How to crack a picture and (not) get BTC
My attention was attracted by the work of American artist Andy Bach (Andy Bauch) in the form of paintings from Lego blocks. According to the author, the private keys to the purses of various cryptocurrencies, including Bitcoin, are encrypted in them. The cost of assets and addresses of the purses are on the page newmoney.andybauch.com
Challenge accepted
For example, take the most visual picture of Bitcoin Initially Valued at $ 60.
')
It encrypts the private key to the address 1HvEJG5JR84MVpncXcDVBqx65uY5odr6fP which contained ~ 0.14 Bitcoin (~ $ 1200).
On blockchain.info we see the text prompt “Radix 6”, remember it and move on.
With a keen eye we investigate and notice the following points:
6 characters are not enough to encode a classic WIF or HEX private key in 270 characters, but for a private key there is a mini format, it consists of just 30 characters and works on the principle of a brainwallet - sha256 ("mini_private_key").
A feature of this format is the obligatory beginning with the letter S, an example is S6c56bnXQiBjk9mqSYE7ykVQ7NzrRy.
We’ll look at the picture for the last time and write out all the colors of the squares in the first 30 blocks, with the exception of the blue vertical dividers, for convenience we will mark the colors with one letter: Y = Yellow, G = Gray, R = Red, B = Blue, L = Light Blue, D = Dark Green
It turns out:
We know that the first letter is S, and our coding is 6-digit, so you need to find out which color is responsible for which digit.
For numeric conversions, install the baseconvert package.
Convert the letter S to hexadecimal
With the help of another utility, we will convert the result into a 6-digit encoding.
From this we conclude that
Half of the problem is solved. Since we don’t have so much time, we’ll find the remaining 3 values by brute force, we’ll have a lot of options and immediately write a small script that will generate a private mini-key.
Running ...
According to the mini private key specification, we can verify its validity by adding a question mark to the end and hashing sha256. If the first two characters are zeros, then the key is considered valid.
We were lucky the private key was valid.
Now go to www.bitaddress.org (so faster) and paste the resulting private key into the Wallet Details tab.
We take a private key in WIF format (5KfNkSeQwNgjHr7cRErzDmq5XdUm8qc94YM3iEN5YaMYoA2UGky) and import it into a bitcoin client.
So, what do we have here? ..
Oops ... Someone was quicker and took the prize. However, satisfaction from the solved problem was still obtained.
UPD: $ 20 and $ 30 took SopaXT
Challenge accepted
For example, take the most visual picture of Bitcoin Initially Valued at $ 60.
')
It encrypts the private key to the address 1HvEJG5JR84MVpncXcDVBqx65uY5odr6fP which contained ~ 0.14 Bitcoin (~ $ 1200).
On blockchain.info we see the text prompt “Radix 6”, remember it and move on.
With a keen eye we investigate and notice the following points:
- Squares are only 6 colors, which means that we have 6-character encoding (radix 6)
- Vertical straight lines every 3 squares dividing them into blocks, starting with the first
- The pattern goes from left to right, consists of 30 blocks and then repeats.
6 characters are not enough to encode a classic WIF or HEX private key in 270 characters, but for a private key there is a mini format, it consists of just 30 characters and works on the principle of a brainwallet - sha256 ("mini_private_key").
A feature of this format is the obligatory beginning with the letter S, an example is S6c56bnXQiBjk9mqSYE7ykVQ7NzrRy.
We’ll look at the picture for the last time and write out all the colors of the squares in the first 30 blocks, with the exception of the blue vertical dividers, for convenience we will mark the colors with one letter: Y = Yellow, G = Gray, R = Red, B = Blue, L = Light Blue, D = Dark Green
It turns out:
'YGR', 'LBY', 'LBL', 'YBR', 'LGY', 'YYY', 'LBY', 'YBL', 'YDY', 'LGY', 'GRG', 'GRR', 'GDR', 'LBD', 'LBY', 'YDL', 'LBG', 'YYB', 'LYY', 'GRL', 'YYD', 'YGR', 'YDR', 'LBD', 'GYD', 'YRR', 'GRY', 'GYD', 'GRR', 'LGG' We know that the first letter is S, and our coding is 6-digit, so you need to find out which color is responsible for which digit.
For numeric conversions, install the baseconvert package.
pip install baseconvert Convert the letter S to hexadecimal
echo -n "S" | od -A n -t x1 53 With the help of another utility, we will convert the result into a 6-digit encoding.
python3 -m baseconvert --string true --number 53 --input-base 16 --output-base 6 215 From this we conclude that
Y = 2 G = 1 R = 5 Half of the problem is solved. Since we don’t have so much time, we’ll find the remaining 3 values by brute force, we’ll have a lot of options and immediately write a small script that will generate a private mini-key.
solve.py
#!/usr/bin/python3 import baseconvert values = ['YGR', 'LBY', 'LBL', 'YBR', 'LGY', 'YYY', 'LBY', 'YBL', 'YDY', 'LGY', 'GRG', 'GRR', 'GDR', 'LBD', 'LBY', 'YDL', 'LBG', 'YYB', 'LYY', 'GRL', 'YYD', 'YGR', 'YDR', 'LBD', 'GYD', 'YRR', 'GRY', 'GYD', 'GRR', 'LGG'] replace = {'Y':'2', 'G':'1', 'R':'5', 'B':'0', 'L':'3', 'D':'4'} # key = [] base = 6 for char in values: for i, j in replace.items(): char = char.replace(i, j) v = baseconvert.base(char, base, 16, string=True) v = bytearray.fromhex(v).decode('ascii') key.append(v) print(''.join(key)) Running ...
python3 solve.py SnoMtVnKbtCGApncmTzEXSep4kD4Gs According to the mini private key specification, we can verify its validity by adding a question mark to the end and hashing sha256. If the first two characters are zeros, then the key is considered valid.
echo -n SnoMtVnKbtCGApncmTzEXSep4kD4Gs? | sha256sum 00edc14de4c175a2a8ccb213e4d5deee738782a8213c25328a7b035d3c728866 We were lucky the private key was valid.
Now go to www.bitaddress.org (so faster) and paste the resulting private key into the Wallet Details tab.
We take a private key in WIF format (5KfNkSeQwNgjHr7cRErzDmq5XdUm8qc94YM3iEN5YaMYoA2UGky) and import it into a bitcoin client.
So, what do we have here? ..
Oops ... Someone was quicker and took the prize. However, satisfaction from the solved problem was still obtained.
UPD: $ 20 and $ 30 took SopaXT
Source: https://habr.com/ru/post/352014/
All Articles