Hey guys,
I don't want to talk about Morality, just tech.
Sorry for delay. According to this thread
https://bitcointalk.org/index.php?topic=2800586.0 and this paper
https://arxiv.org/pdf/1703.06545.pdf, we known that Stratum protocol is really unsafe.
If we can performance MITM attack, hijacking and tampering Stratum protocol, It makes something happen. Replacing worker from **mining.authorize** and **mining.submit**, all mining result is yours. Also you can attack mining farm by compromising DNS server or the farm's router. And so on.
In this case(
https://bitcointalk.org/index.php?topic=2800586.0), The guy redirect dstm connections by iptable, bypassing SSLCert verification, and performing MITM to dstm, redirect the dev fee to his own. It's brilliant.
Miner's author should pay more attention about their miner's security. And we should use SSL to connect to the mining pool.
OK, finally, here's a tutorial for make dstm fee to yours. Cause I dont know how to performance MITM in Windows, I use api hook.
1. Unpacked dstm, by upx -d, notice the unpacked file is corrupted,
2. Open it with ida pro
3. search string **mining.authorize** and **mining.submit**, the functions contains this strings is the key to do redirection.
4. search string *sslw: connection closed*, the functions contains this strings is the function to connect pool.
5. Writing a dll file with detours, hook the functions you found, replace wallet to yours, replace pool address and port to your choise if you dont mine in flypool.
6. done.
That's how this repo do
https://github.com/HazakiYoshimi/DSTM-equihash-miner-NO-DEV-FEE. There's no source code because i known somebody modify wallet to their own and release.
discussion is welcome.
and my repo contains xmr miner no dev fee project, it's simple to do that with source code.