CVE-2022-40769 PoC — profanity 安全特征问题漏洞

Source

Associated Vulnerability

Description

profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022. CVE project by @Sn0wAlice

Readme

# CVE-2022-40769

profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022.

| authentication | complexity | vector |
| --- | --- | --- |
| not available | not available | not available |

| confidentiality | integrity | availability |
| --- | --- | --- |
| not available | not available | not available |

## CVSS Score: **not available**

## References

* https://github.com/johguse/profanity/issues/61

* https://blog.1inch.io/a-vulnerability-disclosed-in-profanity-an-ethereum-vanity-address-tool-68ed7455fc8c

* https://github.com/johguse/profanity

## Brut File

* [CVE-2022-40769.json](./data_brut.json)



## About this repository
This repository is part of the project [Live Hack CVE](https://github.com/Live-Hack-CVE). Made by [Sn0wAlice](https://github.com/Sn0wAlice) for the people that care about security and need to have a feed of the latest CVEs. Hope you enjoy it, don't forget to star the repo and follow me on [Twitter](https://twitter.com/Sn0wAlice) and [Github](https://github.com/Sn0wAlice)

File Snapshot

 [4.0K]  /data/pocs/83e4565b1c78d840912537a8a76af57006e66a94
├── [8.6K]  data_brut.json
└── [1.1K]  README.md

0 directories, 2 files

Remarks