Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Trustwallet Trust_Wallet_Browser_Extension CVE-2023-31290

Name: Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Trustwallet Trust_Wallet_Browser_Extension CVE-2023-31290
Rating: 5 (8 reviews)
2026-06-22 | CVSS 5.9
## https://sploitus.com/exploit?id=A63E68C2-3F8F-5064-93CE-8E4051079D14
DONATE: bc1qps62cyk9f9unmdkc9k3ccj9e2h8ywfhg2j53ec

Built with ❤️ for the crypto research community.


# 🚀 CVE-2023-31290 Scanner - Bitcoin & Ethereum Vulnerability Exploit

[![CVE](https://img.shields.io/badge/CVE-2023--31290-red.svg)](https://nvd.nist.gov/vuln/detail/CVE-2023-31290)
[![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
[![C++](https://img.shields.io/badge/C%2B%2B-17-blue.svg)](https://isocpp.org/)
[![CUDA](https://img.shields.io/badge/CUDA-12.x-green.svg)](https://developer.nvidia.com/cuda-downloads)
[![OpenSSL](https://img.shields.io/badge/OpenSSL-3.x-yellow.svg)](https://www.openssl.org/)

## ⚡ The Fastest CVE-2023-31290 (Milk Sad) Scanner for Bitcoin & Ethereum

### 🔥 Up to 150,000 seeds/second on modern hardware!

---

## 📌 WHAT IS THIS?

This tool exploits the **CVE-2023-31290 vulnerability** (also known as **"Milk Sad"**) in the `libbitcoin-explorer` library. The vulnerability stems from using a **Mersenne Twister PRNG seeded with a 32-bit timestamp**, allowing attackers to brute-force all possible `2^32` (≈4.29 billion) seeds and recover private keys from vulnerable wallets.

### 🎯 Key Features
- ✅ **Multi-threaded** scanning with memory-mapped file I/O
- ✅ **24-bit prefix index** for lightning-fast address lookups
- ✅ **12-word and 24-word** BIP39 mnemonics support
- ✅ **3 Bitcoin address types**: P2PKH (1...), P2SH (3...), Native SegWit (bc1...)
- ✅ **Ethereum support** with 10 derivation paths (m/44'/60'/0'/0/0-9)
- ✅ **Cross-chain compatibility** - same seed works on multiple networks
- ✅ **Demo mode** to test specific seed values

---

## 📊 Performance Comparison

| Hardware | Seeds/sec | 24-word/sec | 12-word/sec |
|----------|-----------|-------------|-------------|
| RTX 4090 | 150,000 | 38M | 11M |
| RTX 5090 | 250,000 | 63M | 16M |
| CPU (30 threads) | 150,000 | - | - |

---

## 🪙 Supported Cryptocurrencies

### Bitcoin Scanner
| Type | Prefix | Path | Address Example |
|------|--------|------|-----------------|
| Legacy P2PKH | `1...` | m/44'/0'/0'/0/0 | `1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa` |
| P2SH | `3...` | m/49'/0'/0'/0/0 | `3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy` |
| Native SegWit | `bc1...` | m/84'/0'/0'/0/0 | `bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq` |

### Ethereum Scanner
| Type | Prefix | Path | Address Example |
|------|--------|------|-----------------|
| Ethereum | `0x...` | m/44'/60'/0'/0/0-9 | `0x742d35Cc6634C0532925a3b844Bc454e4438f44e` |

---

## 🛡️ If BTC Found → Check These Too!

Since vulnerable wallets often generated addresses for multiple networks using the **same seed**:

| Coin | Address Format | Version Byte | Path |
|------|---------------|--------------|------|
| **Litecoin (LTC)** | `L...` / `M...` | 0x30 / 0x32 | m/44'/2'/0'/0/0 |
| **Dogecoin (DOGE)** | `D...` | 0x1E | m/44'/3'/0'/0/0 |
| **Dash (DASH)** | `X...` | 0x4C | m/44'/5'/0'/0/0 |
| **Zcash (ZEC)** | `t1...` / `t3...` | 0x1C | m/44'/133'/0'/0/0 |
| **Bitcoin Cash (BCH)** | `1...` / `3...` | 0x00 / 0x05 | m/44'/145'/0'/0/0 |

## 🔗 If ETH Found → Check These EVM Chains!

| Network | Chain ID | Address Format |
|---------|----------|----------------|
| **BNB Smart Chain** | 56 | `0x...` |
| **Polygon** | 137 | `0x...` |
| **Avalanche C-Chain** | 43114 | `0x...` |
| **Arbitrum** | 42161 | `0x...` |
| **Optimism** | 10 | `0x...` |

---

## ⚙️ Installation & Compilation

### Prerequisites
```bash
# Ubuntu/Debian
sudo apt-get update
sudo apt-get install -y build-essential cmake git
sudo apt-get install -y libssl-dev libsecp256k1-dev



========================================
CVE-2023-31290 Scanner - BITCOIN ONLY
========================================

DESCRIPTION:
This tool exploits the vulnerability CVE-2023-31290 (Milk Sad) in libbitcoin-explorer.
The vulnerability uses Mersenne Twister PRNG seeded with 32-bit timestamp.
Generates 12-word and 24-word BIP39 mnemonics from each 32-bit seed.
Derives Bitcoin addresses (P2PKH, P2SH, Native SegWit).
Checks against pre-built 24-bit prefix index of known addresses.
Multi-threaded with memory-mapped I/O - up to 150,000 seeds/second.

SUPPORTED ADDRESS TYPES:
- Legacy P2PKH (1...)
- P2SH (3...)
- Native SegWit (bc1...)

DERIVATION PATHS:
m/44'/0'/0'/0/0   → P2PKH (1...)
m/49'/0'/0'/0/0   → P2SH (3...)
m/84'/0'/0'/0/0   → Native SegWit (bc1...)

COMPILATION:
g++ -std=c++17 -O3 -pthread -o scan_btc scan_btc.cpp -lssl -lcrypto -lsecp256k1

USAGE:
./scan_btc --demo 12345
./scan_btc hex160.bin 0 1000000

IMPORTANT:
If Bitcoin address found, check same mnemonic for:
Litecoin (LTC), Dogecoin (DOGE), Dash (DASH),
Zcash (ZEC), Bitcoin Cash (BCH) and others.
They use the SAME RIPEMD-160 hash with different address versions.

========================================
CVE-2023-31290 Scanner - ETHEREUM ONLY
========================================

DESCRIPTION:
Same CVE-2023-31290 vulnerability but targets Ethereum addresses.
Generates 12-word and 24-word BIP39 mnemonics from 32-bit seeds.
Derives Ethereum addresses using SECP256K1 curve and Keccak-256 hashing.
Checks against pre-built index of addresses with balances.
Fully multi-threaded and optimized for high-speed scanning.

SUPPORTED ADDRESS TYPE:
- Ethereum addresses (0x...)

DERIVATION PATHS:
m/44'/60'/0'/0/0  ... m/44'/60'/0'/0/9   → Ethereum standard

COMPILATION:
g++ -std=c++17 -O3 -pthread -o scan_eth scan_eth.cpp -lssl -lcrypto -lsecp256k1

USAGE:
./scan_eth --demo 12345
./scan_eth hex160.bin 0 1000000

IMPORTANT:
If Ethereum address found, check same mnemonic for:
BNB Smart Chain, Polygon, Avalanche C-Chain,
Arbitrum, Optimism and other EVM-compatible chains.
They use the SAME derivation path and address format.

========================================
BOTH SCANNERS - ADDITIONAL INFO
========================================

If Bitcoin found → also check: LTC, DOGE, DASH, ZEC, BCH
If Ethereum found → also check: BNB, MATIC, AVAX, ARB, OP

REASON: Same seed phrase used across multiple blockchains
during the vulnerable era (2015-2018).

REQUIRED FILES:
- bip39.txt (BIP39 wordlist)
- hex160.bin (binary file with 20-byte RIPEMD-160 hashes)

========================================
========================================
CVE-2023-31290 Сканер - ТОЛЬКО BITCOIN
========================================

ОПИСАНИЕ:
Этот инструмент эксплуатирует уязвимость CVE-2023-31290 (Milk Sad) в библиотеке libbitcoin-explorer.
Уязвимость использует генератор Mersenne Twister с 32-битной меткой времени.
Генерирует мнемонические фразы BIP39 из 12 и 24 слов для каждого 32-битного сида.
Вычисляет адреса Bitcoin (P2PKH, P2SH, Native SegWit).
Проверяет по предварительно построенному 24-битному префиксному индексу.
Многопоточный с отображением файлов в память - до 150,000 сидов/секунду.

ПОДДЕРЖИВАЕМЫЕ ТИПЫ АДРЕСОВ:
- Legacy P2PKH (начинающиеся с 1...)
- P2SH (начинающиеся с 3...)
- Native SegWit (начинающиеся с bc1...)

ПУТИ ДЕРИВАЦИИ:
m/44'/0'/0'/0/0   → P2PKH (1...)
m/49'/0'/0'/0/0   → P2SH (3...)
m/84'/0'/0'/0/0   → Native SegWit (bc1...)

КОМПИЛЯЦИЯ:
g++ -std=c++17 -O3 -pthread -o scan_btc scan_btc.cpp -lssl -lcrypto -lsecp256k1

ИСПОЛЬЗОВАНИЕ:
./scan_btc --demo 12345
./scan_btc hex160.bin 0 1000000

ВАЖНО:
Если найден адрес Bitcoin, проверьте ту же мнемонику для:
Litecoin (LTC), Dogecoin (DOGE), Dash (DASH),
Zcash (ZEC), Bitcoin Cash (BCH) и других.
Они используют ТОТ ЖЕ хеш RIPEMD-160 с разными версиями адресов.

========================================
CVE-2023-31290 Сканер - ТОЛЬКО ETHEREUM
========================================

ОПИСАНИЕ:
Та же уязвимость CVE-2023-31290, но ориентирована на адреса Ethereum.
Генерирует мнемонические фразы BIP39 из 12 и 24 слов на основе 32-битных сидов.
Вычисляет адреса Ethereum с использованием кривой SECP256K1 и хеша Keccak-256.
Проверяет по предварительно построенному индексу адресов с балансами.
Полностью многопоточный и оптимизированный для высокоскоростного сканирования.

ПОДДЕРЖИВАЕМЫЙ ТИП АДРЕСА:
- Адреса Ethereum (начинающиеся с 0x...)

ПУТИ ДЕРИВАЦИИ:
m/44'/60'/0'/0/0  ... m/44'/60'/0'/0/9   → стандартный Ethereum

КОМПИЛЯЦИЯ:
g++ -std=c++17 -O3 -pthread -o scan_eth scan_eth.cpp -lssl -lcrypto -lsecp256k1

ИСПОЛЬЗОВАНИЕ:
./scan_eth --demo 12345
./scan_eth hex160.bin 0 1000000

ВАЖНО:
Если найден адрес Ethereum, проверьте ту же мнемонику для:
BNB Smart Chain, Polygon, Avalanche C-Chain,
Arbitrum, Optimism и других EVM-совместимых сетей.
Они используют ТЕ ЖЕ пути деривации и тот же формат адресов.

========================================
ОБА СКАНЕРА - ДОПОЛНИТЕЛЬНАЯ ИНФОРМАЦИЯ
========================================

Если найден Bitcoin → также проверьте: LTC, DOGE, DASH, ZEC, BCH
Если найден Ethereum → также проверьте: BNB, MATIC, AVAX, ARB, OP

ПРИЧИНА: Одна и та же сид-фраза использовалась на нескольких блокчейнах
в уязвимую эпоху (2015-2018).

НЕОБХОДИМЫЕ ФАЙЛЫ:
- bip39.txt (список слов BIP39)
- hex160.bin (бинарный файл с 20-байтовыми хешами RIPEMD-160)

========================================