Bitcoin Forum
May 25, 2019, 12:42:29 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Ignore wallet.dat password operation  (Read 197 times)
Bit Challenger
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
December 12, 2018, 07:13:27 PM
Last edit: December 15, 2018, 08:03:38 AM by Bit Challenger
 #1

I stumbled across a bug where Bitcoin QT could send bitcoins without a password in an encrypted wallet. I have done a lot of tests to prove that my method is feasible. But the whole workload is so heavy that it's hard for me to do it alone. If you can see the problem in my picture and have Wallet. dat data analysis experience, you can join me in my work, let's complete the bursting QT wallet together!
Padmin@126.com

Information is encrypted

Thank you for your letter. I chose 5 engineers to help me. I don't need more people, thank you.


After the development is completed, I will announce the results.
1558744949
Hero Member
*
Offline Offline

Posts: 1558744949

View Profile Personal Message (Offline)

Ignore
1558744949
Reply with quote  #2

1558744949
Report to moderator
GET 25 FREE SPINS AT REGISTRATION
GET 100% BONUS ON FIRST DEPOSIT
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558744949
Hero Member
*
Offline Offline

Posts: 1558744949

View Profile Personal Message (Offline)

Ignore
1558744949
Reply with quote  #2

1558744949
Report to moderator
1558744949
Hero Member
*
Offline Offline

Posts: 1558744949

View Profile Personal Message (Offline)

Ignore
1558744949
Reply with quote  #2

1558744949
Report to moderator
LoyceV
Legendary
*
Offline Offline

Activity: 1498
Merit: 3865


Self-made Legendary outside Meta!


View Profile WWW
December 12, 2018, 07:20:30 PM
Merited by Foxpup (4)
 #2

I stumbled across a bug where Bitcoin QT could send bitcoins without a password in an encrypted wallet.
First: I don't believe you Tongue

Quote
You use image tags, but Newbies can't embed images. When I follow your link, Google Drive tells me "You need permission".

I'm not sure what you're trying to share, but a general warning: DO NOT install programs from unknown sources!

Bit Challenger
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
December 13, 2018, 06:24:24 AM
 #3

I stumbled across a bug where Bitcoin QT could send bitcoins without a password in an encrypted wallet.
First: I don't believe you Tongue

Quote
You use image tags, but Newbies can't embed images. When I follow your link, Google Drive tells me "You need permission".

I'm not sure what you're trying to share, but a general warning: DO NOT install programs from unknown sources!
Sorry, I forgot the public picture.
bob123
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1014



View Profile WWW
December 13, 2018, 06:57:32 AM
 #4

Sorry, I forgot the public picture.

Still, i get Your client does not have permission.

What are you trying to share anyway ?



First: I don't believe you Tongue

It shouldn't be excluded that there is a bug/vulnerability which would allow to do this.
Even though it seems quite strange that he is uploading a file instead of sharing the general approach publicly, the possibility of such a bug still exists (even if the possibility is extremely low).


@OP:
What about explaining the general approach here ?
How do you think can you 'circumvent' the decryption of the keys ??

If you claim the encryption itself is weak or buggy, i do also not believe you.
And currently i don't see another way to access the encrypted keys without the decryption key  Huh

ETFbitcoin
Legendary
*
Offline Offline

Activity: 1652
Merit: 1767

Use SegWit and enjoy lower fees.


View Profile WWW
December 13, 2018, 06:59:28 AM
 #5

I'm not sure about older wallet.dat format, but important information (private key / master private key / seed) on wallet.dat is encrypted and there's no way to spend bitcoin (or sign message/unsigned transaction) without decrypt the wallet.
Bitcoin Core/Qt wallet uses AES256 and PBKDF2, if you could crack both of them without knowing password/private key and without brute-force, then you would make most services vulnerable.

Bit Challenger
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
December 13, 2018, 08:18:00 AM
Last edit: December 15, 2018, 07:58:42 AM by Bit Challenger
 #6

Sorry, I forgot the public picture.

Still, i get Your client does not have permission.

What are you trying to share anyway ?



First: I don't believe you Tongue

It shouldn't be excluded that there is a bug/vulnerability which would allow to do this.
Even though it seems quite strange that he is uploading a file instead of sharing the general approach publicly, the possibility of such a bug still exists (even if the possibility is extremely low).


@OP:
What about explaining the general approach here ?
How do you think can you 'circumvent' the decryption of the keys ??

If you claim the encryption itself is weak or buggy, i do also not believe you.
And currently i don't see another way to access the encrypted keys without the decryption key  Huh
Encrypted
Bit Challenger
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
December 13, 2018, 08:30:30 AM
 #7

I'm not sure about older wallet.dat format, but important information (private key / master private key / seed) on wallet.dat is encrypted and there's no way to spend bitcoin (or sign message/unsigned transaction) without decrypt the wallet.
Bitcoin Core/Qt wallet uses AES256 and PBKDF2, if you could crack both of them without knowing password/private key and without brute-force, then you would make most services vulnerable.
I don't question the strength of the algorithm, my method is only for bitcoin qt wallet
bob123
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1014



View Profile WWW
December 14, 2018, 06:59:38 PM
 #8

If you can see that each hash is divided into 4 segments and understand his purpose, you will understand my intentions.

I don't question the strength of the algorithm, my method is only for bitcoin qt wallet


Uff.. First i thought you might have really found a bug (which might have been not as severe as you thought it to be).

But those two statements, just proved that you don't have a clue at all.


Troll post confirmed.

Don't bother to contact OP or discuss this with OP. He obviously is trolling and doesn't know what he is talking about.

Bit Challenger
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
December 15, 2018, 07:57:57 AM
 #9

If you can see that each hash is divided into 4 segments and understand his purpose, you will understand my intentions.

I don't question the strength of the algorithm, my method is only for bitcoin qt wallet


Uff.. First i thought you might have really found a bug (which might have been not as severe as you thought it to be).

But those two statements, just proved that you don't have a clue at all.


Troll post confirmed.

Don't bother to contact OP or discuss this with OP. He obviously is trolling and doesn't know what he is talking about.
I updated the post again and it will prove that I found it to be correct.
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1778
Merit: 2399


bc1qshxkrpe4arppq89fpzm6c0tpdvx5cfkve2c8kl


View Profile WWW
December 15, 2018, 04:38:37 PM
Merited by Foxpup (4), LoyceV (2)
 #10

If you believe you have found a vulnerability in Bitcoin Core (note that bitcoin-qt is part of the Bitcoin Core project) which can result in the loss of private keys or the wallet encryption being broken, please responsibly disclose the vulnerability by emailing security@bitcoincore.org (email listed on website: https://bitcoincore.org/en/contact/).

milewilda
Legendary
*
Offline Offline

Activity: 1302
Merit: 1031



View Profile
December 15, 2018, 04:59:17 PM
 #11

If you believe you have found a vulnerability in Bitcoin Core (note that bitcoin-qt is part of the Bitcoin Core project) which can result in the loss of private keys or the wallet encryption being broken, please responsibly disclose the vulnerability by emailing security@bitcoincore.org (email listed on website: https://bitcoincore.org/en/contact/).
If its true then its good if he would responsibly email the team but if not then he would work other way around. lol

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
Bit Challenger
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
December 15, 2018, 09:19:22 PM
 #12

If you believe you have found a vulnerability in Bitcoin Core (note that bitcoin-qt is part of the Bitcoin Core project) which can result in the loss of private keys or the wallet encryption being broken, please responsibly disclose the vulnerability by emailing security@bitcoincore.org (email listed on website: https://bitcoincore.org/en/contact/).

Samuel, he's dealing with this
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!