|
|
|
|
|
|
by pbear2k23
603 days ago
|
|
|
tl;dr https://pastebin.com/raw/qr8XWFkR - you f*cking ping faster than it pongs. this wasn't discovered until recently. sad. i put this together. it also contains a mode for CVE-2023-33297 ('headers') which was recently patched - although i wasn't given credit because i have haters @ bitcoin-core and blockstream. they kinda run the show now. i'm even banned from contributing to the bitcoin-core github. much decentralization. how to reproduce the vulnerability yourself: 1. install bitcoin 2. ./bitcoind 3. edit your ip into attack.go: https://pastebin.com/raw/qr8XWFkR 4. save attack.go 5. snap install go --classic 6. go build attack.go 7. ./attack 8. slow oom crash - enjoy the fireworks screenshot: https://i.imgur.com/DA80ORS.png happy to answer any questions |
|
|
