duplicate share vulnerability? #128
Comments
|
Please put code blocks in fences in the future, preferablly hilighted. Your question is very confusingly worded, but I think I understand what you're asking. I will look into this. |
|
Sorry, it came to me in a PM from someone who used google translate... so I wasn't sure exactly either :) |
|
Can someone please validate if pp is vulnerable to this? |
|
I confirm that pp affected by this vulnerability. |
|
Thanks for confirming. I hope a fix can be released soon for this. |
|
You can modify submit_job in stratum_server.py as temporary workaround: def submit_job(self, data, t):
""" Handles recieving work submission and checking that it is valid
, if it meets network diff, etc. Sends reply to stratum client. """
params = data['params']
# [worker_name, job_id, extranonce2, ntime, nonce]
# ["slush.miner1", "bf", "00000001", "504e86ed", "b2957c02"]
# Duplicate shares check
if data['params'][3] != data['params'][3].lower():
self.logger.info('Dup share attack (ntime) worker: {}, data: {} != {}'
.format(data['params'][0], data['params'][3], data['params'][3].lower()))
data['params'][3] = data['params'][3].lower()
if data['params'][4] != data['params'][4].lower():
self.logger.info('Dup share attack (nonce) worker: {}, data: {} != {}'
.format(data['params'][0], data['params'][4], data['params'][4].lower()))
data['params'][4] = data['params'][4].lower() |
|
Thanks! |
|
I apologize on the delay with this, got busy with finals. @ahmedbodi has submitted a patch (#131) that I just merged, so the latest master is fixed. I'll try to do a little release later. |
|
Thanks, implemented this and has had no ill affect. Cheers On Wed, May 20, 2015 at 12:30 PM, Isaac Cook notifications@github.com
|
A developer contacted me to make me aware of an exploit that was found (not necessairly in pp) but in stratum servers in general. Can someone validate or dismiss if this affects pp?
Could you check your pool to the vulnerability:
A vulnerability is founded and it presents in most public stratum pools.
In the original code check is done by comparing the hex encoded string, not nTime and nNonce values themselves . As a result, a miner can create duplicates of correct ball by replacing the register, send it to the pool and all of them scored.
Example:
Code:
{"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31ee"]} {"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]} {"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31eE"]} {"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]} {"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31Ee"]} {"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]} {"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0ad31EE"]} {"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]} {"id":102,"method":"mining.submit","params":["eobot.41355", "19", "5e490000", "552ce06a", "c0aD31ee"]} {"id":103,"method":"mining.submit","params":["eobot.41355", "19", "5e440000", "552ce06e", "3b39f0a2"]}The text was updated successfully, but these errors were encountered: