Bitcoin Forum
November 08, 2024, 02:57:28 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Ignore wallet.dat password operation  (Read 308 times)
Bit Challenger (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 12, 2018, 07:13:27 PM
Last edit: December 15, 2018, 08:03:38 AM by Bit Challenger
 #1

I stumbled across a bug where Bitcoin QT could send bitcoins without a password in an encrypted wallet. I have done a lot of tests to prove that my method is feasible. But the whole workload is so heavy that it's hard for me to do it alone. If you can see the problem in my picture and have Wallet. dat data analysis experience, you can join me in my work, let's complete the bursting QT wallet together!
Padmin@126.com

Information is encrypted

Thank you for your letter. I chose 5 engineers to help me. I don't need more people, thank you.


After the development is completed, I will announce the results.
LoyceV
Legendary
*
Offline Offline

Activity: 3486
Merit: 17649


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
December 12, 2018, 07:20:30 PM
Merited by Foxpup (4)
 #2

I stumbled across a bug where Bitcoin QT could send bitcoins without a password in an encrypted wallet.
First: I don't believe you Tongue

Quote
You use image tags, but Newbies can't embed images. When I follow your link, Google Drive tells me "You need permission".

I'm not sure what you're trying to share, but a general warning: DO NOT install programs from unknown sources!

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
Bit Challenger (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 13, 2018, 06:24:24 AM
 #3

I stumbled across a bug where Bitcoin QT could send bitcoins without a password in an encrypted wallet.
First: I don't believe you Tongue

Quote
You use image tags, but Newbies can't embed images. When I follow your link, Google Drive tells me "You need permission".

I'm not sure what you're trying to share, but a general warning: DO NOT install programs from unknown sources!
Sorry, I forgot the public picture.
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
December 13, 2018, 06:57:32 AM
 #4

Sorry, I forgot the public picture.

Still, i get Your client does not have permission.

What are you trying to share anyway ?



First: I don't believe you Tongue

It shouldn't be excluded that there is a bug/vulnerability which would allow to do this.
Even though it seems quite strange that he is uploading a file instead of sharing the general approach publicly, the possibility of such a bug still exists (even if the possibility is extremely low).


@OP:
What about explaining the general approach here ?
How do you think can you 'circumvent' the decryption of the keys ??

If you claim the encryption itself is weak or buggy, i do also not believe you.
And currently i don't see another way to access the encrypted keys without the decryption key  Huh

Bit Challenger (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 13, 2018, 08:18:00 AM
Last edit: December 15, 2018, 07:58:42 AM by Bit Challenger
 #5

Sorry, I forgot the public picture.

Still, i get Your client does not have permission.

What are you trying to share anyway ?



First: I don't believe you Tongue

It shouldn't be excluded that there is a bug/vulnerability which would allow to do this.
Even though it seems quite strange that he is uploading a file instead of sharing the general approach publicly, the possibility of such a bug still exists (even if the possibility is extremely low).


@OP:
What about explaining the general approach here ?
How do you think can you 'circumvent' the decryption of the keys ??

If you claim the encryption itself is weak or buggy, i do also not believe you.
And currently i don't see another way to access the encrypted keys without the decryption key  Huh
Encrypted
Bit Challenger (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 13, 2018, 08:30:30 AM
 #6

I'm not sure about older wallet.dat format, but important information (private key / master private key / seed) on wallet.dat is encrypted and there's no way to spend bitcoin (or sign message/unsigned transaction) without decrypt the wallet.
Bitcoin Core/Qt wallet uses AES256 and PBKDF2, if you could crack both of them without knowing password/private key and without brute-force, then you would make most services vulnerable.
I don't question the strength of the algorithm, my method is only for bitcoin qt wallet
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
December 14, 2018, 06:59:38 PM
 #7

If you can see that each hash is divided into 4 segments and understand his purpose, you will understand my intentions.

I don't question the strength of the algorithm, my method is only for bitcoin qt wallet


Uff.. First i thought you might have really found a bug (which might have been not as severe as you thought it to be).

But those two statements, just proved that you don't have a clue at all.


Troll post confirmed.

Don't bother to contact OP or discuss this with OP. He obviously is trolling and doesn't know what he is talking about.

Bit Challenger (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 15, 2018, 07:57:57 AM
 #8

If you can see that each hash is divided into 4 segments and understand his purpose, you will understand my intentions.

I don't question the strength of the algorithm, my method is only for bitcoin qt wallet


Uff.. First i thought you might have really found a bug (which might have been not as severe as you thought it to be).

But those two statements, just proved that you don't have a clue at all.


Troll post confirmed.

Don't bother to contact OP or discuss this with OP. He obviously is trolling and doesn't know what he is talking about.
I updated the post again and it will prove that I found it to be correct.
achow101
Moderator
Legendary
*
Offline Offline

Activity: 3542
Merit: 6886


Just writing some code


View Profile WWW
December 15, 2018, 04:38:37 PM
Merited by Foxpup (4), LoyceV (2)
 #9

If you believe you have found a vulnerability in Bitcoin Core (note that bitcoin-qt is part of the Bitcoin Core project) which can result in the loss of private keys or the wallet encryption being broken, please responsibly disclose the vulnerability by emailing security@bitcoincore.org (email listed on website: https://bitcoincore.org/en/contact/).

milewilda
Legendary
*
Offline Offline

Activity: 3290
Merit: 1156



View Profile
December 15, 2018, 04:59:17 PM
 #10

If you believe you have found a vulnerability in Bitcoin Core (note that bitcoin-qt is part of the Bitcoin Core project) which can result in the loss of private keys or the wallet encryption being broken, please responsibly disclose the vulnerability by emailing security@bitcoincore.org (email listed on website: https://bitcoincore.org/en/contact/).
If its true then its good if he would responsibly email the team but if not then he would work other way around. lol

Bit Challenger (OP)
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
December 15, 2018, 09:19:22 PM
 #11

If you believe you have found a vulnerability in Bitcoin Core (note that bitcoin-qt is part of the Bitcoin Core project) which can result in the loss of private keys or the wallet encryption being broken, please responsibly disclose the vulnerability by emailing security@bitcoincore.org (email listed on website: https://bitcoincore.org/en/contact/).

Samuel, he's dealing with this
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!