3.7 KiB

Raw Blame History

Support HackTricks and get benefits!

Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!

Discover The PEASS Family, our collection of exclusive NFTs

Get the official PEASS & HackTricks swag

Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦@carlospolopm.

Share your hacking tricks submitting PRs to the hacktricks github repo.

8333,18333,38333,18444 - Pentesting Bitcoin

Basic Information

The port 8333 is used by Bitcoin nodes in the mainnet to communicate between them.
The port 18333 is used Bitcoin nodes in the testnet to communicate between them.
The port 38333 is used Bitcoin nodes in the signet to communicate between them.
The port 18444 is used Bitcoin nodes in the regtest (local) to communicate between them.

Default port: 8333, 18333, 38333, 18444

PORT      STATE SERVICE
8333/tcp open  bitcoin

Shodan

port:8333 bitcoin
User-Agent: /Satoshi

Enumeration

Bitcoin nodes will give you some information if they think that you are another valid bitcoin node. Nmap have some script to extract this information:

sudo nmap -p 8333 --script bitcoin-info --script bitcoin-getaddr 170.39.103.39
PORT     STATE SERVICE
8333/tcp open  bitcoin
| bitcoin-info: 
|   Timestamp: 2022-04-08T22:33:58
|   Network: main
|   Version: 0.7.0
|   Node Id: 1bea074ea4f6eca3
|   Lastblock: 731027
|_  User Agent: /Satoshi:0.19.1/

sudo nmap -p 8333 --script bitcoin-getaddr 170.39.103.39
PORT     STATE SERVICE
8333/tcp open  bitcoin
| bitcoin-getaddr: 
|   ip                                            timestamp
|   2a02:c7e:486a:2b00:3d26:db39:537f:59f2:8333   2022-03-25T07:30:45
|   2600:1f1c:2d3:2403:7b7d:c11c:ca61:f6e2:8333   2022-04-08T07:16:38
|   75.128.4.27:8333                              2022-04-02T08:10:45
[...]