basil00



Offline



Activity: 60

Merit: 10







MemberActivity: 60Merit: 10 Re: Cheap way to attack blockchain October 31, 2015, 11:57:42 PM #65



Code: OP_IF

0x451e75af

OP_15

OP_CHECKMULTISIG

OP_ENDIF

OP_1



The script is spent by push 0 in the sigScript.



The attacker only generated 960 such outputs, which corresponds to 14400 sigOps, which is not enough even to fill a block. Furthermore the fee rate for the transactions was not very high (37sat/byte), meaning that most normal traffic would be unaffected anyway. So overall this attack had no affect. Maybe this was a test?

It appears that someone launched a limited form of this attack using the address 3G83ox5zw7D6eySoSMCervh9cbhMXdA5t9 . The address corresponds to the script:The script is spent by push 0 in the sigScript.The attacker only generated 960 such outputs, which corresponds to 14400 sigOps, which is not enough even to fill a block. Furthermore the fee rate for the transactions was not very high (37sat/byte), meaning that most normal traffic would be unaffected anyway. So overall this attack had no affect. Maybe this was a test?

Bifta



Offline



Activity: 182

Merit: 100







Full MemberActivity: 182Merit: 100 Re: Cheap way to attack blockchain November 02, 2015, 12:26:23 AM #67 Quote from: makcik on November 01, 2015, 02:38:26 PM Blockchain have been providing some best wallet services for bitcoins. They're famous for their features, security and privacy, but now some cheap hackers Have tried some typical tricks for hacking the blockchain system. What they used were some fake proxy servers for gaining access to the wallets. They have been successful a few times. But, no longer now as blockchain made their system more secure and strong.

That is just not the right blockchain. Please stop confusing blockchain.info for that actual Bitcoin Blockchain. They are two different things. We are talking about the bitcoin blockchain here, and how to spam and perform a DoS attack against full nodes which download the entire blockchain. Also, please read the thread before posting, we don't want your spam here. That is just not the right blockchain. Please stop confusing blockchain.info for that actual Bitcoin Blockchain. They are two different things. We are talking about the bitcoin blockchain here, and how to spam and perform a DoS attack against full nodes which download the entire blockchain. Also, please read the thread before posting, we don't want your spam here.

Decoded



Offline



Activity: 1232

Merit: 1024





give me your cryptos







LegendaryActivity: 1232Merit: 1024give me your cryptos Re: Cheap way to attack blockchain November 04, 2015, 04:47:56 AM #68 What do people have against bitcoin? It's a revolutionary new currency, and people are trying to use it to hurt other bitcoiners.



You're advertising a service to ruin the experience for other bitcoiners, on the official forum where all the bitcoiners come.



Am I missing something? looking for a signature campaign, dm me for that

DuddlyDoRight



Offline



Activity: 318

Merit: 250









Sr. MemberActivity: 318Merit: 250 Re: Cheap way to attack blockchain November 04, 2015, 05:47:46 AM #69 Be thankful people are doing free security research.. The more they achieve the harder BTC is to hack because it leads to mitigations and patches even if they are blackhat..



Even a really complex algorithmic attack on the block-chain will reveal design flaws that can be fixed and someone will bankrupt a lot of tumblers trying to convert stolen coins.. There are probably companies and criminal groups all over the world with talented people looking for this right now; probably mostly in Russia and China.. I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.

basil00



Offline



Activity: 60

Merit: 10







MemberActivity: 60Merit: 10 Re: Cheap way to attack blockchain November 05, 2015, 01:21:44 AM #70 successfully launched another attack. This time using the address



Code: OP_IF 0x42412fb4 OP_15 OP_CHECKMULTISIG OP_ENDIF OP_1

This time the attacker managed to successfully fill the 20,000 sigOp limit for block



The new attack was limited to a single block. Also the attacker used a low fee rate of ~18sat/byte. A higher fee rate would have made the attack for effective (but more expensive). Looks like the attacker haslaunched another attack. This time using the address 3EgSUauJG5N27AUfQwiUfjAhHe6y9AKdVs corresponding to the script:This time the attacker managed to successfully fill the 20,000 sigOp limit for block #382053 , where 1245x15 = 18675 are fake sigOps arising from the attack transactions. This meant that no more transactions (legitimate or otherwise) could be included in the block, leading to an underfull block of ~288KB (of which ~68KB are the attack txs). Note that the network is currently running at capacity, with 1MB or 750KB blocks the norm.The new attack was limited to a single block. Also the attacker used a low fee rate of ~18sat/byte. A higher fee rate would have made the attack for effective (but more expensive).

erickimani



Offline



Activity: 42

Merit: 0







NewbieActivity: 42Merit: 0 Re: Cheap way to attack blockchain November 05, 2015, 08:40:31 PM #71 we can never be secure anywhere. will just depend on luck and other firms that offer cyber security to protect us from scams..Haha. especially from you guys who understand the language of programming. Be good.

DuddlyDoRight



Offline



Activity: 318

Merit: 250









Sr. MemberActivity: 318Merit: 250 Re: Cheap way to attack blockchain November 08, 2015, 12:33:28 AM

Last edit: November 08, 2015, 04:11:51 AM by DuddlyDoRight #73 Quote from: basil00 on November 05, 2015, 01:21:44 AM successfully launched another attack. This time using the address



Code: OP_IF 0x42412fb4 OP_15 OP_CHECKMULTISIG OP_ENDIF OP_1

This time the attacker managed to successfully fill the 20,000 sigOp limit for block



The new attack was limited to a single block. Also the attacker used a low fee rate of ~18sat/byte. A higher fee rate would have made the attack for effective (but more expensive).

Looks like the attacker haslaunched another attack. This time using the address 3EgSUauJG5N27AUfQwiUfjAhHe6y9AKdVs corresponding to the script:This time the attacker managed to successfully fill the 20,000 sigOp limit for block #382053 , where 1245x15 = 18675 are fake sigOps arising from the attack transactions. This meant that no more transactions (legitimate or otherwise) could be included in the block, leading to an underfull block of ~288KB (of which ~68KB are the attack txs). Note that the network is currently running at capacity, with 1MB or 750KB blocks the norm.The new attack was limited to a single block. Also the attacker used a low fee rate of ~18sat/byte. A higher fee rate would have made the attack for effective (but more expensive).

Worse case scenerio: Buffer Overflow->Code Execution in poorly coded clients. I doubt this person would have the skill to do that espesiaclly since it requires brute forcing with weak hashes for shellcode which is next to impossible unless you have super-computers like a gov...



dos will just cause repo commits fixing the handler routines within 72 hours on popular clients..



EDIT: BTC Blockchain and core-implementation have a huge attack surface and design spec. I bet most wallets and miners don't even bounds check and have strict spec handling without error handling. Worse case scenerio: Buffer Overflow->Code Execution in poorly coded clients. I doubt this person would have the skill to do that espesiaclly since it requires brute forcing with weak hashes for shellcode which is next to impossible unless you have super-computers like a gov...dos will just cause repo commits fixing the handler routines within 72 hours on popular clients..EDIT: BTC Blockchain and core-implementation have a huge attack surface and design spec. I bet most wallets and miners don't even bounds check and have strict spec handling without error handling. I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.

kbtakbta



Offline



Activity: 1

Merit: 0







NewbieActivity: 1Merit: 0 Re: Cheap way to attack blockchain November 09, 2015, 11:51:09 AM #75 Hi,



im not a technical guy, but i would fear to use a system, running on a not a self-devloped op. system. Since Snowden we know, how the US try to keep up his superiority above the net. It is possible to defect some of the major op.systems, so large part of the Bitcon system can be compromised on the next op.system update. The Bitcoin Core only a program running above the op. system.

DuddlyDoRight



Offline



Activity: 318

Merit: 250









Sr. MemberActivity: 318Merit: 250 Re: Cheap way to attack blockchain November 09, 2015, 08:27:56 PM #76 Quote from: basil00 on November 08, 2015, 05:18:00 AM Quote from: DuddlyDoRight on November 08, 2015, 12:33:28 AM Worse case scenerio: Buffer Overflow->Code Execution in poorly coded clients.

This is a specific DoS attack vector that has nothing to do with buffer overflows.



The worse case scenario is that no transactions are confirmed for a while until centralized mining intervenes.

This is a specific DoS attack vector that has nothing to do with buffer overflows.The worse case scenario is that no transactions are confirmed for a while until centralized mining intervenes.

It depends on what controls the allocation in code. If it's secure it puts x bytes in a x bytes buffer after a verified pointer in meta data with no parsing except after allocation of said buffer. Otherwise it can likely be exploited for code execution through malicious hashing&encoding.



Even if it's not the case here with the reference implementation, that doesn't mean it's not the case with other full clients.



If we're going to raise alerts over dos and block spamming I could easily post a python script that fork-spams the block-chain and bloats it with orphan blocks. I'm more interested in programming flaws though and not the genius currency design that changes hundredths at second intervals and has arbitrary fees..



EDIT: I only mention it because it's obvious that the reference implementation and all the clients based on it just blindly allocate and mine on the block-chain.. At some point malicious people will exploit it.. It depends on what controls the allocation in code. If it's secure it puts x bytes in a x bytes buffer after a verified pointer in meta data with no parsing except after allocation of said buffer. Otherwise it can likely be exploited for code execution through malicious hashing&encoding.Even if it's not the case here with the reference implementation, that doesn't mean it's not the case with other full clients.If we're going to raise alerts over dos and block spamming I could easily post a python script that fork-spams the block-chain and bloats it with orphan blocks. I'm more interested in programming flaws though and not the genius currency design that changes hundredths at second intervals and has arbitrary fees..I only mention it because it's obvious that the reference implementation and all the clients based on it just blindly allocate and mine on the block-chain.. At some point malicious people will exploit it.. I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.