Bitcoin Forum
October 20, 2020, 06:10:31 PM *
News: Latest Bitcoin Core release: 0.20.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Bitcoin vulnerability script?  (Read 771 times)
imjustagirl
Jr. Member
*
Offline Offline

Activity: 117
Merit: 6


View Profile
September 07, 2017, 09:09:54 AM
 #1

Hi,
I have been thinking about investing a sum of money into bitcoin, so I have been reading about its vulnerabilities. As I understand, blockchain sometimes gives repeated R-values which makes some bitcoin wallets vulnerable to hacks. I wanted to find a tool to scan for such vulnerability, but seem to find none. I found R-scan, unfortunately it does not run under Windows, and I tried to run it in pythonanywhere, but to no success. Is there a tool to do this in Windows? Is there a tool to do this for the whole blockchain, so there is some output script like this http://www.want2pay.com/bad_randoms_bitcoin.html ? Please help, I want to make sure I can search for the vulnerability myself, instead of waiting for someone else to post it when its too late. Thanks in advance for your help!

1JPnqMd1Q43L3KbZ7SoTSdRCD2aLj2sikF Tip Me!
1603217431
Hero Member
*
Offline Offline

Posts: 1603217431

View Profile Personal Message (Offline)

Ignore
1603217431
Reply with quote  #2

1603217431
Report to moderator
1603217431
Hero Member
*
Offline Offline

Posts: 1603217431

View Profile Personal Message (Offline)

Ignore
1603217431
Reply with quote  #2

1603217431
Report to moderator
1603217431
Hero Member
*
Offline Offline

Posts: 1603217431

View Profile Personal Message (Offline)

Ignore
1603217431
Reply with quote  #2

1603217431
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1603217431
Hero Member
*
Offline Offline

Posts: 1603217431

View Profile Personal Message (Offline)

Ignore
1603217431
Reply with quote  #2

1603217431
Report to moderator
1603217431
Hero Member
*
Offline Offline

Posts: 1603217431

View Profile Personal Message (Offline)

Ignore
1603217431
Reply with quote  #2

1603217431
Report to moderator
ranochigo
Legendary
*
Offline Offline

Activity: 2142
Merit: 1485

@ me if you need my response


View Profile WWW
September 07, 2017, 09:40:40 AM
 #2

Hi,
I have been thinking about investing a sum of money into bitcoin, so I have been reading about its vulnerabilities. As I understand, blockchain sometimes gives repeated R-values which makes some bitcoin wallets vulnerable to hacks.
It is NOT the fault of Bitcoin. The problem is with the implementation of the wallet; if there is a bug that somehow affects the randomness of the R value, your wallet will be vulnerable. This does not affect addresses with no transactions that is being spent. If you don't reuse address, you are completely safe. This does not cover the randomness of the address itself.
I wanted to find a tool to scan for such vulnerability, but seem to find none. I found R-scan, unfortunately it does not run under Windows, and I tried to run it in pythonanywhere, but to no success. Is there a tool to do this in Windows? Is there a tool to do this for the whole blockchain, so there is some output script like this http://www.want2pay.com/bad_randoms_bitcoin.html ? Please help, I want to make sure I can search for the vulnerability myself, instead of waiting for someone else to post it when its too late. Thanks in advance for your help!
You can easily set it up on Windows. There is no such tool for Windows, neither is there a need. By the time you try to scan it, your address would have already been compromised.

imjustagirl
Jr. Member
*
Offline Offline

Activity: 117
Merit: 6


View Profile
September 07, 2017, 01:27:23 PM
 #3

I tried to run Rscan with python in cmd Windows. I always get the error "SyntaxError: Missing parentheses in call to 'print'"  Huh Maybe I'm doing it wrong?

1JPnqMd1Q43L3KbZ7SoTSdRCD2aLj2sikF Tip Me!
efeaydin
Full Member
***
Offline Offline

Activity: 181
Merit: 102


View Profile
September 07, 2017, 01:56:12 PM
 #4

I tried to run Rscan with python in cmd Windows. I always get the error "SyntaxError: Missing parentheses in call to 'print'"  Huh Maybe I'm doing it wrong?

The scripts is written in Python3, but you are trying to run it with Python2
imjustagirl
Jr. Member
*
Offline Offline

Activity: 117
Merit: 6


View Profile
September 08, 2017, 06:34:16 PM
 #5

I run Python 3.5  Sad

1JPnqMd1Q43L3KbZ7SoTSdRCD2aLj2sikF Tip Me!
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 2282
Merit: 3512


Just writing some code


View Profile WWW
September 08, 2017, 08:26:54 PM
 #6

I tried to run Rscan with python in cmd Windows. I always get the error "SyntaxError: Missing parentheses in call to 'print'"  Huh Maybe I'm doing it wrong?

The scripts is written in Python3, but you are trying to run it with Python2
I run Python 3.5  Sad
It's the other way around; the script is in python 2 but you are using python 3.

posternat
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500


View Profile
September 09, 2017, 06:19:18 AM
 #7

You are not going to be able to hit that sweet spot and take advantage of Bitcoin in the end. It is too hard to figure the right time and spot of the attack and there is no amount of scanning that is going to do it. It is like trying to scan private keys and find a wallet with a balance, the time is better spent getting coins the right way.
virasog
Legendary
*
Offline Offline

Activity: 1680
Merit: 1036


★777Coin.com★ Fun BTC Casino!


View Profile
September 09, 2017, 07:13:55 AM
 #8

There have not been any scripts written for this and there won't be any. It is a waste of time because the resources are above the return. You can scan all day and night and even if the moment happens when you find the crack, it is going to be gone by the time that you manage a targeted attack. With a little luck you may get in there, but you might as well try hitting the lottery with one of those betting scams.


btctousd81
Sr. Member
****
Offline Offline

Activity: 434
Merit: 258


View Profile WWW
September 09, 2017, 09:07:21 AM
 #9

Hi,
I have been thinking about investing a sum of money into bitcoin, so I have been reading about its vulnerabilities. As I understand, blockchain sometimes gives repeated R-values which makes some bitcoin wallets vulnerable to hacks. I wanted to find a tool to scan for such vulnerability, but seem to find none. I found R-scan, unfortunately it does not run under Windows, and I tried to run it in pythonanywhere, but to no success. Is there a tool to do this in Windows? Is there a tool to do this for the whole blockchain, so there is some output script like this http://www.want2pay.com/bad_randoms_bitcoin.html ? Please help, I want to make sure I can search for the vulnerability myself, instead of waiting for someone else to post it when its too late. Thanks in advance for your help!

can you provide link to R-scan ?

so i can test it ? thanks

imjustagirl
Jr. Member
*
Offline Offline

Activity: 117
Merit: 6


View Profile
September 09, 2017, 09:33:29 AM
Last edit: September 09, 2017, 09:53:32 AM by imjustagirl
 #10

https://bitcointalk.org/index.php?topic=977070.0

The R-scan was in this thread. Now the more you tell me about it, the more I am curious, somehow people have done it though? I mean scanned the blockchains script signatures, if they were not using a script, then they used malware? Its not possible to scan the blockchain by personally looking at all the transactions, and obviously there is an output script like on the website I provided in my original post. Or was this done by the developers and they have some special tool for it?

Update: Thank you so much for pointing me in the right direction! I was able to run the script under Python 2.7 after installing simplejason dependencies, now I get another error:
Traceback (most recent call last):
  File "E:\rng-scanner-master\rscan.py", line 44, in <module>
    print "hash: " + str(addrdata['txs'][y]['hash'])
IndexError: list index out of range
 Embarrassed this is so frustrating, if you could give me any advice, I would appretiate it, thank you.

1JPnqMd1Q43L3KbZ7SoTSdRCD2aLj2sikF Tip Me!
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!