From 29874443e838e16b38a44a6417f8a5ffb0d7b8fc Mon Sep 17 00:00:00 2001 From: Christian Reitter Date: Sun, 15 Dec 2024 20:39:12 +0100 Subject: [PATCH] Add notes, some example keys, some addresses from writeups --- .../README.md | 5 +++++ mt19937__bx_pattern/BIP39/README.md | 18 ++++++++++++++++++ mt19937__bx_pattern/README.md | 5 +++++ .../BIP39/256bit/README.md | 5 +++++ ...esses_bitcoin_large_transaction_amounts.txt | 9 +++++++++ mt19937__trust_wallet_pattern/README.md | 5 +++++ 6 files changed, 47 insertions(+) create mode 100644 LCG16807_MINSTD_RAND0__trezor_crypto_pattern/README.md create mode 100644 mt19937__bx_pattern/BIP39/README.md create mode 100644 mt19937__bx_pattern/README.md create mode 100644 mt19937__trust_wallet_pattern/BIP39/256bit/README.md create mode 100644 mt19937__trust_wallet_pattern/BIP39/256bit/selected_addresses_bitcoin_large_transaction_amounts.txt create mode 100644 mt19937__trust_wallet_pattern/README.md diff --git a/LCG16807_MINSTD_RAND0__trezor_crypto_pattern/README.md b/LCG16807_MINSTD_RAND0__trezor_crypto_pattern/README.md new file mode 100644 index 0000000..8ef3cb7 --- /dev/null +++ b/LCG16807_MINSTD_RAND0__trezor_crypto_pattern/README.md @@ -0,0 +1,5 @@ +# Description + +Vulnerable wallet range of Trust Wallet on iOS with CVE-2024-23660. + +See https://milksad.info/posts/research-update-5/ for details. \ No newline at end of file diff --git a/mt19937__bx_pattern/BIP39/README.md b/mt19937__bx_pattern/BIP39/README.md new file mode 100644 index 0000000..3282bde --- /dev/null +++ b/mt19937__bx_pattern/BIP39/README.md @@ -0,0 +1,18 @@ +# Mersenne Twister 32 bit seeding | bx consumption pattern | BIP39 + + +## Example private keys without victim funds + +### 128 bit = 12 Word Mnemonic + +| PRNG seed id | Mnemonic | +| - | - | +|`0x8ec170a8`|`local chef load churn future essence type leave program weird ancient owner`| + +### 256 bit = 24 Word Mnemonic + +| PRNG seed id | Mnemonic | +| - | - | +|`0`|`milk sad wage cup reward umbrella raven visa give list decorate bulb gold raise twenty fly manual stand float super gentle climb fold park`| +|`1`|`helmet worry describe able age zebra neutral load gown kitchen stomach fine galaxy shaft giant head question coyote broccoli scatter parrot session quick check`| +|`4294967294`|`lunar stage lake brick endless quit dignity odor disagree jaguar step scan announce glide slow way response upon divorce wave amazing tonight giggle love`| diff --git a/mt19937__bx_pattern/README.md b/mt19937__bx_pattern/README.md new file mode 100644 index 0000000..1861878 --- /dev/null +++ b/mt19937__bx_pattern/README.md @@ -0,0 +1,5 @@ +# Mersenne Twister 32 bit seeding | bx PRNG consumption pattern | BIP39 + +See https://milksad.info/disclosure.html for 32 bit to 8 bit output truncation PRNG consumption pattern details. + +The `libbitcoin-explorer` tool `bx` is very flexible and can create BIP39 and non-BIP39 keys of different key sizes. However, there may be other vulnerable software which does so. \ No newline at end of file diff --git a/mt19937__trust_wallet_pattern/BIP39/256bit/README.md b/mt19937__trust_wallet_pattern/BIP39/256bit/README.md new file mode 100644 index 0000000..b84fd82 --- /dev/null +++ b/mt19937__trust_wallet_pattern/BIP39/256bit/README.md @@ -0,0 +1,5 @@ +# Details + +Weak wallet range with extremely high value transactions in the history. + +See https://milksad.info/posts/research-update-7/. \ No newline at end of file diff --git a/mt19937__trust_wallet_pattern/BIP39/256bit/selected_addresses_bitcoin_large_transaction_amounts.txt b/mt19937__trust_wallet_pattern/BIP39/256bit/selected_addresses_bitcoin_large_transaction_amounts.txt new file mode 100644 index 0000000..239acf1 --- /dev/null +++ b/mt19937__trust_wallet_pattern/BIP39/256bit/selected_addresses_bitcoin_large_transaction_amounts.txt @@ -0,0 +1,9 @@ +32vpyd3jos4mEe8CmBnreRRXJJnwLMF3Gn +338uPVW8drux5gSemDS4gFLSGrSfAiEvpX +34Jpa4Eu3ApoPVUKNTN2WeuXVVq1jzxgPi +35v6FmTJSChgwcH6tgAwCwsEj315bvq3tB +36UNrMNN3xk1dTfqCWAPmrfBXA2gykCPBK +3J4sTPyD1g6KvNUSJxjwLs4iaPeDPqxUZr +3JJ8b7voMPSPChHazdHkrZMqxC7Cb4vNk2 +3Pja5FPK1wFB9LkWWJai8XYL1qjbqqT9Ye +3PWNGS2357TnjRX7FpewqR3e3qsWwpFrJH \ No newline at end of file diff --git a/mt19937__trust_wallet_pattern/README.md b/mt19937__trust_wallet_pattern/README.md new file mode 100644 index 0000000..cf8a711 --- /dev/null +++ b/mt19937__trust_wallet_pattern/README.md @@ -0,0 +1,5 @@ +# Mersenne Twister | Trust Wallet PRNG consumption pattern + +See https://milksad.info/disclosure.html for 32 bit to 8 bit output truncation PRNG consumption pattern details. + +Note that Trust Wallet is our reference name for this pattern since we first encountered it with CVE-2023-31290. The vulnerable Trust Wallet software in question cannot generate all sub-ranges and key sizes listed in this group. \ No newline at end of file