Bitcoin Forum
March 28, 2024, 06:24:23 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3] 4 5 »  All
  Print  
Author Topic: Thoughts on this private key stealing mystery  (Read 23032 times)
BurtW
Legendary
*
Offline Offline

Activity: 2646
Merit: 1129

All paid signature campaigns should be banned.


View Profile WWW
December 06, 2017, 03:39:59 PM
 #41

How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not.  Stop spreading FUD.  Don't be an idiot, read the thread.

What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
You are a noob so I will give you the benefit of my doubt:  Are you confusing blockchain.info with "the blockchain"?

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
1711650263
Hero Member
*
Offline Offline

Posts: 1711650263

View Profile Personal Message (Offline)

Ignore
1711650263
Reply with quote  #2

1711650263
Report to moderator
1711650263
Hero Member
*
Offline Offline

Posts: 1711650263

View Profile Personal Message (Offline)

Ignore
1711650263
Reply with quote  #2

1711650263
Report to moderator
1711650263
Hero Member
*
Offline Offline

Posts: 1711650263

View Profile Personal Message (Offline)

Ignore
1711650263
Reply with quote  #2

1711650263
Report to moderator
The forum strives to allow free discussion of any ideas. All policies are built around this principle. This doesn't mean you can post garbage, though: posts should actually contain ideas, and these ideas should be argued reasonably.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711650263
Hero Member
*
Offline Offline

Posts: 1711650263

View Profile Personal Message (Offline)

Ignore
1711650263
Reply with quote  #2

1711650263
Report to moderator
1711650263
Hero Member
*
Offline Offline

Posts: 1711650263

View Profile Personal Message (Offline)

Ignore
1711650263
Reply with quote  #2

1711650263
Report to moderator
ksgerb
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
December 06, 2017, 03:51:57 PM
 #42

Few moths ago I also found a site that looks like a directory of btc address private key which could be import to wallet, I try to pick random wallet keys there around 50-70 address out of thousands listed on the said site but no wallet has balance on them off course the one who listed the directory maybe had already withdraw all btc on those address I just think..lol
BurtW
Legendary
*
Offline Offline

Activity: 2646
Merit: 1129

All paid signature campaigns should be banned.


View Profile WWW
December 06, 2017, 04:29:30 PM
 #43

Few moths ago I also found a site that looks like a directory of btc address private key which could be import to wallet, I try to pick random wallet keys there around 50-70 address out of thousands listed on the said site but no wallet has balance on them off course the one who listed the directory maybe had already withdraw all btc on those address I just think..lol
Is this the site you are talking about:  http://directory.io/

If so that is simply a web page that calculates a group of sequential private keys based on the "page number" and then calculates the two possible Bitcoin addresses for each of the private keys on the page.

Nothing special or new there.

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
Dr.Z
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
December 07, 2017, 01:14:27 AM
 #44

How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not.  Stop spreading FUD.  Don't be an idiot, read the thread.

What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
You are a noob so I will give you the benefit of my doubt:  Are you confusing blockchain.info with "the blockchain"?

Your words make zero sense, stop replying me. Thank you.
ir.hn
Member
**
Offline Offline

Activity: 322
Merit: 54

Consensus is Constitution


View Profile
December 07, 2017, 02:50:13 AM
 #45


Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.

This can be done.  Great idea.

ehrz22
Full Member
***
Offline Offline

Activity: 406
Merit: 105



View Profile
December 07, 2017, 03:00:12 AM
 #46


Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.

This can be done.  Great idea.

It can be done but can be abuse by some scammers if this feature will be made. It's like paypal, even if your transaction is legit the sender may open a ticket or dispute about the transaction. So this feature is still not advisable. Before, I was also wondering if we can get back the btc we sent, but now Im understanding well why it cannot be done.

Spendulus
Legendary
*
Offline Offline

Activity: 2898
Merit: 1386



View Profile
December 08, 2017, 02:58:29 AM
 #47


Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.

This can be done.  Great idea.

This would require in real time, immediately after the theft, determining the relation between the private and public key, then deducing the private key, then sending a transaction with a higher fee.

That would be a program. It would have to be activated by a signal from the victim, and he would have to notice the theft pretty quickly and log the request.

I would note that there could be any number of algorithms each with a variety of constants which could be used to deduce the private key from the public key. Once the bad guys knew these counter attacks existed, they would go to more subtle algorithm.

CarDioLogic
Newbie
*
Offline Offline

Activity: 48
Merit: 0


View Profile
December 09, 2017, 02:03:24 PM
 #48

I don't understand much about the technical stuff talked, but i'm worried the more recognition this gets, the more people (bad people) will try to replicate it in order to try to steal.
breakingbit
Newbie
*
Offline Offline

Activity: 5
Merit: 1


View Profile
December 16, 2017, 11:09:59 PM
 #49

Quote
echo -n "1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo" | sha256sum
9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60

That hex number is the private key for 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit !!!

This is not the case. The private key for that hex address is 5K1sjALvVxbsTRMf3aGKnB6E39uZfqQ6XQTGh5z3DrBDq3pG9A6 and its address is 18JT3KeFV36Hkgo3Xi9bfgNYAXCVXBGyFg.
Have you considered protecting the corresponding bitcoin cash wallets ? At least one of them got raided after your publication.

There's a few more wallets in the blockchain that have corresponding "target" wallets. I've traced quite a few. I suspect the grouped 0.0001 BTC transfers are signallers. Not strictly necessary, but allowing for easy recognition. I found one of the addresses to be associated with a btc lottery service, though I have a hunch that many of the addresses that are being 'watched' are actually hashes / strings that were pasted on md5hashing.net. If you set your user agent to google bot you can scrape those pages. Run them through sha256 / use hashes as keys and you'll see what I mean. I even found password 1975 on there, though that might've been tried on there in response to your publication.



breakingbit
Newbie
*
Offline Offline

Activity: 5
Merit: 1


View Profile
December 16, 2017, 11:19:15 PM
 #50

The md5hashing.net being a source of generation makes sense as well. Read this first: https://www.reddit.com/r/Bitcoin/comments/2c5jot/my_18_stolen_bitcoin_were_spent_today_25_bounty/

This guy's bitcoins were stolen about 3 years ago from 1CwUog8nftdpC6RXygFcwzTKEATDCE4b9T.
The private key to that wallet is 5KHRvbqGXw4mcsdamWYK2EH515tXRXHr199qZr2ziC9NdEEd7tV. Its private
key is derived from sha256(ywAEqHEdZkVM4phdRa6URuZY8SAOjPa169G881ARuaIwxa4f1i), a string
searched for on md5hashing.net. Sites such as these may very well be honey pots.
phucthinh11061997
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
December 17, 2017, 12:04:06 AM
 #51

Wow  Shocked

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.
breakingbit
Newbie
*
Offline Offline

Activity: 5
Merit: 1


View Profile
December 17, 2017, 06:21:53 PM
 #52

I wonder if there's a connection with bitpay/copay. I found a transaction id as the privkey of a wallet (143o1wchhdN58FXcXreEKYvsihYQuFEQPN) that sends its coins to one of the known vacuum addresses. Right prior to it, it receives funds from 1MhxhzAQGktuQvx7ykhpomMeB8WnzBFeVi. The latter wallet received a transfer from 3QyUSB4eRYePHcvpS6k6YDMBUDGXRSSMPc prior to that. That address is mentioned on https://github.com/bitpay/copay/issues/4017

Might it be co pay transaction logic at play here?
TechPriest
Sr. Member
****
Offline Offline

Activity: 377
Merit: 282


Finis coronat opus


View Profile
December 17, 2017, 09:13:32 PM
 #53

Sending coins back to the address they came from could just end up losing the coins permanently, because now days wallets do not re-use addresses, and the original owned might not have that address in his wallet anymore.

I'm very interesting in this. Where do you find such kind of information? If you have seed, it will contain ALL addreses (used and not-used). With it you will be able to get access to any address which you were used.

In science we trust!
Alexcross1075
Newbie
*
Offline Offline

Activity: 49
Merit: 0


View Profile
December 21, 2017, 03:01:26 PM
 #54

its not a good idea because if there are valuable coins there,the owners are doomed to loose it,when the keys get into the hands of real hackers  Huh
BurtW
Legendary
*
Offline Offline

Activity: 2646
Merit: 1129

All paid signature campaigns should be banned.


View Profile WWW
December 22, 2017, 02:56:38 PM
 #55

Sending coins back to the address they came from could just end up losing the coins permanently, because now days wallets do not re-use addresses, and the original owned might not have that address in his wallet anymore.

I'm very interesting in this. Where do you find such kind of information? If you have seed, it will contain ALL addreses (used and not-used). With it you will be able to get access to any address which you were used.
You are correct, aplistir does not know what they are talking about.  Modern HD wallets remember all used addresses. 

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
bitfools
Member
**
Offline Offline

Activity: 112
Merit: 12


View Profile
January 06, 2018, 06:03:53 AM
 #56

Quote
echo -n "1Ca15MELG5DzYpUgeXkkJ2Lt7iMa17SwAo" | sha256sum
9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60

That hex number is the private key for 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit !!!

This is not the case. The private key for that hex address is 5K1sjALvVxbsTRMf3aGKnB6E39uZfqQ6XQTGh5z3DrBDq3pG9A6 and its address is 18JT3KeFV36Hkgo3Xi9bfgNYAXCVXBGyFg.
Have you considered protecting the corresponding bitcoin cash wallets ? At least one of them got raided after your publication.


private address in HEX 9e027d0086bdb83372f6040765442bbedd35b96e1c861acce5e22e1c4987cd60
private address in WIF 5K1sjALvVxbsTRMf3aGKnB6E39uZfqQ6XQTGh5z3DrBDq3pG9A6

[ but there are two wifs L2Wru6Ew8pQuhcWAvMpdtPY4YWK1CQcwPCWxFvzkoi47crJBAVaP ]

Then address is 18JT3KeFV36Hkgo3Xi9bfgNYAXCVXBGyFg

But there is only the compressed address ... 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit

There is no balance on this private-address

IMHO, having done this stuff for a solid six months after a double hiatus from bitcoin in 2011, and 2013, I have seen very little to nothing come of these types of 'looking for private keys', just hashes in generals that they them selves came from hashes is just shit from shit, you still get shit, a lucky monkey on a type write can also generate 'war and peace', given enough time.

There are 10k ways to HACK bitcoin, there are a zillion paths to be taken, one must test them all to find that path that works for them, certainly you don't want to follow the 'pack' in this shit, as it will lead you to NO WHERE.

Probably best advice for people serious about this game is ...

1.) Study the C++ code for bitcoin, as none of the docs are real, its all bullshit, only the code is real
2.) roll you own, write your own parsers ( block chain to text, its probably best to do CSV), most of the database programs can handle 200GB very well; probably best c/c++ & python
3.) have many databases that are selective for each mission, one for addresses, one for balances ( short life ), one for public-keys, ..
4.) Have many bloom-filters for all of the above, searching for the monkey means O(1) search time, you can have just a bloom for address, you need blooms for your rain-bow table, for your private-key warehouse, for your public-keys, for your ecdsa integer farm, ...
5.) getting back 2, none of the code on github works, I mean NONE, its not maintained, and it will all lead you to dead ends, if a guy actually wrote a 'bot' that harvested valuable addresses and swept those accounts he would NOT give that software away for free, 99% of the shit you find on GITHUB is somebody's dead-end,
6.) study all the papers on the subject, there are 1,000's of well written technical papers on ECDSA SECP256, read them all, write your own sig ecdsa software write your own hash library, vector everything, always place vector check points every few 100 steps so you know everything is working.
7.) there are 1,000's of variables, and it only takes one to generate false-positives, know at all times that all  your inputs are correct,

8.) have a bell or timer set to generate music, I have a A-G guitar chord set,so depending up what my bots find, they play the different chord sets so that I know the nature of the problem, and the chord set doesn't nauseate people  around the house

9.) I find that hacking BTC is harder than mining, but far more interesting,

10.) Don't be a fool, if you don't have years of experience in programming, cryptograhy, database, networking, math, physics, then your chance of making any kind of interesting discovery is nil; Lots of smart people working on this "Discrete Log Problem" for a long time, if it were an easy problem, then it would have been solved, I think some 50 years since computers have been generally available people have been trying to solve this problem by brute-force

11.) like I said there are 10k ways to hack btc, there is the address angle, the public-key angle, the random priv-key angle, ... the ecdsa pool angle, ... you need to really play around with all until you find a method that works for you, then dive deep and really understand why your succeeding, don't try to do them all, there is too much, just doing the ECDSA can be a full time job for a mathematician

...

Most of this stuff is done for intellectual curiosity IMHO its to much work for the 'get rich quick moron' which are the majority of this board, its far easier to clone your own coin, start your own mining pool, or exchange and rip people off if you goal is to 'steal', most of us when we do find coin, are more than happy to make note of the find to the owner.

It's a vast multi-disciplinary field 'hacking btc', I can see it become a major career path, there are already dozens of masters thesis written on this subject, bound to be many phd's born of this stuff

For the young kid, I can offer no better path than BUTERIN did, first study the BTC source, and master that, then write your own btc client/server in python, and completely understand all, then modify your source so it can output 'data' as you want, ... Most of the 'action' is happening now, most of the easy stuff that is talked about in papers or this forum is what happened in 2014 or earlier, ... unless you write your own client/server that is tuned to study the now, your not going to make 'great' discovery's.

Passive Analysis is still wide open, very little work has been done on the block-chain using machine learning or digital signal processing techniques, but then again like the stock-market, what bitcon did in the past in terms of private-key generation means nothing tomorrow, as the core-devs are constantly hacking the code, and fixing the 'holes', thus to find the new holes, you must stay one step ahead of the core-devs,
bitfools
Member
**
Offline Offline

Activity: 112
Merit: 12


View Profile
January 06, 2018, 07:53:07 AM
 #57

Wow  Shocked

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.

Amazing, if any of it were true, Upon reviewing this article, I took to myself to spend 1/2 hour and run some of these things, I have a database of 5 million BTC addresses, and every public-key ever used, both hashed and open, and I ran the addresses though the system, I found less than 1,000 addresses have been used as 'seeds', and I found of that only 'one' had ever had a transaction, ... Not VERY INTERESTING ( So somebody ( most likely the OP, created 1,000 private-keys on BTC using 'address' as the SEED, but never used them, ... so what? ); Sounds like somebody was bored that day, and ran a batch file that terminated at 1024

Then there is the BS about using tx's and merkels for your private-key, or hashing them, these are just random numbers after they're hashed, there was NO 'order' to begin, with hashing high-entropy, is high-entropy, if you want to cultivate private-keys for REAL that have been used ( that's the GOAL right?) Then you need to leverage off the human weakness issue and that is seeds need to have a deterministic nature that came from humans, not random shit.

The OP lists 5 ways to 'hack-btc' I found all to be non-workable, certainly if it be true that a few of these were places as back-doors by a wallet 'engineer' ok, I can dig that, but looking at this stuff from 'hacker' point of view its all a waste of time,

Of the 5,  only the one about seed('cat') times N ( running sha256() n times on the result )  was interesting, the OP makes it sounds like he found many where N > 1, ... but the reality is such that if you take all known seeds, and start N'ing them by N++, you will vanish to zero at 2, ... sure you might be lucky and one time at seed*1975 get one hit, ... but that is just an anomaly

The fact is this kind of stuff in real world would be from 'hand rolled' private addresses and its just not that common, unless the guy is an engineer and hand-rolls from SSL, or that is high-entropy, that works.

Given that using random data from the block-chain for your private-key; hashed or not is a jerks game, and thus by definition a JERK has no BTC, thus its a complete waste of time for a 'professional hacker' to follow any information in this post.

IMHO this article is a sci-fi fairy-tale that can be told to bitcoin wannabe's and their boyfriends.
Kakmakr
Legendary
*
Offline Offline

Activity: 3402
Merit: 1944

This space is availlable for advertising


View Profile
January 06, 2018, 08:38:39 AM
 #58

Blockchain.info has a bit of a reputation regarding flaws in their code : https://www.coindesk.com/blockchain-info-issues-refunds-to-bitcoin-theft-victims/ and I guess something like this might go undetected, if they took that long to discover that.

Blockchain.info will deny this, like most Banks do, when exploits are discovered in their software.

This is why Satoshi did not recommend using third party software/wallet providers, but as usual nobody is listening and they use the GUI friendly options out there.

Signature space availlable -Just DM me if you need some advertising.
Spendulus
Legendary
*
Offline Offline

Activity: 2898
Merit: 1386



View Profile
January 06, 2018, 06:13:39 PM
 #59

Wow  Shocked

Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.

I am really excited to find out in which priv key generation code this thing is implemented.

Amazing, if any of it were true, Upon reviewing this article, I took to myself to spend 1/2 hour and run some of these things, I have a database of 5 million BTC addresses, and every public-key ever used, both hashed and open, and I ran the addresses though the system, I found less than 1,000 addresses have been used as 'seeds', and I found of that only 'one' had ever had a transaction, ... Not VERY INTERESTING .....
IMHO this article is a sci-fi fairy-tale that can be told to bitcoin wannabe's and their boyfriends.

I am afraid arguing "against this" is like arguing against the theory of God.

You cannot prove your point.

There are an infinite number of possible variations on the embedded hints and seeds and secrets.

For example, assume not that "seed" is embedded and with "seed you can discover the private key.

Now consider k=numeric value(seed)+c

Where c is a constant.

Have fun....
keyboard warrior
Sr. Member
****
Offline Offline

Activity: 266
Merit: 251


View Profile
January 08, 2018, 03:21:19 AM
Last edit: January 08, 2018, 03:32:58 AM by keyboard warrior
 #60

This might mean nothing, but I searched for a few of those addresses from the OP in walletexplorer, which is a site that guesses which service owns an address. It probably uses taint analysis.

It said a few of those addresses were part of a wallet it calls MtGoxAndOthers. These are three such addresses.

https://www.walletexplorer.com/address/1kN83e7WRtsXD7nHn51fwdEAi51qk5dEe

Quote
1kN83e7WRtsXD7nHn51fwdEAi51qk5dEe
part of wallet MtGoxAndOthers

https://www.walletexplorer.com/address/1JhWnRjRm7AhbvSBtEifcFL8DkEKQiWRZw

Quote
1JhWnRjRm7AhbvSBtEifcFL8DkEKQiWRZw
part of wallet MtGoxAndOthers

https://www.walletexplorer.com/address/1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1

Quote
1BEYFim8uoJ7FAZG6m1E1hqLwKjfVwnWU1
part of wallet MtGoxAndOthers

I don't know how reliable walletexplorer's guesses are, and I'm only speculating it uses taint analysis to make its guesses. Walletexplorer couldn't guess where most of the small fraction of addresses I checked from the OP came from, it only guessed those three.

However, I only checked a small fraction of the list, I don't have time to check them all. Also the coins sent to all three addresses were sent after February 2014 when Mt. Gox had closed and filed for bankruptcy protection.

I don't understand how walletexplorer guessed that an address unused before Mt. Gox closed could belong to "MtGoxAndOthers" based on a transaction sent after its closure. Maybe it's because "MtGoxAndOthers" is a very vague name.

Pages: « 1 2 [3] 4 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!