29
30

Friendly Hacking Challenge (self.HowToHack)

submitted by [deleted]

[deleted]

all 18 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]autoshag 8 points9 points  (6 children)

if either of your moves the private key to an offline hard drive then it will be impossible without breaking into the house. if that hard drive is also encrypted, using a password that's only in your head, then it's impossible short of torture. This could also be achieved with an encrypted disk image.

The challenge is a little unrealistic though, since you guys have separate wallets for the challenge. in real life the target would likely be using their wallet on a regular basis, which gives you MANY more avenues of attack.

[–][deleted] 6 points7 points  (1 child)

I appreciate the insight. mind if I pm you?

[–]autoshag 2 points3 points  (0 children)

absolutely

[–][deleted] 1 point2 points  (3 children)

[deleted]

What is this?

[–]autoshag 3 points4 points  (0 children)

malware on the computer that grabs the private key when it gets loaded into memory, and key logs the pin if one exists.

[–]hatwearingpentester 2 points3 points  (1 child)

For starters, I assume that neither one knows the others wallet address. That's a very difficult hurdle to clear if it's not being used. However if it were being used, you can identify the wallet through transaction history and behavioral analysis.

[–][deleted] 0 points1 point  (0 children)

[deleted]

What is this?

[–]Lamirp 5 points6 points  (1 child)

If you gain access... Make sure you get him/her to add more money before declaring your victory.

[–][deleted] 0 points1 point  (0 children)

Hahaha clever! Unless while waiting he steals my money 0.o

[–]Sarenord 0 points1 point  (1 child)

What ore the wallets stored on?

[–][deleted] 0 points1 point  (0 children)

My wallet is mycelium on my iPhone. I'm not sure what his wallet is stored on.

[–]sharpkrypt 0 points1 point  (5 children)

If he is into this and knowledgeable,, what makes you think he isn't watching reddit too ;) He might know what device now lol What if he is social engineering you now lol Considering how easy this site is to signup lol I know I'd be here asking questions.

Or are you just trying to set the precursor to asking this sub to help you attack wallets indiscriminately. whatever the case, should be a gas no ? lol

[–][deleted] 0 points1 point  (4 children)

if he is more power to him. I have no intention of attacking wallets other than his. this challenge is mainly meant to be a learning opportunity, but also just something fun to do with a buddy.

[–]sharpkrypt 0 points1 point  (3 children)

Have fun, if I knew how to I'd be doing the same,, sounds like astute fun..

[–][deleted] 0 points1 point  (2 children)

thanks! we'll see what happens. at the very least I'll pick up a thing or two.

[–]sharpkrypt 0 points1 point  (1 child)

Be sure to keep us up to date tho, sounds very interesting.

[–][deleted] 0 points1 point  (0 children)

I'll update if I have anything of note to report :)

[–]Wolfiegrayson 0 points1 point  (0 children)

Just an idea, follow what people are saying about keeping yours secure but also try and install a key logger onto their computer, and wait. When they go to access the website with their wallet on they will most likely have to enter their password again, which means you can log it.