elective-stereophonic
elective-stereophonic
NXT Account Miner - New Version
Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Stable Nxt Client: Nxt 1.11.15 | Latest Experimental Nxt Client: Nxt 1.12.0e

Pages: [1] 2 3 ... 13  All

Author Topic: NXT Account Miner - New Version  (Read 27923 times)

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
NXT Account Miner - New Version
« on: April 20, 2014, 01:14:11 pm »

I just noticed, the NXT Thread on bitcointalk.org has been suspended.

After I confirmed with the devs, that such tool is perfectly fine and accepted, I would like to present you the latest version of the account miner of HiberNXT accounts:



NEW FEATURES:
  • Multithreaded, AUTOMATIC CALIBRATION OF BEST PARALLEL THREADS NUMBER FOR YOUR CPU
  • Each thread has it's own nonce so it is working on a complete different area of the address space
  • Faster implementation of logic
  • Able to check many acounts parallely without speed decrease

WHAT WE ARE STILL MISSING:
  • The result is just the nonce + an offset written to a file. We need to automatically generate the "shared secret".
  • We have to make it even faster

IS THERE A LIST OF UNSECURED ACCOUNT ID's?:
Yes: http://nopaste.info/4dde524b73.html

IT IS OPEN SOURCE:
https://github.com/litecoin-extras/nxt-account-miner

CURRENT BENCHMARKS:
  • 6 Threads on AMD FX(tm)-8350 Eight-Core Processor: 15 Million tries per second
  • 8 Threads on  Intel(R) Core(TM) i7-3770T CPU @ 2.50GHz: 9 Million tries per second

DEPENDENCIES:
  • 64bit CPU/OS
  • build-essential package (ubuntu) or on other systems the full compiler suite including assembler
  • libncurses5-dev

HOW TO RUN:
  • edit the thread number, and the target in bruteforcer.c
  • then just execute ./make.sh
  • make sure the program is executable, by running "chmod +x bruteforcer"
  • ... and run the program by ./bruteforcer

NOW LET US JOINTLY IMPROVE THIS SOFTWARE!! THE MORE PEOPLE WORK ON IT, THE BETTER IT WILL BECOME.
« Last Edit: April 21, 2014, 01:52:09 pm by Evil-Knievel »
Logged

Gr4ssh0pper

  • Jr. Member
  • **
  • Karma: +8/-0
  • Offline Offline
  • Posts: 78
  • NXT-8573-EJTH-JSWS-GH5FG
    • View Profile
Re: NXT Account Miner - New Version
« Reply #1 on: April 20, 2014, 01:40:03 pm »

The question is: Why should we improve this software which could crack our accounts?
Logged
Donations for development of NXTkey appreciated!      NXT-8573-EJTH-JSWS-GH5FG

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
Re: NXT Account Miner - New Version
« Reply #2 on: April 20, 2014, 01:40:47 pm »

The question is: Why should we improve this software which could crack our accounts?

It can't crack your "regular" accounts - it is for HiberNXT (or DarkNXT if you like) only.
This means lost NXT, which the developers want to be "mined".
Logged

Gr4ssh0pper

  • Jr. Member
  • **
  • Karma: +8/-0
  • Offline Offline
  • Posts: 78
  • NXT-8573-EJTH-JSWS-GH5FG
    • View Profile
Re: NXT Account Miner - New Version
« Reply #3 on: April 20, 2014, 01:52:17 pm »

Quote
DarkNXT

Occasionally, someone sends Nxt to an account that nobody is using. Since these Nxt are "locked" until the passphrase for that account is discovered and used, the Nxt in the account is referred to as "DarkNXT".

Ahhh, I see. Cool. So this is only possible because these accounts have no outgoing transactions and a weaker "security state"?! Is there a list with DarkNXT accounts?

Edit: http://wiki.nxtcrypto.org/wiki/Glossary rules (-;
Logged
Donations for development of NXTkey appreciated!      NXT-8573-EJTH-JSWS-GH5FG

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
Re: NXT Account Miner - New Version
« Reply #4 on: April 20, 2014, 02:03:24 pm »

Quote
DarkNXT

Occasionally, someone sends Nxt to an account that nobody is using. Since these Nxt are "locked" until the passphrase for that account is discovered and used, the Nxt in the account is referred to as "DarkNXT".

Ahhh, I see. Cool. So this is only possible because these accounts have no outgoing transactions and a weaker "security state"?! Is there a list with DarkNXT accounts?

Exactly.
I have found a list of DarkNXT in another thread here on this forum:
http://nopaste.info/4dde524b73.html

There are some interesting accounts worth 500 BTC and more there.
Logged

Gr4ssh0pper

  • Jr. Member
  • **
  • Karma: +8/-0
  • Offline Offline
  • Posts: 78
  • NXT-8573-EJTH-JSWS-GH5FG
    • View Profile
Re: NXT Account Miner - New Version
« Reply #5 on: April 20, 2014, 02:13:36 pm »

There are some interesting accounts worth 500 BTC and more there.

O.M.G.

 
Logged
Donations for development of NXTkey appreciated!      NXT-8573-EJTH-JSWS-GH5FG

Gr4ssh0pper

  • Jr. Member
  • **
  • Karma: +8/-0
  • Offline Offline
  • Posts: 78
  • NXT-8573-EJTH-JSWS-GH5FG
    • View Profile
Re: NXT Account Miner - New Version
« Reply #6 on: April 20, 2014, 02:29:10 pm »

So, with 15 Million tries per second, how long will it take to crack a DarkNXT account? And have you been successful with one of these accounts?

By the way, there is a typo in your software. It should be "elapsed time" (-;
Logged
Donations for development of NXTkey appreciated!      NXT-8573-EJTH-JSWS-GH5FG

Yerordyl

  • Jr. Member
  • **
  • Karma: +0/-0
  • Offline Offline
  • Posts: 20
    • View Profile
Re: NXT Account Miner - New Version
« Reply #7 on: April 20, 2014, 05:46:18 pm »

What happens when you stop the client? I mean, does it start back from where it was or starts all over again?
Logged

Neomadra

  • Sr. Member
  • ****
  • Karma: +37/-6
  • Offline Offline
  • Posts: 441
    • View Profile
Re: NXT Account Miner - New Version
« Reply #8 on: April 20, 2014, 07:28:11 pm »

Have you found such accounts already? What if thousands of people use this software and improve it such that the software always generate 'untested' passphrases? Could it be that accounts with strong passphrases getting cracked? There are nice calculations that a safe passphrase can't be cracked in million years but is this still valid if thousands of people use such tools and the tools getting better?
Logged

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
Re: NXT Account Miner - New Version
« Reply #9 on: April 20, 2014, 07:36:23 pm »

What happens when you stop the client? I mean, does it start back from where it was or starts all over again?

The search space is not searched "sequentially", but more from a random point in the search space. If you restart the program, it will begin from a different point in search space. The chances are always equal, so there is no need to memorize the last point that was checked.
Logged

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
Re: NXT Account Miner - New Version
« Reply #10 on: April 20, 2014, 07:40:45 pm »

Have you found such accounts already?

No  ;) I am just developing this software and not running it myself.

Quote
There are nice calculations that a safe passphrase can't be cracked in million years but is this still valid if thousands of people use such tools and the tools getting better?

The thing is, that we are not targeting the "real" accounts with 256 bit private keys, but the HiberNXT accounts that only have 64 bits of entropy. This way there are dozens of public/private key pairs that match the wanted account number.
I have no calculations how long this would take, though. Let me do a quick "math".

64 bit means basically 18446744073709551616 different tries. On average you would need half that much.
Let us assume every one has 10 computers which do a total of 150.000.000 tries per second. Further lets assume we have 1000 users using it. This would mean on average, after 10000000 seconds an account would be cracked. Most likely a lot faster.

I am sure we can make this software a lot better, so we can get closer to 1000 or 10000 seconds. You must understand the current GIT status as the first proof of concept, from where we can start improving.

NOTE: This calculation is for 1 Account only, as we have around 15000 Hibernxt accounts, it would take 10000000/15000 = 600 seconds to hit any one of them. It is pretty fast imho.

TODO: At the current stage, the software is not able to check for multiple accounts simultaneously. This fix should be a quick one though. Feel free to forge and hack.
« Last Edit: April 20, 2014, 07:43:49 pm by Evil-Knievel »
Logged

Neomadra

  • Sr. Member
  • ****
  • Karma: +37/-6
  • Offline Offline
  • Posts: 441
    • View Profile
Re: NXT Account Miner - New Version
« Reply #11 on: April 20, 2014, 07:52:40 pm »

That is very interesting. I will try that out on OpenSuse.  :)
Logged

Eadeqa

  • Hero Member
  • *****
  • Karma: +83/-68
  • Offline Offline
  • Posts: 1888
    • View Profile
Re: NXT Account Miner - New Version
« Reply #12 on: April 20, 2014, 07:54:44 pm »

So, with 15 Million tries per second, how long will it take to crack a DarkNXT account? And have you been successful with one of these accounts?

If you are targeting just one account, average would be 20,000 years.

15 million isn't enough.

it needs to be 1 trillion per second to bring average to 3 months for one account.

However, if you are targeting 15K accounts all together at the same time, you have better odds, but 15 million still isn't enough. It needs to be more than 1 billion at least to be profitable. 
« Last Edit: April 20, 2014, 07:57:00 pm by Eadeqa »
Logged
NXT-GZYP-FMRT-FQ9K-3YQGS

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
Re: NXT Account Miner - New Version
« Reply #13 on: April 20, 2014, 07:55:03 pm »

That is very interesting. I will try that out on OpenSuse.  :)

If you need any help or explanations, no matter if related to the source code or the installation process, just give me a shout.
I hope to get as many people interested in this as possible.  ;)
Logged

intmain

  • Full Member
  • ***
  • Karma: +33/-4
  • Offline Offline
  • Posts: 116
    • View Profile
Re: NXT Account Miner - New Version
« Reply #14 on: April 20, 2014, 07:55:18 pm »

Either way, I'm glad my password is 100 near-truly random characters.

Logged

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
Re: NXT Account Miner - New Version
« Reply #15 on: April 20, 2014, 07:58:39 pm »

Either way, I'm glad my password is 100 near-truly random characters.

This is not related to the password strength in any manner.
If you have secured your account (meaning at least one outgoing transaction) this software will never ever be able to crack your account.
However accounts with no outgoing transactions (and no forged blocks) are meant (by the developers) to be mined. In this context you do not need to "guess" the original passphrase, but generate an alternate passphrase which maps to the same Account ID. And there are many such collisions.
Logged

Eadeqa

  • Hero Member
  • *****
  • Karma: +83/-68
  • Offline Offline
  • Posts: 1888
    • View Profile
Re: NXT Account Miner - New Version
« Reply #16 on: April 20, 2014, 08:00:00 pm »

Either way, I'm glad my password is 100 near-truly random characters.

This has nothing to do with password. You can have million char password, but until outgoing transaction is made, the account is protected by 64 bits account ID.

Plus your account max strength ever is Curve25519 public key, which can be cracked in 128 bits operation (that's a lot lower than your 100 char password).
Logged
NXT-GZYP-FMRT-FQ9K-3YQGS

Neomadra

  • Sr. Member
  • ****
  • Karma: +37/-6
  • Offline Offline
  • Posts: 441
    • View Profile
Re: NXT Account Miner - New Version
« Reply #17 on: April 20, 2014, 08:16:22 pm »

That is very interesting. I will try that out on OpenSuse.  :)

If you need any help or explanations, no matter if related to the source code or the installation process, just give me a shout.
I hope to get as many people interested in this as possible.  ;)

Where exactly do I have to edit the thread number? And how do I find out the target account number?
Do I have to compile your files? When I enter ./make.sh in OpenSuse it tells me:
./make.sh: Zeile 2: as: Kommando nicht gefunden. (In English: "line 2: as: Command not found")
./make.sh: Zeile 3: gcc: Kommando nicht gefunden.
./make.sh: Zeile 4: gcc: Kommando nicht gefunden.
Any ideas? OS is 64bit and libncurses5-dev is installed.
I'm Noob in Linux but thanks in advance. :)

edit: Now it works with the bash command but now it says: bruteforcer.c:7:21: fatal error: ncurses.h:
'file or directory not found
 #include <ncurses.h>
                     ^
compilation terminated.'

edit2: I installed another version of ncurses and now the error disappeared but not unfortunately it displays several error in the code.

edit3: I made it work now!
I have just one question left now: Where can one set the number of threads in the code?
So far: good job!
« Last Edit: April 21, 2014, 10:36:20 am by Neomadra »
Logged

pandaisftw

  • Full Member
  • ***
  • Karma: +12/-1
  • Offline Offline
  • Posts: 142
    • View Profile
Re: NXT Account Miner - New Version
« Reply #18 on: April 20, 2014, 08:16:39 pm »

Where can we get a list of accounts without public IDs? 

Evil-Knievel

  • Jr. Member
  • **
  • Karma: +8/-3
  • Offline Offline
  • Posts: 48
    • View Profile
Re: NXT Account Miner - New Version
« Reply #19 on: April 20, 2014, 08:21:07 pm »

Where can we get a list of accounts without public IDs?

http://nopaste.info/4dde524b73.html

First column is the account ID, second column is the number of NXT (divide by 100 though) available.

If you like to patch in the functionality to check multiple accounts at the same time, feel fee to fork and hack.
And then, please do an upstream commit  ;)
Logged
Pages: [1] 2 3 ... 13  All
 

elective-stereophonic
elective-stereophonic
assembly
assembly