8333,18333,38333,18444 - Pentesting Bitcoin

Reading time: 2 minutes

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Basic Information

  • The port 8333 is used by Bitcoin nodes in the mainnet to communicate between them.
  • The port 18333 is used Bitcoin nodes in the testnet to communicate between them.
  • The port 38333 is used Bitcoin nodes in the signet to communicate between them.
  • The port 18444 is used Bitcoin nodes in the regtest (local) to communicate between them.

Default port: 8333, 18333, 38333, 18444

PORT STATE SERVICE 8333/tcp open bitcoin

Shodan

  • port:8333 bitcoin
  • User-Agent: /Satoshi

Enumeration

Bitcoin nodes will give you some information if they think that you are another valid bitcoin node. Nmap have some script to extract this information:

sudo nmap -p 8333 --script bitcoin-info --script bitcoin-getaddr 170.39.103.39 PORT STATE SERVICE 8333/tcp open bitcoin | bitcoin-info: | Timestamp: 2022-04-08T22:33:58 | Network: main | Version: 0.7.0 | Node Id: 1bea074ea4f6eca3 | Lastblock: 731027 |_ User Agent: /Satoshi:0.19.1/ sudo nmap -p 8333 --script bitcoin-getaddr 170.39.103.39 PORT STATE SERVICE 8333/tcp open bitcoin | bitcoin-getaddr: | ip timestamp | 2a02:c7e:486a:2b00:3d26:db39:537f:59f2:8333 2022-03-25T07:30:45 | 2600:1f1c:2d3:2403:7b7d:c11c:ca61:f6e2:8333 2022-04-08T07:16:38 | 75.128.4.27:8333 2022-04-02T08:10:45 [...]

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks