8333,18333,38333,18444 - Pentesting Bitcoin

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
Discover The PEASS Family, our collection of exclusive NFTs
Get the official PEASS & HackTricks swag
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦@carlospolopm.
Share your hacking tricks by submitting PRs to the hacktricks repo and hacktricks-cloud repo.

Basic Information

The port 8333 is used by Bitcoin nodes in the mainnet to communicate between them.
The port 18333 is used Bitcoin nodes in the testnet to communicate between them.
The port 38333 is used Bitcoin nodes in the signet to communicate between them.
The port 18444 is used Bitcoin nodes in the regtest (local) to communicate between them.

Default port: 8333, 18333, 38333, 18444

PORT      STATE SERVICE
8333/tcp open  bitcoin

Shodan

port:8333 bitcoin
User-Agent: /Satoshi

Enumeration

Bitcoin nodes will give you some information if they think that you are another valid bitcoin node. Nmap have some script to extract this information:

sudo nmap -p 8333 --script bitcoin-info --script bitcoin-getaddr 170.39.103.39
PORT     STATE SERVICE
8333/tcp open  bitcoin
| bitcoin-info: 
|   Timestamp: 2022-04-08T22:33:58
|   Network: main
|   Version: 0.7.0
|   Node Id: 1bea074ea4f6eca3
|   Lastblock: 731027
|_  User Agent: /Satoshi:0.19.1/

sudo nmap -p 8333 --script bitcoin-getaddr 170.39.103.39
PORT     STATE SERVICE
8333/tcp open  bitcoin
| bitcoin-getaddr: 
|   ip                                            timestamp
|   2a02:c7e:486a:2b00:3d26:db39:537f:59f2:8333   2022-03-25T07:30:45
|   2600:1f1c:2d3:2403:7b7d:c11c:ca61:f6e2:8333   2022-04-08T07:16:38
|   75.128.4.27:8333                              2022-04-02T08:10:45
[...]

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access to the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!
Discover The PEASS Family, our collection of exclusive NFTs
Get the official PEASS & HackTricks swag
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦@carlospolopm.
Share your hacking tricks by submitting PRs to the hacktricks repo and hacktricks-cloud repo.

Previous8089 - Pentesting Splunkd Next9000 - Pentesting FastCGI

Last updated 2 months ago