A project for hacking crypto wallets protected with naive mnemonics.
See https://www.badykov.com/common/hack/
For each blockchain, it does the following:
- Generates 10_240 master keys from naive mnemonics
- Derives a fixed number of private keys from the master keys
- For each generated child key, it generates some addresses according to BIP-32 and BIP44
- Each generated address is checked against a block explorer. Since block explorer APIs are not consistent across all blockchains, the project implements API wrappers for each of them
- If the address is found in a block explorer, it means we succeeded and found a mnemonic that can unlock it
For steps 1 - 3 my crypto wallet library "Cryptopunk" is used, it contains the required logic for generating different types of addresses from public keys.
If available in Hex, the package can be installed
by adding treasure_hunter to your list of dependencies in mix.exs:
def deps do
[
{:treasure_hunter, "~> 0.1.0"}
]
endDocumentation can be generated with ExDoc and published on HexDocs. Once published, the docs can be found at https://hexdocs.pm/treasure_hunter.
SELECT DISTINCT mnemonic, addresses.path FROM mnemonics
INNER JOIN addresses ON mnemonics.id = addresses.mnemonic_id
where addresses.tx_count > 0;alias Cryptopunk.Crypto.Bitcoin
bech32_path = "m/84'/0'"
mnemonic = "word word word word word word word word word word word word"
Enum.map(0..20, fn idx ->
{:ok, path} = Cryptopunk.parse_path(bech32_path <> "/0'/0/#{idx}");
master_key = mnemonic
|> Cryptopunk.create_seed()
|> Cryptopunk.master_key_from_seed()
key = Cryptopunk.derive_key(master_key, path)
Bitcoin.bech32_address(key, :mainnet) |> IO.inspect() |> TreasureHunter.Bitcoin.ExplorerAPI.fetch_info() |> IO.inspect
end)- Bitcoin Gold
- Ethereum
- Binance Smart Chain
- Tron