR pt_PT ro ro_RO ru ru_RU sah sk sl_SI sq sr sr@latin sv ta th_TH tr tr_TR uk ur_PK uz@Cyrl uz@Latn vi vi_VN zh zh_CN zh_HK zh_TW"}
     Installed versions:  0.13.0(06:14:35 PM 08/30/2016)(dbus ljr qrcode qt4 wallet -bitcoin_policy_rbf -bitcoin_policy_spamfilter -http -kde -libevent -libressl -qt5 -test -tor -upnp -zeromq LINGUAS="cs de en -af -af_ZA -ar -be_BY -bg -bg_BG -ca -ca@valencia -ca_ES -cs_CZ -cy -da -el -el_GR -en_GB -eo -es -es_AR -es_CL -es_CO -es_DO -es_ES -es_MX -es_UY -es_VE -et -eu_ES -fa -fa_IR -fi -fr -fr_CA -fr_FR -gl -he -hi_IN -hr -hu -id_ID -it -it_IT -ja -ka -kk_KZ -ko_KR -ku_IQ -ky -la -lt -lv_LV -mk_MK -mn -ms_MY -nb -nl -pam -pl -pt_BR -pt_PT -ro -ro_RO -ru -ru_RU -sk -sl_SI -sq -sr -sr@latin -sv -ta -th_TH -tr -tr_TR -uk -ur_PK -uz@Cyrl -vi -vi_VN -zh -zh_CN -zh_HK -zh_TW")
     Homepage:            http://bitcoincore.org/
This should get you Bitcoin Knots, which does have a history, but is supposed to filter out walletpassphrase stuff.

But...
unfortunately, v0.13.0.0-ga402396 (64-bit) doesn't clear the history at all.
Where are you getting that version from? That indicates Core, not Knots. :/

Please open an issue here: https://github.com/bitcoinknots/bitcoin/issues

Luke-Jr
Legendary
*
expert
Offline Offline

Activity: 2576
Merit: 1186



View Profile
October 23, 2016, 05:08:14 AM
 #16

This issue has been assigned CVE-2016-8889 and will be fixed in the next release of Bitcoin Knots.

Luke-Jr
Legendary
*
expert
Offline Offline

Activity: 2576
Merit: 1186



View Profile
November 15, 2016, 08:58:27 AM
 #17

This is fixed in Knots 0.13.1.

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!