Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Technical Support
Re: Why has my newly created Bitcoin address already been used?
by
TacoDog
on 17/05/2020, 17:55:00 UTC
Quote from: SimpleVv0 on May 16, 2020, 08:36:37 PM
It's obviously scam, person who bought walletgenerator, has also bitcoinpaperwallet.

After some research, please look at this:
https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961

and then you can find directory listing is enabled:
https://bitcoinpaperwallet.com/bitcoinpaperwallet/

and finally this modified website:
https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-walletfe23t9u2fhjnj3f32.html

random generator is broken in same way as in the article:
Code:
        var coinImgUrl = "https://bitcoinpaperwallet.com/bitcoinpaperwallet/images/logo-" + whichDesign + ".png";
...
        var base64 = "data:image/png;base64," + btoa([].reduce.call(new Uint8Array(this.response),function(p,c){return p+String.fromCharCode(c)},''));
                for(var i = 0; i < base64.length; i++)
                {
                    if(i+3 < base64.length)
                    {
                        if(base64.charCodeAt(i) != 0 && base64.charCodeAt(i+1) != 0 && base64.charCodeAt(i+2) != 0 && base64.charCodeAt(i) != 1 && base64.charCodeAt(i+1) != 1 && base64.charCodeAt(i+2) != 1)
                        {
                            SecureRandom.seedInt((base64.charCodeAt(i) * base64.charCodeAt(i+1) * base64.charCodeAt(i+2))*(i+1));
                        }
                    }
                }
                SecureRandom.loaded = 1;
            };

So, beware of bitcoinpaperwallet.com and walletgenerator.net, they will steal your coins !!!



Question Good Sirs!

Downloading those sites, running them offline, and only using the "Wallet Details" to enter your dice made HEX PrivKey to get your address, should be ok, right?

Or what would be the best option to get an address from an HEX PrivKey?

Awesome work discovering this! much thanks!