hacktricks/network-services-pentesting/8333-18333-38333-18444-pentesting-bitcoin.md
2024-12-12 11:39:29 +01:00

3.6 KiB

8333,18333,38333,18444 - Pentesting Bitcoin

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}

Basic Information

  • The port 8333 is used by Bitcoin nodes in the mainnet to communicate between them.
  • The port 18333 is used Bitcoin nodes in the testnet to communicate between them.
  • The port 38333 is used Bitcoin nodes in the signet to communicate between them.
  • The port 18444 is used Bitcoin nodes in the regtest (local) to communicate between them.

Default port: 8333, 18333, 38333, 18444

PORT      STATE SERVICE
8333/tcp open  bitcoin

Shodan

  • port:8333 bitcoin
  • User-Agent: /Satoshi

Enumeration

Bitcoin nodes will give you some information if they think that you are another valid bitcoin node. Nmap have some script to extract this information:

sudo nmap -p 8333 --script bitcoin-info --script bitcoin-getaddr 170.39.103.39
PORT     STATE SERVICE
8333/tcp open  bitcoin
| bitcoin-info: 
|   Timestamp: 2022-04-08T22:33:58
|   Network: main
|   Version: 0.7.0
|   Node Id: 1bea074ea4f6eca3
|   Lastblock: 731027
|_  User Agent: /Satoshi:0.19.1/

sudo nmap -p 8333 --script bitcoin-getaddr 170.39.103.39
PORT     STATE SERVICE
8333/tcp open  bitcoin
| bitcoin-getaddr: 
|   ip                                            timestamp
|   2a02:c7e:486a:2b00:3d26:db39:537f:59f2:8333   2022-03-25T07:30:45
|   2600:1f1c:2d3:2403:7b7d:c11c:ca61:f6e2:8333   2022-04-08T07:16:38
|   75.128.4.27:8333                              2022-04-02T08:10:45
[...]

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}