POC详情: 845b86d7eb84fd7f737b5577a558c6db6ec287eb

来源
https://github.com/ACINQ/detection-tool-cve-2019-13000
关联漏洞
标题: Eclair 安全漏洞 (CVE-2019-13000)
描述:Eclair 0.3及之前版本中存在安全漏洞,该漏洞源于程序中不正确的访问控制。攻击者可利用该漏洞不支付或少支付交易的现金总数。
描述
A tool that detect if your node has been victim of the invalid funding tx attack.
介绍
# Detection tool for CVE 2019-13000

A tool that detect if your node has been victim of the invalid funding tx attack.

## Usage

```shell
java -jar checkfunding.jar --db eclair.sqlite
```

## Help

```shell
$ java -jar checkfunding.jar --help
checkfunding 1.0
Usage: checkfunding [options]

  --db <eclair.sqlite>  path to eclair.sqlite
  --conf <eclair.conf>  path to eclair.conf
  --help                prints this usage text

This utility will detect if your node has been victim of CVE-2019-13000.
Please see the thread on https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-August/002130.html for more details on the vulnerability.

NB: This tool will only work if you have been using released versions of Eclair. If you are on e.g. latest master, please contact support.

Example: checkfunding --db /path/to/eclair.sqlite --conf /path/to/eclair.conf

```
文件快照

 [4.0K]  /data/pocs/845b86d7eb84fd7f737b5577a558c6db6ec287eb
├── [7.2K]  pom.xml
├── [ 873]  README.md
└── [4.0K]  src
    └── [4.0K]  main
        ├── [4.0K]  resources
        │   └── [1.0K]  logback.xml
        └── [4.0K]  scala
            └── [4.0K]  fr
                └── [4.0K]  acinq
                    └── [4.0K]  eclair
                        └── [4.0K]  checkfunding
                            ├── [2.0K]  Boot.scala
                            ├── [2.9K]  CheckBitcoind.scala
                            ├── [3.6K]  CheckFunding.scala
                            └── [ 888]  Conf.scala

8 directories, 7 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。