This is a collection of tools to explore security on Blockchains. We focus specifically on cryptography, notably random number generation, private key, wallet cracking, brainwallet etc.

Just because you can steal someone else money does not mean you should do it.

Inspiration(great and funny talk at Defcon): https://github.com/ryancdotorg/brainflayer

You need to have a working go(lang) environment in version >=1.9 and clone this repository. I can provide executable if there are requests.

You first need to get the dependency:

$ go get github.com/btcsuite/btcutil/base58

Now you can go in the exec folder and build the executable:

$ cd exec/
$ go build -zombie.go
$ ./zombie

$ ./zombie -h
Usage of ./zombie:
  -f string
    	format file (default "guesses")
  -print
    	Print the generated canditates to standard output
  -wif
    	WIF cracker. Generate valid wif from the format or wordlist file

The goal is to generate password/keys when you know part of the target. This is not suitable if you have a high number of candidates for some parts. Hopefully next versions will support candidates from file generated with the tools like crunch or john the ripper.

First you need to fill the format file(see exec/format_example for an example):

// read the format line and put it in an array of candidates
// one time symbol between parts candidates
// first symbol is a delimiter follow by a part
// repeat the delimiter before each part
// ex: aEa3  	=> [E 3]
// ex: !g!d!e!p => [g d e p]
// ex: %OUI%NON%YES%NO => [OUI NON YES NO]

A useful feature that is missing is being able to set all the characters of the alphabet you are consider, using ?. The alphabets considered for addition are base58 and BIP39 wordlists mainly, and maybe hexadecimal/binary in case we want to play directly on bytes/bits level.

The philosophy of this function is to use it with the cracking functions available (not much for now) or to print the resulting candidates, with the option -print.

Let us assume you forgot exactly your Monero wallet password but you know the parts in it. You can use zombie to generate the password candidates and then pipe it to the wallet. I made a Bash script to use where your wallet and the Monero cli are located:

./monero_cracker.sh format_file brute_forcing_a_monero_wallet

This function is useful to take on contest like this one: It will generate the candidates from the format, check if they are valid wif and print the valid wif. You need to then derive them and see if they hit your target. Unfortunately, we did not get the 1/2 BTC :-( because we had a wrong assumption and did not consider the case color.

Remember:You need to have partial knowledge of the key, somehow, and hope that you can bruteforce the remaining space.

The solution to the contest: 5JKPapJwgyEij3sxYRAEnixyiFgxqkVhgZXv9bWWknBexegx6tM You can test it with the provided guesses file.

• Number of candidates generated and size
• Accept data generated from crunch/John
• Add Public key derivation for BTC, ETH, ...
• Brainwallet cracker
• Mnemonic phrases support(BIP39,...)
• Try very crappy random number generator: date, hour, low/high Hamming weight (00..00, 11..11)
• Advance ECC Discrete logarithm attacks