{"id":48317811,"url":"https://github.com/johnnyasantoss/minesploit","last_synced_at":"2026-04-05T00:34:57.129Z","repository":{"id":341042763,"uuid":"1168117065","full_name":"johnnyasantoss/minesploit","owner":"johnnyasantoss","description":"A metasploit like framework and REPL for white hackers on bitcoin mining","archived":false,"fork":false,"pushed_at":"2026-03-18T17:56:43.000Z","size":198,"stargazers_count":6,"open_issues_count":1,"forks_count":2,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-03-19T07:24:07.620Z","etag":null,"topics":["bitcoin","bitcoin-mining","ethical-hacking-tools","hacking","metasploit","mining","repl"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/johnnyasantoss.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-02-27T03:03:24.000Z","updated_at":"2026-03-18T17:56:47.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/johnnyasantoss/minesploit","commit_stats":null,"previous_names":["johnnyasantoss/minesploit"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/johnnyasantoss/minesploit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnnyasantoss%2Fminesploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnnyasantoss%2Fminesploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnnyasantoss%2Fminesploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnnyasantoss%2Fminesploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/johnnyasantoss","download_url":"https://codeload.github.com/johnnyasantoss/minesploit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnnyasantoss%2Fminesploit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31420258,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-05T00:25:07.052Z","status":"ssl_error","status_checked_at":"2026-04-05T00:25:05.923Z","response_time":60,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bitcoin","bitcoin-mining","ethical-hacking-tools","hacking","metasploit","mining","repl"],"created_at":"2026-04-05T00:34:56.537Z","updated_at":"2026-04-05T00:34:57.108Z","avatar_url":"https://github.com/johnnyasantoss.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Minesploit\n\nBitcoin Mining Security Research Framework for white hat hackers and security researchers.\n\n## Quick Start\n\n```bash\n# Clone with submodules (or init them if already cloned)\ngit submodule update --init\n\n# Install dependencies\nuv sync\n\n# Run the REPL\nuv run minesploit\n```\n\n## Running Scripts\n\nRun Python scripts with the framework pre-loaded:\n\n```bash\nminesploit -s examples/mining_example.py\n```\n\nThe `-s` flag runs a Python script with all framework utilities imported.\n\n## Available Exploits\n\n### Bitcoin Core Node Vulnerabilities\n- CVE-2018-17144: Bitcoin Core Inflation (CRITICAL)\n- CVE-2024-52914: Bitcoin Core Orphan Transaction DoS (HIGH)\n- CVE-2017-18350: Bitcoin Core SOCKS Proxy Overflow (HIGH)\n- CVE-2024-52912: Bitcoin Core Timestamp Overflow Netsplit\n- CVE-2024-52915: Bitcoin Core INV Memory DoS\n- CVE-2024-52913: Bitcoin Core Transaction Censorship\n- CVE-2024-52921: Bitcoin Core Mutated Blocks Propagation\n- CVE-2024-52920: Bitcoin Core GETDATA CPU DoS\n- CVE-2024-52919: Bitcoin Core Addr Message Spam DoS\n- CVE-2025-46598: Bitcoin Core CPU DoS from Transactions\n- CVE-2025-54604: Bitcoin Core Disk Fill (Spoofed Connections)\n- CVE-2025-54605: Bitcoin Core Disk Fill (Invalid Blocks)\n- CVE-2015-20111: Bitcoin Core miniupnpc RCE\n- CVE-2024-35202: Bitcoin Core blocktxn DoS\n\n### Stratum Protocol Vulnerabilities\n- CVE-2013: Stratum Duplicate Shares\n- CVE-2016: Stratum Mass Duplicate Shares\n\n### Mining Software\n- CVE-2018-10058: cgminer API Buffer Overflow\n- CVE-2018-10057: cgminer Path Traversal\n\n## REPL Usage\n\n```\nminesploit\u003e list exploits\nminesploit\u003e use cve_2016_stratum_mass_duplicate\nminesploit (cve_2016_stratum_mass_duplicate)\u003e set RHOSTS 192.168.1.100\nminesploit (cve_2016_stratum_mass_duplicate)\u003e set RPORT 3333\nminesploit (cve_2016_stratum_mass_duplicate)\u003e check\nminesploit (cve_2016_stratum_mass_duplicate)\u003e run\n```\n\n## As Python Library\n\n```python\nfrom minesploit.exploits import CVE_2016_STRATUM_MASS_DUPLICATE\n\nexploit = CVE_2016_STRATUM_MASS_DUPLICATE()\nresult = await exploit.check(\"192.168.1.100\", port=3333)\nprint(result.message)\n```\n\n## CPU Mining for Hypothesis Testing\n\nTest share-stealing attacks and other CVEs that require real hashrate:\n\n```python\nfrom minesploit.protocols.stratum.server import StratumServer\nfrom minesploit.utils.miner import CPUMiner, PoolConfig\n\npool = StratumServer().start()\nconfig = pool.get_config()\nminer = CPUMiner(threads=2, pool=PoolConfig(**config, user=\"test.worker\")).start()\n\nassert pool.has_workers(), \"No workers connected!\"\nprint(f\"Hashrate: {miner.get_stats()['hashrate_khs']} kH/s\")\n\nminer.stop()\npool.stop()\n```\n\nRun with: `minesploit -s examples/mining_example.py`\n\n## Legal Notice\n\nThis tool is for authorized security testing only. Users must have explicit\nwritten permission from the system owner before testing any target.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjohnnyasantoss%2Fminesploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjohnnyasantoss%2Fminesploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjohnnyasantoss%2Fminesploit/lists"}