flound1129
|
|
August 09, 2014, 06:07:41 PM |
|
So is it confirmed that the tainted code was only in recent builds? If so, how long ago did it happen?
According to LiteSaber, the tainted code was in the most recent binaries which were linked from another site (minersforwindows.com)
|
Multipool - Always mine the most profitable coin - Scrypt, X11 or SHA-256!
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
Piotrsama
|
|
August 09, 2014, 09:08:03 PM |
|
He is also the creator of Shire Coin, which is a scam because it uses the same code to steal coins if you download the wallet.
How can I check that? I downloaded that qt some time ago, so it probably stole my encrypted wallet.dat (haven't lost coins, but still want to know if I should consider the wallet compromised) I tried decompiling it, but it says it isn't a .net program. What did you use to view the code? Thanks.
|
|
|
|
chnchapters
Member
Offline
Activity: 106
Merit: 10
|
|
August 09, 2014, 09:39:06 PM |
|
I used HexRays/IDA I can show you exactly how I did when I get off work, the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
|
|
|
|
Piotrsama
|
|
August 09, 2014, 11:59:59 PM |
|
I used HexRays/IDA I can show you exactly how I did when I get off work, the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
Sure, when you can. I'm using idaq.exe (i guess that's the program you mention). I selected the shirecoin-qt.exe and let it analyze it (with default options), but when I tried to go to pseudo code, it told me "decompilation failure" If I choose binary --> processor type Microsoft - net. Then it says it can't identify the entry point. And I get to see hex crap. Can't view pseudo code mode. Well, first time using this program, so maybe there's some trick. Thanks.
|
|
|
|
omgbossis21
|
|
August 10, 2014, 12:43:47 AM |
|
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
|
|
|
|
Piotrsama
|
|
August 10, 2014, 01:09:18 AM |
|
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
I'm trying to decompile the shirecoin-qt.exe (not sure if possible). chnchapters said he saw the code, and that it steals the wallets like the miner.
|
|
|
|
Piotrsama
|
|
August 14, 2014, 01:03:30 AM |
|
I used HexRays/IDA I can show you exactly how I did when I get off work, the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
Sure, when you can. I'm using idaq.exe (i guess that's the program you mention). I selected the shirecoin-qt.exe and let it analyze it (with default options), but when I tried to go to pseudo code, it told me "decompilation failure" If I choose binary --> processor type Microsoft - net. Then it says it can't identify the entry point. And I get to see hex crap. Can't view pseudo code mode. Well, first time using this program, so maybe there's some trick. Thanks. @chnchapters: Don't forget, thanks.
|
|
|
|
Xelpherpolis
|
|
August 17, 2014, 02:36:12 AM |
|
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
I'm trying to decompile the shirecoin-qt.exe (not sure if possible). chnchapters said he saw the code, and that it steals the wallets like the miner. Never ever use precompiled binaries of altcoins, always check the code on github first. Any closed source altcoins can not be trusted either.
|
|
|
|
BrianM
|
|
August 18, 2014, 09:10:04 AM |
|
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
I'm trying to decompile the shirecoin-qt.exe (not sure if possible). chnchapters said he saw the code, and that it steals the wallets like the miner. Never ever use precompiled binaries of altcoins, always check the code on github first. Any closed source altcoins can not be trusted either. To difficult for average user. I have no idea how to do that kinda shit, just instal and launch, that is the only way to go!
|
|
|
|
|
jmintuck
|
|
September 12, 2014, 06:10:55 PM |
|
That's it. I am NOT gonna trust this shit until I hear differently about CLEAN and dependable files with FULL and EXPLICIT clearance. This is so bad.
|
|
|
|
Blisk
|
|
November 20, 2014, 07:59:47 AM |
|
where I can download clean of viruses miner which is compilled for x11 and x13?
|
|
|
|
nicehash
Legendary
Offline
Activity: 885
Merit: 1006
NiceHash.com
|
|
November 20, 2014, 08:27:24 AM |
|
where I can download clean of viruses miner which is compilled for x11 and x13?
Here you can download trustworthy windows/linux sgminer and cgminer binaries: https://www.nicehash.com/software/#sgminer
|
|
|
|
Blisk
|
|
November 20, 2014, 08:45:41 AM |
|
ok thanks I see that above. How to setup X11 I didn't see kernel for that?
|
|
|
|
|