GNU/Linux ◆ screen ◆ bash 4922 views

https://x.com/123456

follow

by using drain-doge.py, drain-btc.py and drain-ltc.py we can force dogecoin/bitcoin/litecoin/fork nodes to upload unlimited data to an attacking machine - which caps out cpu and throttles bandwidth, which in many cases charges overuse fees on upstream - making this a financial attack against bitcoin and its forks. certain protocol messages aren’t rate limited and can be used to remotely overwhelm a server’s upstream in a financially damaging way. if amplified by a botnet across the network the results could be catastrophic and unprecedented. still politely nudging in the direction of this being fixed rather than utilized by bad actors - let’s go fellas

cve: https://nvd.nist.gov/vuln/detail/CVE-2023-33297