Bitcoin hack kali linux

While there are completely legitimate reasons to use Bitcoin, it's also used by terrorists, drug dealers, and other shady people that need to be investigated. That's where SpiderFoot comes in, which has a command-line interface to search for Bitcoin wallet addresses on a website and query the balances associated with them.

SpiderFoot is a great tool overall for automating OSINT (open-source intelligence), and there are two different versions: the free open-source project and SpiderFoot HX, a paid service that costs almost $800 a year. For our use, the free version is adequate for investigating Bitcoin wallets and balances, and we won't have to run a web server to do it, which is necessary if using SpiderFoot outside of the CLI.

Let's say an organization is raising funds using Bitcoin. Whether it's a legitimate or illegitimate organization that's asking for donations, you can monitor its performance by first locating any Bitcoin wallet addresses associated with the organization's domain by scraping the website. We can then pass that data into a query to find out the exact balance in each public-facing wallet.

Requirements

To use SpiderFoot's CLI, you'll need to have Python 3 installed, which comes preinstalled on newer Linux, macOS, and Windows systems. If it's not, or you have an older version of Python, Python 3 is easy enough to download and install.

Step 1: Install SpiderFoot

We're not going to go to SpiderFoot's website to get the tool. Instead, we'll get it from its GitHub repository. There are many good uses for SpiderFoot beyond what we're doing here today, so make sure to check out its GitHub to see everything else that it can do. It also has a list of modules that SpiderFoot can use, which can be combined and chained together to perform very specific search queries.

We'll be using two modules later on: one to search the website for the Bitcoin addresses, and the other to pass those addresses on to the balance query. But first, to download SpiderFoot via git, issue the following clone command in a terminal.

Then, change into its directory and perform a listing (ls).

You can see a requirements.txt file, so make sure to install that with pip3 before continuing. If you don't, chances are that SpiderFoot will fail because it doesn't have all the dependencies it needs to function correctly.

If you're having issues installing it via the command above, try using apt update first, then try again. If you still have issues, run the command with sudo in front of it.

Step 2: Make Sure SpiderFoot Is Working

Now that SpiderFoot is all ready to go, it's time to start using it with a command-line argument to pass the information we'd like to have returned. From the listing performed above, you'll see the sf.py file, and that's the main program we'll be using here. Let's try running it to see if it's working:

If you see something else, or if you run into errors now or in a later step, go back and reinstall the requirements.txt with pip3. If that doesn't work, install it with sudo, which should fix any missing modules.

Now, let's quickly review the help page to see the usage instructions.

Step 3: Scan for Bitcoin Addresses & Balances

Now, let's look at a Bitcoin address and wallet balance that we scrap from a website. We're going to have to chain a couple of things together to do it. And this is where the modules come into play.

Above, you can see the command we're using to do what we need. The first part of the command is starting the SpiderFoot tool with Python 3. The -m indicates that you're using a module or modules, and right after it, that's where the modules go, separated by commas.

The sfp_spider module will spider the website's webpages we're scanning to find all of the information inside. The sfp_bitcoin module will isolate all of the Bitcoin wallet addresses that it finds via the spidering. And the sfp_blockchain module will take the Bitcoin address or addresses and pass it or them along to an API that will determine the exact amount stored in the wallet.

Next in the command, we have -s, followed by the website URL, which will let us pick the target website. Then, we have -F to filter out a set of event types, specifically, BITCOIN_ADDRESS and BITCOIN_BALANCE. That's the information we want to find. Finally, -q is used to hide everything in the output except only the stuff we want.

Now, let's run it against a real website, using bitcoinforcharity.com as an example.

From the listed output above, we can see that the charity has more than a few publicly listed Bitcoin addresses leading back to wallets where we see the exact bitcoin amount. The charity above isn't really raising any real bitcoin, with 3.17865301 BTC being the wallet with the most. That's not particularly interesting if we were looking for a site moving lots of money through cryptocurrencies.

Step 4: Scan for Ethereum Addresses

For Ethereum, you could use a different command structure to get all of the wallet addresses found on a website, but you won't be able to get any balances as you could with Bitcoin. To demonstrate quickly, we'll scan etherdonation.com.

All we did there was use sfp_spider, the spidering module, and sfp_ethereum, the Ethereum finding module. And we removed the filter for the balance since we can't find Ethereum balances.

Simple but Powerful

If you want to see some of the organizations with the largest bitcoin transactions, then you can google something like "top 100 bitcoin addresses" and pick a result that monitors the top ones. Then, you can use that site's URL in the command to see which Bitcoin addresses are moving the most BTC.

Don't Miss: How to Inject Coinhive Miners into Public Wi-Fi Hotspots

Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.

Buy Now (90% off) >

Other worthwhile deals to check out: