Re: [ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented
I will now look like a fool, but okay.
I am sure and with my own eyes just observed for several hours.
And so I can say with complete confidence - it is definitely a vulnerability either in you either in your bundle with the expansion of Metamask.
I will describe chronology. Do you think I'm an idiot? Count.
For the time being, until the next user of the YokeLVeit type does not write here and will no longer lose its money.
I hope the yokelveit managed to withdraw my funds (because in his case, if he said, as there is (addresses) - the question of who is faster than his chips, which you will give him - he is either the one who got in the middle).
But we will wait for yokelveit. In the meantime, I can tell you - the matter is neither my old browser tor, nor in bad nodes.
So I'll start.
A couple of hours ago, I wrote and was going to publish the post here. Read it (repeat all actions is already optional).
And yes, I transferred this message to Google .Translate. Therefore, I hope the translations of a lot you will understand in meaning.
-- -- -- --
I found a problem.
And you will be surprised.
Metamask steals your money with chipmixer.
Everyone who has a Metamask extension in any of the browser.
Check.
Go to the white site chipmixer.com
Create a session.
You must be extruded.
On the session page and the 1st step, where you are invited to send a deposit, press one of the 2nd session recovery links: https://chipmixer.com/session/restore/ biyour_session ("Restore Your Session" Top or "Link" DOWN).
Voila, the page reboots, no cappip, the deposit address is different.
Checked 4 Bruery (Chrome, Firefox, Torbrowser Last Version, Torbrowser Older Version)
In the first 4th browsers, Metamask was supplied today. Latest versions.
10.1.1 Chrome From 22.09.2021. 10.1.0 Firefox, Tor Browser Last Version FROM 25.09.2021, 10.1.0 Tor Browser Older Version From 16.09.2021
In V2 & V3 Onion, everything is in order when Metamask is enabled. He steals money only on the white site chipmixer.com.
No torus-browsers and nodes here - I repeat, I tested the Chrome, Firefox browsers, the latest versions on the normal 64-bit system. As well as the latest version of the browser toruster.
Everything happens on chipmixer.com!
The criterion of fakes is the absence of caps, if you click Restore Your Session from above or link below.
ATTENTION - when you turn off or remove Metamask - the old infected version remains hanging on the Chipmixer.com website, if you do not change the IP.
Those. If the Tor Browser is enough to disable the Metamask extension and create a new chain. That in ordinary browsers I had to change IP - and only then chipmixer.com began to issue a version where, when you click on the above references, a pinch was requested and the address for the deposit remained the same.
I noticed this on the last Firefox 92.0.1 dated 09/23/2021 and Chrome 94.0.4606.61. Even after the disconnection, and after removing the extension, Metamask could not achieve in any way so that Chipmixer.com did not change the deposit address without cape (a hundred times restarted browsers and opened both ordinary and private windows).
But I ripped and re-installed the Internet selection. Got a new IP. Chipmixer.com began to issue one deposit address again. This is a completely different computer, where all the latest versions. 64 bits. Etc.
Guard!!!!! Explain to me what is happening
? If I am right - immediately raise the wave and contact Metamask (I, too, but I need confirmation from Chipmixer).
If I stepped and the address for the deposit is issued all the time different and without capping at one session when you press the recovery links of the session - then explain why?
I have stolen money - I am in the network for 30 years and programming the same 30 years. I'm not lamers green. And the point is not in my old 32-bit browser and not my left extensions ...
I detected this garbage exclusion and time tests using this garbage ....
Let's deal with !!!
Yes, chipmixer.com does not always give a capping when creating a session and even during recovery (here it is always) - but the deposit address changes with Metamask - fact.
And yes, probably, your money is stolen - you must definitely press Restore Your Session or Link that I did - I began to change the address, and then I just gave me the coins from which the money was stolen. I have never done this before (and why, if it is enough to refresh the page). And Metamask I have a hundred years and is constantly updated.
But this time I accidentally clicked (and more than once - because the changed address found me by surprise, I immediately revealed) - and as a result, my private key with chipmixer.com was stolen!
Check! I am waiting for a reaction from chipmixer.com developers and from the community.
Maybe I am a fool .. then pull, what am I wrong.
After all, I checked a million times without Metamask - you do not change the address when clicking on 2 links, what I described !!
You ask me about security when I higher proved that it's not about my security - but the fact that there is a vulnerability and someone (Metamask, Chipmixer or someone in the middle) steals other people if:
a. We use white site chipmixer.com
b. In the browser extension costs Metamask
v. We were inappropriately pressed one of the references Restore Your Session or Link (to restore the session)
-- -- -- --
After I checked tens and tens of times and watched this bug, I decided to test, and what would happen if you press not reference - but simply copy the Recovery Recovery link to the browser with the metamask turned on.
I changed the IP address, removed Cookies chipmixer.com (which I did not (!), When I tested and wrote that an angry message).
And now I can not achieve the playback of the bug: - ((
Now it doesn't matter which browser is whether Metamask or not - I'm fine. Constantly when clicking on the links there is a pin and the address one.
Good both in my new white browsers and the newest browser torus on another computer, and in my old one that you blame !!! I also can't repeat the bug with him. These are different PCs.
In short, I am upset, because Already weakly understand what is happening. I began to suspect a bunch of old sessions or cookies standing on white chipmixer.com (because I used to open your site by all mentioned browsers) and Metamask caused a similar vulnerability (but I can not explain why the bug is not reproduced on the newest browser torus - therefore This option must disappear).
Therefore, it is obvious to me that the vulnerability was fixed either Metamask, or you (because I also excluded the nodes).
So you can consider me an idiot. But I think you will understand the text that I do not even Kevin Mitnik, but I understand a little in the technique. There was a time when I was professionally caught vulnerability and sent to developers (and also dealt with opposite activities as you understood).
And I will immediately say - I'm not trying to slander anyone (and it makes no sense to blame, because I have no evidence and support).
Yesterday I thought that someone intervened in the middle and stole my money. And according to my posts you can see that I ask for help to figure out who stole my money in my fault.
Now I am obvious that my guilt is no. You have an obvious somewhere floating vulnerability, which is either found under certain circumstances (when someone and steals chips). Or which was a limited period of time and you have already corrected it (but I said I won't blame you).
Therefore, yes, consider me an idiot and that I felt it.
And I will hope that YokerVeit will come here and finally will write what happened to his money (and I hope he managed to bring them the first attacked in the middle, even though it will put me in the full position of the idiot).
And most importantly, even if he brought (because he is waiting for the issuance of chips - then the question is only who will be ahead of the write-off of funds - he or a rogue) - confirmed that he also changed the addresses. And the main thing - confirmed that he had definitely not an old joy-free browser, but normal and modern.
I Lovig Bug on the old Browser torus (and screenshots thus dropped yesterday, but who cares about, because the browser is old), on the new Browser and Chrome and Mozile, but did not do screenshots, because I was already going to publish that post and did not think that I could not catch the bug again (I repeat, I did this dozens of times within an hour).
Because I am alone and I have no evidence (if only YokeLVeit does not turn on and will not confirm at least that his browsers were in order (and we have one time interval and we are unfamiliar)) - I will look less like a fool.
And if he gets reset chips - my words will be confirmed.
But yes, he registered here, like me, to describe the problem. And maybe generally no longer return here (especially if I got my money in preservation).
In this case, I hope for the conscience of developers that they will write here - how it ended with his situation and take into account that even if he receives money, about his situation with the change of addresses (which he may have described them - although I'm not sure, t. To. It is not important for him)
In the meantime, I can only say - I am a normal person, no one is accused, a programmer, a hundred times before that, who used your service - I lost my money. And after catching this bug on a normal car and browsers, including the newest torus. My guilt in idiochemium using the old version of the Thor is not. Yes, I obviously got a vulnerability, hacking and theft. But certainly not because of the old browser. BC Neither I, nor you still can't understand why. I dare to say - your mixer at least contains, perhaps extremely rarely found, vulnerability.
Well, yes - is it necessary to explain that when I caught a bug - I began to check your version - and in turn turn off / enable extensions - while 100% did not understand that he is due to Metamask. After I began to test another computer, OS and the latest versions of white browsers and the latest version of the browser, also gradually shutting down / including all extensions to 0.
In other words, I wrote that an angry message that is already irrelevant, just as I am sure of 100%. And I repeat, I am a programmer and how the debugging and tests are made - I'm familiar to me.
Well - I will periodically try to catch a bug again (although if it was eliminated - it is meaningless). In the meantime, yes, consider me further an idiot and suggest that I did not confuse Bech32 with Segwit or Legacy (DROMIECHIKITO, thanks for trying to help, but you are not at the address).
--
https://blockchair.com/bitcoin/transaction/2f777ed06e5c2a626243ac8e81b0a4540a77250ec36a1eda6dbb6c5b5709fbd5 - my transaction to chipmixer.com
https://blockchair.com/bitcoin/transaction/28665ad2665bbbc71b7aa5618d0178418393e43cc9ca31d9e781526a896d0922 - Translation of attacking in the middle with 201 satoshi for vbyte
--
I do not advise anyone to use the data mixer and, probably, I will go to Komodo | Pivx | Dash | Monero | zcash | etc. And I described the reason. If someone thinks I invented it. I'm sorry.
And you, developers, in fact, actually understand me - because You know that in programming sometimes incredible wonders occur. In the form of such floating bugs.
It is a pity that in my case it concerns the money that I lost because of your service (since now for some reason, on my old stinking, a snap-on browser is all good - mysticism, is not true ..)
Dear users, be attentive! Using this mixer, one day you can lose all the money! Just because it works through the Web ... And Web is such.
And in general - maybe attacked in the middle just noticed my numerous tests and was hidden for a while, as if vulnerabilities were not ... who knows. Maybe we never know.
I am sure and with my own eyes just observed for several hours.
And so I can say with complete confidence - it is definitely a vulnerability either in you either in your bundle with the expansion of Metamask.
I will describe chronology. Do you think I'm an idiot? Count.
For the time being, until the next user of the YokeLVeit type does not write here and will no longer lose its money.
I hope the yokelveit managed to withdraw my funds (because in his case, if he said, as there is (addresses) - the question of who is faster than his chips, which you will give him - he is either the one who got in the middle).
But we will wait for yokelveit. In the meantime, I can tell you - the matter is neither my old browser tor, nor in bad nodes.
So I'll start.
A couple of hours ago, I wrote and was going to publish the post here. Read it (repeat all actions is already optional).
And yes, I transferred this message to Google .Translate. Therefore, I hope the translations of a lot you will understand in meaning.
-- -- -- --
I found a problem.
And you will be surprised.
Metamask steals your money with chipmixer.
Everyone who has a Metamask extension in any of the browser.
Check.
Go to the white site chipmixer.com
Create a session.
You must be extruded.
On the session page and the 1st step, where you are invited to send a deposit, press one of the 2nd session recovery links: https://chipmixer.com/session/restore/ biyour_session ("Restore Your Session" Top or "Link" DOWN).
Voila, the page reboots, no cappip, the deposit address is different.
Checked 4 Bruery (Chrome, Firefox, Torbrowser Last Version, Torbrowser Older Version)
In the first 4th browsers, Metamask was supplied today. Latest versions.
10.1.1 Chrome From 22.09.2021. 10.1.0 Firefox, Tor Browser Last Version FROM 25.09.2021, 10.1.0 Tor Browser Older Version From 16.09.2021
In V2 & V3 Onion, everything is in order when Metamask is enabled. He steals money only on the white site chipmixer.com.
No torus-browsers and nodes here - I repeat, I tested the Chrome, Firefox browsers, the latest versions on the normal 64-bit system. As well as the latest version of the browser toruster.
Everything happens on chipmixer.com!
The criterion of fakes is the absence of caps, if you click Restore Your Session from above or link below.
ATTENTION - when you turn off or remove Metamask - the old infected version remains hanging on the Chipmixer.com website, if you do not change the IP.
Those. If the Tor Browser is enough to disable the Metamask extension and create a new chain. That in ordinary browsers I had to change IP - and only then chipmixer.com began to issue a version where, when you click on the above references, a pinch was requested and the address for the deposit remained the same.
I noticed this on the last Firefox 92.0.1 dated 09/23/2021 and Chrome 94.0.4606.61. Even after the disconnection, and after removing the extension, Metamask could not achieve in any way so that Chipmixer.com did not change the deposit address without cape (a hundred times restarted browsers and opened both ordinary and private windows).
But I ripped and re-installed the Internet selection. Got a new IP. Chipmixer.com began to issue one deposit address again. This is a completely different computer, where all the latest versions. 64 bits. Etc.
Guard!!!!! Explain to me what is happening
? If I am right - immediately raise the wave and contact Metamask (I, too, but I need confirmation from Chipmixer).If I stepped and the address for the deposit is issued all the time different and without capping at one session when you press the recovery links of the session - then explain why?
I have stolen money - I am in the network for 30 years and programming the same 30 years. I'm not lamers green. And the point is not in my old 32-bit browser and not my left extensions ...
I detected this garbage exclusion and time tests using this garbage ....
Let's deal with !!!
Yes, chipmixer.com does not always give a capping when creating a session and even during recovery (here it is always) - but the deposit address changes with Metamask - fact.
And yes, probably, your money is stolen - you must definitely press Restore Your Session or Link that I did - I began to change the address, and then I just gave me the coins from which the money was stolen. I have never done this before (and why, if it is enough to refresh the page). And Metamask I have a hundred years and is constantly updated.
But this time I accidentally clicked (and more than once - because the changed address found me by surprise, I immediately revealed) - and as a result, my private key with chipmixer.com was stolen!
Check! I am waiting for a reaction from chipmixer.com developers and from the community.
Maybe I am a fool .. then pull, what am I wrong.
After all, I checked a million times without Metamask - you do not change the address when clicking on 2 links, what I described !!
You ask me about security when I higher proved that it's not about my security - but the fact that there is a vulnerability and someone (Metamask, Chipmixer or someone in the middle) steals other people if:
a. We use white site chipmixer.com
b. In the browser extension costs Metamask
v. We were inappropriately pressed one of the references Restore Your Session or Link (to restore the session)
-- -- -- --
After I checked tens and tens of times and watched this bug, I decided to test, and what would happen if you press not reference - but simply copy the Recovery Recovery link to the browser with the metamask turned on.
I changed the IP address, removed Cookies chipmixer.com (which I did not (!), When I tested and wrote that an angry message).
And now I can not achieve the playback of the bug: - ((
Now it doesn't matter which browser is whether Metamask or not - I'm fine. Constantly when clicking on the links there is a pin and the address one.
Good both in my new white browsers and the newest browser torus on another computer, and in my old one that you blame !!! I also can't repeat the bug with him. These are different PCs.
In short, I am upset, because Already weakly understand what is happening. I began to suspect a bunch of old sessions or cookies standing on white chipmixer.com (because I used to open your site by all mentioned browsers) and Metamask caused a similar vulnerability (but I can not explain why the bug is not reproduced on the newest browser torus - therefore This option must disappear).
Therefore, it is obvious to me that the vulnerability was fixed either Metamask, or you (because I also excluded the nodes).
So you can consider me an idiot. But I think you will understand the text that I do not even Kevin Mitnik, but I understand a little in the technique. There was a time when I was professionally caught vulnerability and sent to developers (and also dealt with opposite activities as you understood).
And I will immediately say - I'm not trying to slander anyone (and it makes no sense to blame, because I have no evidence and support).
Yesterday I thought that someone intervened in the middle and stole my money. And according to my posts you can see that I ask for help to figure out who stole my money in my fault.
Now I am obvious that my guilt is no. You have an obvious somewhere floating vulnerability, which is either found under certain circumstances (when someone and steals chips). Or which was a limited period of time and you have already corrected it (but I said I won't blame you).
Therefore, yes, consider me an idiot and that I felt it.
And I will hope that YokerVeit will come here and finally will write what happened to his money (and I hope he managed to bring them the first attacked in the middle, even though it will put me in the full position of the idiot).
And most importantly, even if he brought (because he is waiting for the issuance of chips - then the question is only who will be ahead of the write-off of funds - he or a rogue) - confirmed that he also changed the addresses. And the main thing - confirmed that he had definitely not an old joy-free browser, but normal and modern.
I Lovig Bug on the old Browser torus (and screenshots thus dropped yesterday, but who cares about, because the browser is old), on the new Browser and Chrome and Mozile, but did not do screenshots, because I was already going to publish that post and did not think that I could not catch the bug again (I repeat, I did this dozens of times within an hour).
Because I am alone and I have no evidence (if only YokeLVeit does not turn on and will not confirm at least that his browsers were in order (and we have one time interval and we are unfamiliar)) - I will look less like a fool.
And if he gets reset chips - my words will be confirmed.
But yes, he registered here, like me, to describe the problem. And maybe generally no longer return here (especially if I got my money in preservation).
In this case, I hope for the conscience of developers that they will write here - how it ended with his situation and take into account that even if he receives money, about his situation with the change of addresses (which he may have described them - although I'm not sure, t. To. It is not important for him)
In the meantime, I can only say - I am a normal person, no one is accused, a programmer, a hundred times before that, who used your service - I lost my money. And after catching this bug on a normal car and browsers, including the newest torus. My guilt in idiochemium using the old version of the Thor is not. Yes, I obviously got a vulnerability, hacking and theft. But certainly not because of the old browser. BC Neither I, nor you still can't understand why. I dare to say - your mixer at least contains, perhaps extremely rarely found, vulnerability.
Well, yes - is it necessary to explain that when I caught a bug - I began to check your version - and in turn turn off / enable extensions - while 100% did not understand that he is due to Metamask. After I began to test another computer, OS and the latest versions of white browsers and the latest version of the browser, also gradually shutting down / including all extensions to 0.
In other words, I wrote that an angry message that is already irrelevant, just as I am sure of 100%. And I repeat, I am a programmer and how the debugging and tests are made - I'm familiar to me.
Well - I will periodically try to catch a bug again (although if it was eliminated - it is meaningless). In the meantime, yes, consider me further an idiot and suggest that I did not confuse Bech32 with Segwit or Legacy (DROMIECHIKITO, thanks for trying to help, but you are not at the address).
--
https://blockchair.com/bitcoin/transaction/2f777ed06e5c2a626243ac8e81b0a4540a77250ec36a1eda6dbb6c5b5709fbd5 - my transaction to chipmixer.com
https://blockchair.com/bitcoin/transaction/28665ad2665bbbc71b7aa5618d0178418393e43cc9ca31d9e781526a896d0922 - Translation of attacking in the middle with 201 satoshi for vbyte
--
I do not advise anyone to use the data mixer and, probably, I will go to Komodo | Pivx | Dash | Monero | zcash | etc. And I described the reason. If someone thinks I invented it. I'm sorry.
And you, developers, in fact, actually understand me - because You know that in programming sometimes incredible wonders occur. In the form of such floating bugs.
It is a pity that in my case it concerns the money that I lost because of your service (since now for some reason, on my old stinking, a snap-on browser is all good - mysticism, is not true ..)
Dear users, be attentive! Using this mixer, one day you can lose all the money! Just because it works through the Web ... And Web is such.
And in general - maybe attacked in the middle just noticed my numerous tests and was hidden for a while, as if vulnerabilities were not ... who knows. Maybe we never know.