jimrome
|
|
July 07, 2014, 07:04:48 AM |
|
We found the machines are sending back encrypted packets back to a Chinese IP address, the packets are encrypted so we are not sure weather its sending back hashes or somethig more sinister.
We have re-wrote the lketc dragon miner software our self and found the units to be hashing 10% more, so likely stealing hashes from our power.
i will release more proof and our clean dragon miner software after more tests.
I am in The Netherlands at the moment, I can't make an image of the latest firmware of the Dragon miners that are password protected. Can someone upload an image that is password protected? I need it ASAP, I found a Dutch sotware engineer who can reverse engineer it. I will tip him if he finds the password and stuff that don't belong in that image. Good luck to your engineer, I wish him luck and he's going to need it
|
|
|
|
jimrome
|
|
July 07, 2014, 05:25:11 PM |
|
I thought I'd mention that it seems BFGMiner will now support The "jingtian" miner, which is essentially the same thing as all the other A1 miner clones.
I'm going to check it out, but it seems we finally have open source firmware and can avoid using the stock driver (and the other potentially nefarious crap which may come with it)
|
|
|
|
Luke-Jr
Legendary
Offline
Activity: 2576
Merit: 1186
|
|
July 07, 2014, 05:27:27 PM |
|
I thought I'd mention that it seems BFGMiner will now support The "jingtian" miner, which is essentially the same thing as all the other A1 miner clones. I'm not sure if it is... JingTian has a microcontroller that IIRC they designed themselves. Either way, let me know how this works out.
|
|
|
|
jimrome
|
|
July 07, 2014, 05:53:41 PM |
|
I thought I'd mention that it seems BFGMiner will now support The "jingtian" miner, which is essentially the same thing as all the other A1 miner clones. I'm not sure if it is... JingTian has a microcontroller that IIRC they designed themselves. Either way, let me know how this works out. I think their controller is an Rpi (which you can see the end of here: http://www.jtminer.com/product/28nm-miner/#). This would would make sense as they are probably just using innosilicon's driver as the rest of the A1 clone miner manufacturers. It still might not be fully compatible, I'll let you know in around 45mins
|
|
|
|
jimrome
|
|
July 07, 2014, 07:43:55 PM |
|
<snip> It still might not be fully compatible, I'll let you know in around 45mins Yeah, so it doesn't work 'out-of-the-box', but I'm continuing to investigate if it's just a configuration issue (e.g. see if SPI ports can be polled)
|
|
|
|
defcon23
Legendary
Offline
Activity: 1120
Merit: 1002
|
|
July 23, 2014, 11:06:02 AM |
|
anyone got a clean & recent english image of the "4 blade dragonboot" ? ( with unblocked ssh acces..) thanx in advance
|
|
|
|
notlist3d
Legendary
Offline
Activity: 1456
Merit: 1000
|
|
July 23, 2014, 01:29:07 PM |
|
Bumped the thread for you with Dragon information from Mr. Lee. My image is on first page it's 4 blade with ssh . https://bitcointalk.org/index.php?topic=545642.0 ( note prices in thread are old they are now cheaper in group buy thread)
|
|
|
|
Fsá
Newbie
Offline
Activity: 7
Merit: 0
|
|
July 25, 2014, 10:08:17 AM |
|
Anyone know if the company is honest Dragon Miners?
I'm thinking of hiring the cloud service mining them.
|
|
|
|
defcon23
Legendary
Offline
Activity: 1120
Merit: 1002
|
|
July 25, 2014, 03:28:12 PM |
|
thank you a lot
|
|
|
|
defcon23
Legendary
Offline
Activity: 1120
Merit: 1002
|
|
July 25, 2014, 03:35:06 PM |
|
Anyone know if the company is honest Dragon Miners?
I'm thinking of hiring the cloud service mining them.
i dont know their cloud service, but i recently bought several units from them , and all is ok for me. ultra quick delivery from china to europe ( 4 days ups ). the miners all work fine. ( i paid in BTC ) contact: lketc.nancy@gmail.com
|
|
|
|
Easy2Mine
|
|
August 07, 2014, 08:50:41 AM |
|
We found the machines are sending back encrypted packets back to a Chinese IP address, the packets are encrypted so we are not sure weather its sending back hashes or somethig more sinister.
We have re-wrote the lketc dragon miner software our self and found the units to be hashing 10% more, so likely stealing hashes from our power.
i will release more proof and our clean dragon miner software after more tests.
I am in The Netherlands at the moment, I can't make an image of the latest firmware of the Dragon miners that are password protected. Can someone upload an image that is password protected? I need it ASAP, I found a Dutch sotware engineer who can reverse engineer it. I will tip him if he finds the password and stuff that don't belong in that image. Good luck to your engineer, I wish him luck and he's going to need it I haven't contact the Dutch engineer, instead I try to see if it was possible to do it myself before I call help. I had to start as a noob in Linux. The LKETC password was not the most diffecult part, the ghost files that replace any files you have change back to the original files every time after a reboot are. After I found out the password, I found an easier way to change the password, simply replace the file "shadow" with your own username and password. This is a standaard Linux trick, so next time you run into a firmware that is locked and you have control over the SD card. Backup the SD card and replace the password and username in the file "shadow" with your own password and username. It takes only 5 minutes instead of hours. All the LKETC firmware use CGminer 3.9.0, the only difference between them is the languages files. The first versions only have Chinese, the later version have English added and the last version have also Russian. The ghost files in the latest version is more trickier than in the first version. https://www.dropbox.com/s/14a66jqudfjkulw/Dragon_192_168_1_101.7zThis is the latest firmware with all the languages files, I change all the LKETC logo with my own and added a password protected page that I have learn here. https://bitcointalk.org/index.php?topic=650114.msg7277745#msg7277745The IP of the miner is 192.168.1.101 The username of the password protected page is admin, no password, you can change that when you SSH into the Raspberry Pi with PUTTY. The Raspberry username is pi and the password is raspberry. Once you are logged into the Raspberry. su root cd /var/www nano passwordprotect.php Change your username and password and save it by pressing Ctrl+x I want to write a tutorial how you can replace the ghost files with your own customize files and logo, but I am afraid I am too busy to do that at this moment.
|
|
|
|
upetmcz
Newbie
Offline
Activity: 11
Merit: 0
|
|
August 27, 2014, 02:44:52 AM |
|
how to order?
|
|
|
|
grn
|
|
August 27, 2014, 04:59:15 AM |
|
I haven't contact the Dutch engineer, instead I try to see if it was possible to do it myself before I call help. I had to start as a noob in Linux. The LKETC password was not the most diffecult part, the ghost files that replace any files you have change back to the original files every time after a reboot are. After I found out the password, I found an easier way to change the password, simply replace the file "shadow" with your own username and password. This is a standaard Linux trick, so next time you run into a firmware that is locked and you have control over the SD card. Backup the SD card and replace the password and username in the file "shadow" with your own password and username. It takes only 5 minutes instead of hours. All the LKETC firmware use CGminer 3.9.0, the only difference between them is the languages files. The first versions only have Chinese, the later version have English added and the last version have also Russian. The ghost files in the latest version is more trickier than in the first version. https://www.dropbox.com/s/14a66jqudfjkulw/Dragon_192_168_1_101.7zThis is the latest firmware with all the languages files, I change all the LKETC logo with my own and added a password protected page that I have learn here. https://bitcointalk.org/index.php?topic=650114.msg7277745#msg7277745The IP of the miner is 192.168.1.101 The username of the password protected page is admin, no password, you can change that when you SSH into the Raspberry Pi with PUTTY. The Raspberry username is pi and the password is raspberry. Once you are logged into the Raspberry. su root cd /var/www nano passwordprotect.php Change your username and password and save it by pressing Ctrl+x I want to write a tutorial how you can replace the ghost files with your own customize files and logo, but I am afraid I am too busy to do that at this moment. Glad you figured it out I would have shown you how a month earlier if cypotcelo and dropt werent being such assclowns about the whole reverse engineering is easy and noobs know nothing attack
|
How is that Lexical analysis working out bickneleski?
|
|
|
Easy2Mine
|
|
August 27, 2014, 05:58:56 AM |
|
I haven't contact the Dutch engineer, instead I try to see if it was possible to do it myself before I call help. I had to start as a noob in Linux. The LKETC password was not the most diffecult part, the ghost files that replace any files you have change back to the original files every time after a reboot are. After I found out the password, I found an easier way to change the password, simply replace the file "shadow" with your own username and password. This is a standaard Linux trick, so next time you run into a firmware that is locked and you have control over the SD card. Backup the SD card and replace the password and username in the file "shadow" with your own password and username. It takes only 5 minutes instead of hours. All the LKETC firmware use CGminer 3.9.0, the only difference between them is the languages files. The first versions only have Chinese, the later version have English added and the last version have also Russian. The ghost files in the latest version is more trickier than in the first version. https://www.dropbox.com/s/14a66jqudfjkulw/Dragon_192_168_1_101.7zThis is the latest firmware with all the languages files, I change all the LKETC logo with my own and added a password protected page that I have learn here. https://bitcointalk.org/index.php?topic=650114.msg7277745#msg7277745The IP of the miner is 192.168.1.101 The username of the password protected page is admin, no password, you can change that when you SSH into the Raspberry Pi with PUTTY. The Raspberry username is pi and the password is raspberry. Once you are logged into the Raspberry. su root cd /var/www nano passwordprotect.php Change your username and password and save it by pressing Ctrl+x I want to write a tutorial how you can replace the ghost files with your own customize files and logo, but I am afraid I am too busy to do that at this moment. Glad you figured it out I would have shown you how a month earlier if cypotcelo and dropt werent being such assclowns about the whole reverse engineering is easy and noobs know nothing attack I think Cryptoceelo is pissed at LKETC, because they didn't give him the password and he has to use an older image with root access. He claimed that the Dragons are stealing hashes or sending encrypted packages back to a Chinese IP address, but he is unable to locate all the hidden files and change the password. I doubt about his claim that he has rewritten the firmware, untill now he hasn't proofed it yet. If he is that good as he claim to be, he could have change the password himself and located all the hidden files easily. If you analize the files on the older images, you will find traces of Innosilicon passwords. I am still a Linux NOOB, but am still learning and it is fun to do.
|
|
|
|
dropt
Legendary
Offline
Activity: 1512
Merit: 1000
|
|
August 27, 2014, 02:35:42 PM |
|
Glad you figured it out I would have shown you how a month earlier if cypotcelo and dropt werent being such assclowns about the whole reverse engineering is easy and noobs know nothing attack I made one comment about the existence of tools for reverse engineering as well as stating that a driver could be written from the A1 documentation, and I'm "being such [an] assclown". You were so butthurt over someone having a differing opinion that you put me on ignore and then added it to your sig as if it was some sort of achievement. Then, you refused to help others with their problems that you allege to have solutions for because two people on a forum of many didn't worship your worthless opinion. Are you 12? Hello assclown hypocrite!
|
|
|
|
dropt
Legendary
Offline
Activity: 1512
Merit: 1000
|
|
August 27, 2014, 02:38:27 PM |
|
I think Cryptoceelo is pissed at LKETC, because they didn't give him the password and he has to use an older image with root access. He claimed that the Dragons are stealing hashes or sending encrypted packages back to a Chinese IP address And did anyone try to corroborate his findings with a simple network sniffer? I would have, but I never purchased an LKETC machine because they pegged their prices to BTC-E and didn't update in real time (meaning it was always overpriced).
|
|
|
|
Easy2Mine
|
|
August 28, 2014, 07:52:24 AM |
|
I think Cryptoceelo is pissed at LKETC, because they didn't give him the password and he has to use an older image with root access. He claimed that the Dragons are stealing hashes or sending encrypted packages back to a Chinese IP address And did anyone try to corroborate his findings with a simple network sniffer? I would have, but I never purchased an LKETC machine because they pegged their prices to BTC-E and didn't update in real time (meaning it was always overpriced). I follow all the command lines on the files and found nothing suspicious, that's how I was able to find out where the hidden files and hidden folders are located. It is possible that I might have overlooked something, I am not an expert in Linux. But from Innosilicon technical specification regarding the Turbo mode of the A1 chip, it is impossible for the Dragon to run 10% more than 1T with only 32 chips. Until Cryptoceelo has upload his rewritten firmware with 10% more hashrate and can proove his findings, he is a BIG LIAR. According to Creeptoceelo, the packages were encrypted, how do he know it was 10% or maybe more hasrate if he can't read the packages content. I pm him regarding simple questions, I got pms back, but when I pm him asking about which IP the packages are sent to, he went silent.
|
|
|
|
dropt
Legendary
Offline
Activity: 1512
Merit: 1000
|
|
August 28, 2014, 04:03:30 PM |
|
Until Cryptoceelo has upload his rewritten firmware with 10% more hashrate and can proove his findings, he is a BIG LIAR.
According to Creeptoceelo, the packages were encrypted, how do he know it was 10% or maybe more hasrate if he can't read the packages content. I pm him regarding simple questions, I got pms back, but when I pm him asking about which IP the packages are sent to, he went silent.
And you're probably right. Just use a computer on the same network as the miner and see what the ethernet traffic is using wireshark. You should be able to see all of the IP's and type of related traffic being accessed over your network.
|
|
|
|
Easy2Mine
|
|
September 02, 2014, 07:54:59 AM |
|
Until Cryptoceelo has upload his rewritten firmware with 10% more hashrate and can proove his findings, he is a BIG LIAR.
According to Creeptoceelo, the packages were encrypted, how do he know it was 10% or maybe more hasrate if he can't read the packages content. I pm him regarding simple questions, I got pms back, but when I pm him asking about which IP the packages are sent to, he went silent.
And you're probably right. Just use a computer on the same network as the miner and see what the ethernet traffic is using wireshark. You should be able to see all of the IP's and type of related traffic being accessed over your network. After following the command lines and reading Innosilicon's specs, I didn't bother to use wireshark in the first place. But to be sure I haven't overlooked anything, I run wireshark yesterday and haven't found anything suspicious.
|
|
|
|
|
|