See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/337610456

Attainable Hacks on Keystore Files in Ethereum Wallets—A Systematic

Analysis

Chapter · October 2019

DOI: 10.1007/978-3-030-34353-8_7

CITATIONS READS

3 10,921

4 authors, including:

Purathani Praitheeshan
Deakin University
6 PUBLICATIONS   9 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Identifying the security issues in blockchain technology and smart contracts View project

All content following this page was uploaded by Purathani Praitheeshan on 20 October 2020.

The user has requested enhancement of the downloaded file.

 Attainable Hacks on Keystore Files
in Ethereum Wallets—A Systematic
Analysis

Purathani Praitheeshan(B) , Yi Wei Xin, Lei Pan, and Robin Doss

School of IT, Deakin University, Geelong, VIC 3220, Australia

{ppraithe,ywxin,l.pan,robin.doss}@deakin.edu.au

Abstract. Ethereum is a popular Blockchain platform that allows

users to manage their cryptocurrency transactions through the wallets.
Ethereum wallet helps interact with the blockchain network easily, and
it keeps Ethereum cryptocurrency (Ether) transaction data of its users.
The use of Ethereum and wallets grows rapidly. Since they handle huge
value of crypto assets, attackers are keen to hack and steal Ethers from
Ethereum wallets. But there lacks comprehensive security analysis, espe-
cially on keystore files in Ethereum wallets. There were a few incidents
occurred with huge loss of Ethers in Etheruem wallets within the last
five years. In this paper, we conducted a systematic analysis on hack-
ing methods from the existing literature and conducted experiments to
find how the Ethereum wallet’s keystore file is vulnerable to the adver-
saries. Since the keystore file is secured with a password, we have used
the brute-force and the dictionary attack to crack the password of the
keystore file in Ethereum wallets. Our results showed that the dictionary
attack is more efficient to hack the keystore file than the brute-force
attack. Further, the keystore file is less vulnerable, if it is used complex
password credentials.

Keywords: Ethereum · Wallets · Keystore · Security · Attacks

1 Introduction
Ethereum [12] is one of the well-known blockchain platforms which allows cryp-
tocurrency transactions and decentralized applications (Dapp) in many use
cases. Wallet is a prominent element that allows the users to manage their
accounts and crypto-assets securely by connecting to the blockchain network
[14]. This paper surveys the existing Ethereum wallets [1], their functions, pri-
vacy and how can they vulnerable to specific attacks. Since the value of digital
currency held in these wallets are increasing drastically, the attackers are keen
to do malicious actions on wallets to gain substantial benefit. The recent attack
exploited the parity multisig wallet [10] in Ethereum and the attackers stole
around 150,000 Ethers [13,49] in 2017. Ether is the programmable token and

c Springer Nature Switzerland AG 2019

R. Doss et al. (Eds.): FNSS 2019, CCIS 1113, pp. 99–117, 2019.
https://doi.org/10.1007/978-3-030-34353-8_7
100 P. Praitheeshan et al.

used as cryptocurrency in Ethereum [65]. People are performing their transac-

tions using Ethers, and they use wallets as a storage medium [30] on Ethereum
platform. Therefore, the level of security and privacy of Ethereum wallets should
be ensured for the users who would trust the wallets functionalities.
It is crucial to investigate the security and privacy issues existed among the
Ethereum wallets applications. There are a few literature surveys conducted
on analysing security, performance, and privacy of Ethereum and other plat-
forms [17,23,42,43,60]. However, no existing surveys focus on the Ethereum
wallets and their keystore files. The user accounts in Ethereum wallets have
their own keystore files that are authenticating with a secured password. We
found the research gap in related to the password authentication in keystore
files of Ethereum wallets and our research questions are generalized as following:

– What is the state of the art in the current attacks and countermeasures on
keystore files in Ethereum wallets?
– How effective are the existing attacks breaching the passwords of Ethereum
wallets keystore files?
– What kinds of new attacks will emerge in the future?

To address our research questions, we have conducted a systematic survey on

the existing Ethereum wallets and their actual keystore files that are authenticat-
ing the investors/users of the distributed applications (Dapp) [16]. We mainly
focus on the emerging security issues in Ethereum wallets, especially on the
client-side. Ethereum wallet keeps a keystore file for each account and stores
user’s authentication data in JSON format [32]. Our analysis is primarily based
on the keystore file that is the most important element for the hackers to steal
the authentication information of Ethereum wallet users. We have done exper-
iments using two password hacking mechanisms that are the brute-force and
the dictionary attacks.
The remainder of the paper is organized as follows. Section 2 describes differ-
ent types of Ethereum wallets and how keystore file is generated with secured
authentication parameters. A literature review is presented in Sect. 3 that covers
the possible hacking mechanisms and vulnerabilities in the platforms where the
Ethereum wallets are running on. Section 4 presents our experiments using two
different hacking methods and how the password of keystore file is cracked.
The test results and evaluations on our methodologies are explained briefly in
Sect. 5. Section 6 discusses a few other attacks that would be possible to target
Ethereum wallets in future and concludes the paper.

2 Ethereum Wallets
Ethereum wallets are used by the owners of Ethereum accounts who save the
private key and the public key of their accounts in a keystore file. These keys
are authenticated when a user invokes or signs a transaction to manage their
funds. The hot wallets store the key information online which can be accessible
virtually from wherever the account holder has an internet connection. These
 Attainable Hacks on Keystore Files in Ethereum Wallets 101

wallets are more risky to leak the key data since malicious actions can be easily
processed in the cyber space to hack keys and steal money. The cold wallets
keep the keys offline such as on a hardware device or in a paper wallet in the
form of a QR code. The cold wallets are less vulnerable to attackers.
Ethereum wallets connect to the blockchain network fully or partially accord-
ing to their configurations as either a full node or not. There are different types of
Ethereum wallets which work on multiple platforms including desktop, mobile,
web, and hardware devices.

Full Node Wallets/Desktop Wallet download the entire blockchain data and
connect locally to operate their functions. Full node means one of the peers in
the whole distributed Ethereum network. Since the blockchain data are very big
(gigabytes in size), it is possible for a desktop wallet to run as a full node. It
updates the state of transaction data in the blockchain by reaching an agreement
with other nodes using the consensus mechanism of Ethereum.

Mobile Wallets do not require to acquire the whole blockchain data to connect
with. They are light clients that they download only the miners who are necessary
to send/receive transaction data whenever they invoke transactions. Since these
wallets are installed in the mobile devices, it is easy to connect to the blockchain
network any time or anywhere as long as the mobile has an internet access.

Web Wallets are online wallets that can be accessed from anywhere since wallet
data are stored in a cloud environment. Since web wallets are light weight clients,
they perform faster than other wallets. The online wallets are hot wallets, so
that the accounts keys are stored in cloud. These wallets are most susceptible
to malicious hacks and cipher attacks.

2.1 Offline Wallets

Are storing data and key information on their specially designed hardware stor-
age or as the paper code, for instance, QR code. They generate the account
keys offline and connect to the Ethereum network whenever the user needs to
proceed their transactions. Since they are cold wallets, they are very resilient to
the hackers or malicious users to steal the keys and cryto-funds. Although the
offline wallets are cold wallets, they will expose to the online environment while
being used [68].

2.2 Keystore File in Ethereum Wallets

A keystore file is a confidential and authentication factor that stores account
credentials of an Ethereum wallet’s user. Different Ethereum wallets store their
keys using different cryptographic methods. They use either single public key or
multiple private keys. An example keystore file created by a real Ethereum
wallet (Mist [5]) is shown in the following code snippet.
102 P. Praitheeshan et al.

{
"address":"827413828a671294f10769c2acf4327a53fb9191",
"crypto":{
"cipher":"aes-128-ctr",
"ciphertext":"0549d206b8712115e2c8fc7a9a5d43b43b72817a5457e2c
7e2ba9d7cd927c41a",
"cipherparams":{"iv":"a911db13a903c3101d357dd97cc0c030"},
"kdf":"scrypt",
"kdfparams":{
"dklen":32,
"n":262144,
"p":1,
"r":8,
"salt":"ec267231ced9db706a47cf12ec55c4b1323b404488e1b15
5c67342a78dfd3ff"
},
"mac":"9aaaf70488208a3c007a167310ed9900137f81bc07f1cad72ade6
43628cb9e3d"
},
"id":"f6e0435d-b575-4c42-aa13-a38cfb857869",
"version":3
}

The keystore file has the important key-value pairs that store the security
information of the private key, public key, id, addresses, and cipher param-
eters. We explain them in details—address: Address of the Ethereum wallet
account that is used for transfer and receive Ethers. cipher : The name of
the Advanced Encryption Standard (AES) algorithm used. cipherparams: The
parameters required by the cipher algorithm. ciphertext: The private key of
Ethereum, encrypted by using cipher algorithm. kdf : Key derivation function
used by Ethereum wallet, which enables the end user to encrypt the keystore file
with password.mac: Message authentication code used to verify the correctness
of user password.
A keystore file name consists of a timezone indicator (e.g.,UTC), date,
time, and the Ethreum address information as UTC--2019-04-17T02-24-
31.54696700 0Z--827413828a671294f10769c2acf4327a53fb9191. The file
would be saved in chaindata/keystore path inside the private or public blockchain
data folder, if the wallet is installed on a computer.
Since these keystore files are stored in plain text, it is easy to obtain both the
file and the content of the file. If the system has not enabled with any encryption
protection such as operating system level encryption or full disk encryption, the
attackers can try malicious actions to retrieve the keystore file from the exact
file path. If this keystore file is leaked to hackers, they can use different password
hacking mechanisms to reveal the actual password of the Ethereum wallet.
 Attainable Hacks on Keystore Files in Ethereum Wallets 103

Once the address of an Ethereum Wallet account is leaked, it can be used to

trace more important information, including the transaction information, wallet
status, and account balance. There are online scanners such as Etherscan [4] and
EtherChain [2], freely available to explore and trace an Ethereum address with
its transaction history information. Transaction data such as transaction time,
amount of Ethers, and the address to whom the money transferred or received
can be searched by the scanners.
If a keystore file is retrieved by an attacker, the hashcat application [7] can be
used to crack the password of the keystore file [33,34]. Both the dictionary attack
and the brute-force attack are used to hack the password of Ethereum wallet
using private key stored in the keystore file. With the password information, the
hacker can gain the full control of the Ethereum wallet.

3 Literature Review on Hacking Mechanisms

There are many researchers contributed their work in respect to password hack-
ing mechanisms. Such methods can be used to crack password of Ethereum wallet
with the data retrieved from the keystore file.

3.1 Computers/PC Related Attacks

Gelernter et al. [27] introduced the Password Reset Man in the Middle attack
(PRMitM). This method is derived from the traditional Man-in-the-Middle
(MitM) attack, and it can affect popular websites and online services includ-
ing email services. This attack works by collecting users’ personal details while
they register by tricking the victims to provide their personal information. This
data can be used to reset password for another online service either via email,
SMS, or phone call. There were two proposed countermeasures that force users
to understand when someone asked to reset their passwords.
Naiakshina et al. [48] conducted a qualitative research on how developers
introduced problems with password storage on applications, websites, etc. They
have identified different types of reason, thoughts, and actions which will weaken
password in applications. The experiment was conducted in a laboratory envi-
ronment with the Java programming language. This research was conducted
through studying the computer science students instead of the real developers,
so that the results were limited.
Ge et al. [26] conducted research on loader attacks. It was discovered that
dynamic loading is one of the core features on modern operating systems. A
new attack vector was identified as Copy Relocation Violation (CORev) where
the adversaries can utilize a vulnerability of memory corruption to alter the
read-only constant variables in order to bypass defenses. Ge et al. [26] suggested
three mitigation methods—analyzing libraries and binaries to detect the attack
vector, recompilation, and make loader and linker to be aware of permissions at
the source level.
104 P. Praitheeshan et al.

Silver et al. [53] focused on attacks and mitigations on password managers.

They investigated the security issues of password managers and policies on auto-
matic filling function in web passwords. It was discovered that a remote network
adversary can extract multiple passwords from the password manager without
any user interaction. Their experiments were done for improving the security
of password managers. They presented a solution called SecureFilling that
enhanced the security of auto-filling function of the password managers.
Kogan et al. [39] investigated the second-factor authentication which utilized
secure hash chains. They used time-based one-time password (TOTP) that can
store the secrets on both the server and the client. A new one time password
scheme named T/Key was proposed that is time-based and offline. Independent
hash functions were implemented in T/Key to force the server not to store any
secrets of secondary authentication.
Song et al. [54] have used the behavioral information and hand geometry
to authenticate the users on multi-touch enabled devices. Their research indi-
cates that the traditional password and gesture pass-code are vulnerable against
several attacks such as zero-effect attack, smudge attack, shoulder attack, and
statistical attack. They developed a solution that uses the multi-touch authenti-
cation method. It can protect the victims from statistical attack, shoulder attack,
and smudge attack effectively.
Su et al. [56] explored the crosstalk leakage attack on USB hubs. This attack
can be monitored via the USB power cords. The USB charge-only cables, internal
USB hubs and external off-the-shelf USB hubs would be affected by the crosstalk
attack.
Xiao et al. [67] researched on utilizing a side channel to trace and detect
SSL/TLS vulnerabilities in the secured enclaves. An enclave is Intel Software
Guard Extension (SGX) which provides a shielded execution environment for the
software applications. They proposed an analysis framework called STACCO that
dynamically analyzes the SSL/TLS implementation and identifies vulnerabilities
such as man-in-the-kernel attack, oracle attacks, and so on.
Tian et al. [59] focused on the provenance issue in data protection of USB
storage devices. ProvUSB can be utilized to find grained provenance collections
and track data storage problems on smart USB devices.
Wressnegger et al. [66] conducted research on vulnerabilities introduced when
migrating systems to 64-bit platforms. They discussed that code works on 32-
bit platforms can introduce vulnerabilities to 64-bit platforms. The predicted
vulnerabilities are due to the differentiation on data models, integer types and
widths on both platforms.

3.2 Mobile Related Attacks

Luo et al. [44] investigated the vulnerabilities existed in the User Interface (UI)
of mobile browsers. They developed Hindsight which is the first framework of
browser-agnostic testing and dynamic-analysis. It is quantifying and gauging the
vulnerabilities of mobile web browsers specifically for UI attacks.
 Attainable Hacks on Keystore Files in Ethereum Wallets 105

Li et al. [41] investigated mobile WebView that focuses on cross-app remote

infections. The convenient cross-app URL invocation can be utilized to exe-
cute unauthorized app components. They found that cross-WebView navigation
design allows the remote adversary to distribute malicious web content among
different apps such as Google Drive, Twitter, Facebook, etc. Some mitigation
techniques for this attack was discussed and proposed a security mechanism
called NaviGuard to use within app.
Redini et al. [50] studied bootloader security in mobile devices and discovered
that unlock ability can make bootloader vulnerable. BOOTSTOMP is their proposed
solution that is a multi tag taint analysis framework to automatically identify
the security vulnerabilities in the bootloader.
Genkin et al. [28] focused on the extraction of the ECDSA key from mobile
devices by utilizing physical side channels. They demonstrated a full extraction
process of the ECDSA secret signing keys from CoreBitcoin application and
OpenSSL runs on iOS or Android mobile devices.
Hojjati et al. [31] conducted research on the side channel attack which
revealed the factory floor secrets via mobile phone. They investigated possible
attacks targeting factories and other trading secrets. They utilized the embedded
sensor devices including GPS, camera, microphone and accelerometer to identify
side channel attacks.
Das et al. [25] investigated the attacks and defenses of tracking the mobile web
users via motion sensors. They analyzed the accelerometer and gyroscope motion
sensors for fingerprinting and tracking the user. The research discovered that
motion sensor tracking can have very high accuracy. Their proposed mitigation
methods are related to the primary obfuscation techniques when explicit user
permission/awareness is absent.

3.3 Networking Related Attacks

Chen et al. [21] systematically studied on MitM attack using name collision.
They explained name collision problem that makes MitM attack on web browsing
become easier. The paper mainly described the technical details of the related
attacks, name collision and MitM attack.
Chen et al. [22] also conducted detailed research on client-side name collision
vulnerability. They have discovered that the name collision problem can lead
to MitM attacks against end-user devices on the internet. The research con-
firmed that attackers can register vulnerable domains with leaks from WPAD
queries, and then the global web traffic from internet users can be automatically
redirected to the attacker’s MitM proxy.
Vissers et al. [63] had studied on domain hijacking via name-servers with
a large-scale analysis. They described the email hijacking is another type of
technique to be used to launch a domain hijacking. The research group dis-
cussed security practices of name-servers such as Domain Name System Security
Extensions (DNSSEC), which can be used to protect DNS from integrity issues
by utilizing digital signatures.
106 P. Praitheeshan et al.

Vanhoef and Piessens [61] conducted research on the newly discovered WPA2
key re-installation attack which forces to reuse nonce on Wi-Fi. The researchers
proposed the mitigation techniques and indicated that the vendors would be
notified about this vulnerability and attack.
Jero et al. [36] focused on the attacks and defenses within software-defined
network (SDN) from the identifier binding perspective. They discovered that
the SDN is flawed and proved with their developed proof-of-concept attack by
using SDNs. The experiments showed that their solution mitigates the identifier
binding attacks at the cost of a little overhead.
Varadarajan et al. [62] worked on the placement vulnerability existing in
public clouds. They primarily discussed the placement of virtual machines (VM)
in the public clouds. Their research discovered that if the adversary VM was
placed right, it can be used to launch a side-channel attack to the nearby victims.
The research discussed about the detection of co-residence. Multi-tenancy in
public clouds can have the co-residency attack issue; the deficient of performance
isolation in hardware enables the detection of the co-location; and it is easy and
cheap to achieve the co-location.
Zhang et al. [69] conducted research on side-channel attacks in PaaS clouds
with cross-tenants. It presented a new attack framework which can be utilized
to cache-based side-channel attacks on the Platform-as-a-Service (PaaS) clouds.
They have utilized FLUSH-RELOAD framework to achieve the attack.

3.4 Web Related Attacks

Tajalizadehkhoob et al. [57] studied the website vulnerabilities and security
issues in the view points of the web hosting provider or the website adminis-
trator. They stated that the web security in the shared hosting environment is
joint responsibility between webmasters and providers.
Jin et al. [37] conducted research on the code injection problem that exists on
HTML5 based mobile apps. They have studied about the portability advantage
of HTML5 based mobile apps that is attracting more attention from developers.
They have found a new form of code injection that inherits the basic cause
of Cross-Site Scripting attack (XSS). To analyze the prevalence of this code
injection vulnerability, they have developed a vulnerability detection tool that
investigates PhoneGap apps.
Cao et al. [20] focused on timing attacks against web browser. Timing
attacks pose threats to modern web browsers that lead to privacy and security
threats. They discovered that the existing countermeasures are not sufficient.
The researchers proposed a novel approach named deterministic browser which
can mitigate timing attacks in modern browsers provably. Their prototype of
deterministic browser named DETERFOX can protect victim from a few timing
attacks and also compatible with the real-world websites.
Zuo et al. [70] conducted study on an automatic discovery of vulnerable
authorizations existing within online service. The research discovered that many
apps implemented login and authorization features for use of app. But they have
different levels of security implementation which can propose different types of
 Attainable Hacks on Keystore Files in Ethereum Wallets 107

threats to the end users and web servers. They have developed an automatic
online service access control vulnerability detection system namely Authscope.
Shan et al. [52] conducted research on the tail attacks on web applications.
The tail attack is the extension of Distributed Denial-of-Service (DDoS) attacks
to the application layer. The adversary exploits a newly identified vulnerability
in system of n-tier web applications.
Lauinger et al. [40] have done a comprehensive analysis on the outdated
JavaScript libraries used on the web, specially in the client-side JavaScript
library. They discovered that since JavaScript libraries such as Bootstrap, Angu-
lar and jQuery are frequently used on many websites, the attack surface is
increasing.
Sanchez-Rola et al. [51] conducted research on the security of browser exten-
sion policies. The research discovered that due to the tight relation with browsers,
browsers extensions have been the target of many attacks. These attacks are
related to gather or steal information, execute malicious tasks at background,
password theft, and browsing history retrieval etc. It also provided mitigation
techniques against the defined attacks including a side-channel attack and a set
of URI leakage security threats.
Han et al. [29] focused on live monitoring of controlled sandboxed phishing
kits. They presented a new approach to sandbox real-time phishing kits which
can protect the victims. They have designed a honeypot system by incorporating
their module and the collected data. The researchers measured the effective life-
time of phishing kits with respect to the separated data of victims, adversaries,
and other third-party victories.
Invernizzi et al. [35] conducted research on the detection of cloaked web-
sites. A cloaking attack happens when an adversary creates a webpage with two
versions of targeting search engine and targeting human. They have used their
findings to develop an anti-cloaking system that detects split-view.
Muthukumaran et al. [47] conducted research on mitigation of data disclosure
vulnerabilities in web applications. They discovered that bugs and logic of web
applications related to authentication can expose the user data. The research
discussed common defense techniques including access check, input validation,
anomaly detection, policy, etc. With their deep analysis of existing vulnerabil-
ities, they proposed a proxy named FlowWatcher that is used to mitigate the
data disclosure vulnerabilities in web applications.
Meng et al. [45] studied on the pollution attack of targeted advertising. It
presented a new fraud technique which enables the publishers to increase their
advertisement income. They have discovered that the pollution attack utilizes
many different techniques, for example, differentiating search engine and real
users to avoid being blacklisted by search engines.
Monshizadeh et al. [46] conducted research on the detection of privilege esca-
lation attacks in web applications. The research discovered that many websites
have privilege escalation vulnerability. This problem can cause further damage or
disclosing the important data, due to the complex structure of websites, includ-
ing utilization of server-side script programs and database server.
108 P. Praitheeshan et al.

Karapanos et al. [38] focused on the mitigation of TLS man-in-the-middle

(MITM) attacks in web applications. It has explained the technical details with
diagrams visualizing the concept of attack. It proposed a solution to use the
dubbed Server Invariance with Strong Client Authentication (SISCA) in order
to defend against user impersonation used in the TLS MITM attacks.
Soska et al. [55] conducted research on automating the detection of vulnerable
websites before they become malicious. The approach is to classify the websites
by utilizing data mining and machine learning techniques.
Canali et al. [19] studied on exploitation behaviors on the web. In order to
analyze the exploitation behavior, they have presented the design, implemen-
tation and deployment of network with 500 fully functional honeypot websites
with different services for attract attackers. It discovered that many eastern
European countries were involved in spam comment, and many phishing and
scam campaigns were operated by criminals located in African countries.

4 Methodology and Experiments

We have studied possible attack mechanisms from the existing literature surveys
that would be directly or indirectly applicable for hacking Ethereum wallets. Our
study also analyzed possible attacks that can be targeted to Ethereum wallets.
This section describes our experiments done on cracking different private keys
that we extracted from the keystore files in Ethereum wallets. To the best of
our knowledge, this approach is the first analysis on security of Ethereum wallets
with significant experiment results. We discovered that the prominent element
is the keystore file that would be targeted in any attacks on Ethereum wallets.
If an adversary obtained the keystore file and its password, he/she will have the
full control of the particular Ethereum address/wallet.
Since an Ethereum wallet requires the minimum of 8 characters for the wallet
password, we tested only the Ethereum keystore file with 8 characters password.
For our experiments, the adversary machine had an Intel Core CPU with with
32GB RAM, and Windows 10 with the installation of the Hashcat application
with the rate of 10-11 Hashes/s. The victim machine had an Intel Core CPU with
4GB RAM, and MacOS operating system. Hashcat [7] is a free and open-source
multi-OS password cracker with in-kernel rule engine. It supports over 200 hash
types and password/hash cracking by using Graphic Processing Unit (GPU)
and Central Procession Unit (CPU). We used the Windows version of hashcat
binary for our cracking experiment. The Python script ethereum2john.py [11]
was used to convert the keystore file to a compatible format of hashcat. Hashcat
has a few configuration parameters to set up initially. We used the specific values
to enable Hashcat work properly with the Ethereum keystore files as shown in
following Table 1.

4.1 Brute-Force Attack

The first hacking method we have chosen in this study is the brute-force
attack. It tries various passwords repeatedly until it gets in successfully to the
 Attainable Hacks on Keystore Files in Ethereum Wallets 109

Table 1. Hashcat configuration parameters and values

Parameters Description
-m 15700 Switch for hash mode, 15700 SCRYPT hash type for wallet
–status Switch to enable automatic update of the cracking progress
status
–status-timer=5 Set update interval for updating progress
-D 1 Use CPU to calculate hash for cracking
-w 3 Workload profile switch, 3 means high priority
dictionary text file Use specified dictionary to crack the hash
–potfile-disable Disable potfile which used to store cracked passwords
-a 3 Attack mode brute-force
-1 ?l?u?d User defined charset, lower case, upper case and digits
?1?1?1?1?1?1?1?1 8 characters
–increment Switch to enable mask increment mode
–increment-min 8 Minimum 8 characters
–increment-max 8 Maximum 8 characters

wallet/system. As initial setup, we installed the tool geth (Ethereum proto-

col [6]) and Ethereum wallet (MyEtherWallet [9]) on MacOS. Then we cre-
ated an account using Ethereum Wallet and it generated a keystore file in the
chaindata/keystore/ directory. The Hashcat version 4.2.1 [8] was used in our
experiments for cracking the keystore file password. It was installed by executing
the installation file using the command prompt. Next, we configured the Python
environment to run ethereum2john.py script. This script file and the keystore
file were copied into the python executable directory. The following command
would execute the ethereum2john.py to convert the keystore file to a compatible
hashcat format: phython ethereum2john.py keystore-filename.
For example, our keystore file name is UTC--2019-04-17T02-24-31.5469
6700 0Z--358d23c9b76d113260ab7288ea8ffbd8d8a3f9f3, and the executed
command is as follows inside the python executable directory.
python ethereum2john.py UTC--2019-04-17T02-24-31.546967000Z--35
8d23c9b76d113260ab7288ea8ffbd8d8a3f9f3
The following output shows the result we received from above command. It is
the hash format of the keystore file that to be compatible to run in the hashcat
software.
WARNING: Upon successful password recovery, this hash format may
expose your PRIVATE KEY. Do not share extracted hashes with any
untrusted parties!
UTC--2019-04-17T02-24-31.546967000Z--358d23c9b76d113260ab7288ea8ffb
d8d8a3f9f3:$ethereum$s*262144*8*1*0aead560af9504a38f7bc500cf26b0588
cc30a094bdd7320597ff9cb6154c4fd*5029816b5bae91586929e7132d2c679bc9e
6187b99154973f05ca56166a1b80b*c3947083ae6b4e628753d9b6d20fefa3a62eb
1c3b14cd9dca3033afe032bd1ef
110 P. Praitheeshan et al.

Cracking. The hashcat executable file was run to extract the keystore file
from the output we received using the ethereu2john.py script. The following
command is used for cracking the keystore file.

hashcat64.exe -m15700 $ethereum$s*262144*8*1*0aead560af9

504a38f7bc500cf26b0588cc30a094bdd7320597ff9cb6154c4fd*5029816b5bae9
1586929e7132d2c679bc9e6187b99154973f05ca56166a1b80b*c3947083ae6b4e6
28753d9b6d20fefa3a62eb1c3b14cd9dca3033afe032bd1ef --status
--status timer=5 -D1 -w1 -a3

The above command extracted the keystore file using hashcat cracking algo-
rithm. It used the brute-force attack as specified in the command as -a3 mode.

4.2 Dictionary Attack

The second hacking mechanism we experimented to crack an Ethereum wallet
keystore file is the dictionary attack. We trimmed the rockyou dictionary [3] so
that the passwords with only 8 characters are kept.

Cracking. We used the hashcat tool [7] with the dictionary file to crack the
passwords using hashcat dictionary mode. The following command is for cracking
the keystore file using a dictionary file and hashcat executable file.

hashcat64.exe -m15700 $ethereum$s*262144*8*1*0aead560af9

504a38f7bc500cf26b0588cc30a094bdd7320597ff9cb6154c4fd*5029816b5bae9
1586929e7132d2c679bc9e6187b99154973f05ca56166a1b80b*c3947083ae6b4e6
28753d9b6d20fefa3a62eb1c3b14cd9dca3033afe032bd1ef --status
--status timer=5 -D1 -w3 ry8.txt --potfile-disable

4.3 Test Cases

We have conducted experiments with the keystore file generated in Ethereum
wallet to investigate the possibilities of hacking methods to crack the wallet
credentials. In our tests, we chose 8 different passwords with the length of 8
characters. Since the minimum password length of Ethereum wallet is eight, we
assumed that most of the users use 8 characters-long passwords for their wallet
accounts. The selected passwords that we used in our test cases are 00000000,
12345678, a1234567, abcdefgh, kangaroo, 10294538, anchdksl and aSjk39fD.
The reasons that we have chosen these passwords are explained in Table 2. The
keystore files with these passwords are available to download from Github [3].
After passwords were chosen, we tested both brute-force attack and dictio-
nary attack using hashcat to crack the selected keystore files. For each password
and both attacks, we ran cracking 40 times in order to get reliable and accurate
result. We have set the maximum cracking time to one hour for both attacks
scenarios to check weather the keystore file is successfully cracked or failed. Fur-
ther, we used the masked cracking feature in hashcat that sets up more specific
 Attainable Hacks on Keystore Files in Ethereum Wallets 111

Table 2. Selected passwords and reasons for choosing them [18, 64]

Password Reason to choose

00000000 Users usually use same characters with minimum length
12345678 Users use continues digits to memorize easily
a1234567 Users use very simple combination of alphabet and digits with minimum
length
abcdefgh Users use continues alphabetical letters to memorize easily
kangaroo Users use their favourite word with the minimum length and easy to
memorize
10294538 Advanced users use password generator to generate random password in
digits
anchdksl Advanced users use password generator to generate random password in
letters
aSjk39fD Advanced users use password generator to generate random passwords
include upper, lower case letters and digits

rules to brute-force attack. The masked cracking was increased the success rate
and reduced the cracking time [58]. The results from all the test cases with each
password are uploaded in Github repository [3] for future research.

5 Problem Analysis and Discussion

In our experiments, we assumed that an adversary was able to get

the keystore file from the victims’s machine that was generated by an
Ethereum offline/desktop wallet as it is stored in the default directory
chaindata/keystore/.
The challenges exist in Ethereum wallets are much related to the problems
and attacks we discussed in Sect. 3, literature review. For an example, Wi-Fi
key re-installation attack combined with phishing attack can lead to leak the
Ethereum wallet’s password and the keystore file as well. An adversary can
pretend to be the public Wi-Fi, and send request to download file to the victim
with fake portal page. It will request the victim to download a program to
connect to internet. This method allows attacker to trick victims to download
Trojan horse that would steal the Ethereum wallet keystore file and password.
In our study, we have analysed the possibilities of two hacking mechanisms
that are brute-force and dictionary attack. The result from brute-force attack
showed that Hashcat is failed to crack all of keystore files within 1 hour. It is
estimated at least to spend more than ten years to crack the password by trying
every combination of lower case, upper case and digits. It makes brute-force so
hard if the user used complex password using letters and digits. The mask feature
in hashcat allowed us to specify the format of password for brute-force cracking.
For example, we can define the values for length, character or numeric values for
112 P. Praitheeshan et al.

a password to be cracked. Adding mask in brute-force attack was able to crack

reduced the estimated time to 116 days and passwords cracked within 13 min.
The success rate was increased and the passwords of 00000000 and 12345678
were cracked successfully. Other passwords were failed to crack even with the
mask brute-force condition.
In the dictionary attack, weak passwords with single characters, continues
digits or letters, combination of simple digits and letters and common words
like kangaroo were easy to crack since they are listed in the rockyou dictio-
nary file. The cracking time for password 12345678 was very less compare to
the time taken for password a1234567. Interestingly password 00000000 was
not the fastest to be cracked even it is a simple one. The cracking efficiency
is depends on where the password is located in the dictionary file. If we look
up the dictionary file, it was observed that the password resides in top lines
were cracked with less time than the password that are in bottom lines in the
files. Further we discovered that random digits, random characters and random
mixture of upper case, lower case letters and digits can help to increase the
level of complexity. Hashcat was unable to crack the keystore file with password
10294538, anchdlksl and aSjk39fD within an hour. The common and weak
passwords have higher chance to appear in the dictionary file and more vulner-
able to dictionary attacks. Random passwords have higher complexity level and
they are not in the dictionary file. Thus, the chance of cracking passwords that
includes random letters and digits is less compare to the common passwords that
uses continuous digits/letters and easy words.
Overall, our experiment results showed that the dictionary attack on
Ethereum keystore files uses less time to crack the password. But it also failed to
crack complex password within the expected time. The brute-force attack is not
a good hacking mechanism to crack Ethereum keystore file since it was failed
to crack all of the passwords which we selected. But it was able to crack some
simple/weak passwords successfully when the masked brute-force was applied.
With our study, we investigated that the security of Ethereum wallet keystore
file is good enough to keep apart from adversaries. The major hacking factor
of keystore file in Ethereum wallet is the complexity. From our experiments,
we concluded that the complex passwords are more secured than common or
simple passwords. We also discovered that the Ethereum wallet is using SCRYPT
[15,24] that enables the password cracking very difficult due to its memory hard
hash algorithm.

6 Conclusion

This paper reviewed the state of the art of attacks which can be utilized to attack
Ethereum wallets and analyzed the experiment we have conducted with brute-
force and dictionary attack in the Ethereum wallet keystore file. We investigated
that the main goal of adversaries is to steal the keystore file which is generated by
Ethereum wallet to drain off Ethers from the victim’s account. This keystore file
contains very important and sensitive information about the Ethereum wallet.
 Attainable Hacks on Keystore Files in Ethereum Wallets 113

There is no encryption applied to the keystore file and it is stored in a plain

text file with content in JSON format. Any malicious user who has access to the
Ethereum wallet file directory, can steal this file and use hashcat to crack its
password.
In the future, there are possibilities that adversaries can utilize different and
combinations of attack methods to steal Ethers from victim. They can combine
WiFi key re-installation with phishing attack and click bait attack to obtain
passwords from the victim directly. The keystore file also can be stolen by utiliz-
ing trojan horse and fake websites. The attackers can utilize drive by downloads
to implant trojan horse to victim’s device and get the keystore file. The adver-
saries are able to utilize search engines to do profiling of some Ethereum wallets
and then prepare for spear phishing attack combined with click baits to find
keystore file and password.
To improve the security of Ethereum wallet, it is necessary for account hold-
ers to use more complex passwords, such as those password must include com-
bination of upper case, lower case characters, digits, special characters and the
minimum length of password must be 8. Further, it is advisable to encrypt the
keystore file instead of saving it in a plain text form on the disk. These awareness
methods would help to make the Ethereum wallet well secured.

References
1. Blockchain platform: Ethereum. https://www.ethereum.org/
2. Etherchain - The Ethereum Blockchain Explorer. https://www.etherchain.org/
3. Ethereum Wallet Attacks and Countermeasure Assnalysis. https://github.com/
coddec/ethereum-attack-countermeasure/tree/master/
4. Etherscan - The Ethereum Blockchain Explorer. https://etherscan.io/
5. Geth - The Go Implementation of Ethereum Protocol. https://github.com/
ethereum/mist/
6. Geth - The Go Implementation of Ethereum Protocol. https://geth.ethereum.org/
7. Hashcat - An advanced password recovery tool. https://hashcat.net/hashcat/
8. Hashcat 4.2.1.7 - Download Software files. https://hashcat.net/files/hashcat-4.2.1.
7z
9. MyEtherWallet - The Ethereum Original Wallet. https://www.myetherwallet.
com/
10. Parity Wallet Library. https://github.com/paritytech/parity/blob/4d08e7b0aec46
443bf26547b17d10cb302672835/js/src/contracts/snippets/enhanced-wallet.sol
11. The python script file to convert keystore file to hashcat compatible for-
mat. https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/
run/ethereum2john.py
12. Ethereum Foundation. Ethereum’s white paper (2014). https://github.com/
ethereum/wiki/wiki/White-Paper
13. An In-Depth Look at the Parity Multisig Bug (2016). http://hackingdistributed.
com/2017/07/22/deep-dive-parity-bug/
14. Abe, J.: Bitcoin, wallet management and network security management with stor-
age components: a model (2018)
114 P. Praitheeshan et al.

15. Alwen, J., Chen, B., Pietrzak, K., Reyzin, L., Tessaro, S.: Scrypt is maximally
memory-hard. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS,
vol. 10212, pp. 33–62. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-
56617-7 2
16. Antonopoulos, A.M., Wood, G.: Mastering Ethereum: Building Smart Contracts
and DApps. O’Reilly Media, Sebastopol (2018)
17. Atzei, N., Bartoletti, M., Cimoli, T.: A survey of attacks on ethereum smart con-
tracts (SoK). In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp.
164–186. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-
68
18. Campbell, J., Ma, W., Kleeman, D.: Impact of restrictive composition policy on
user password choices. Behav. Inf. Technol. 30(3), 379–388 (2011)
19. Canali, D., Balzarotti, D.: Behind the scenes of online attacks: an analysis of
exploitation behaviors on the web. In: 20th Annual Network & Distributed System
Security Symposium (NDSS 2013) (2013)
20. Cao, Y., Chen, Z., Li, S., Wu, S.: Deterministic browser. In: Proceedings of the
2017 ACM SIGSAC Conference on Computer and Communications Security, pp.
163–178. ACM (2017)
21. Chen, Q.A., Osterweil, E., Thomas, M., Mao, Z.M.: MitM attack by name collision:
cause analysis and vulnerability assessment in the new gTLD era. In: 2016 IEEE
Symposium on Security and Privacy (SP), pp. 675–690. IEEE (2016)
22. Chen, Q.A., Thomas, M., Osterweil, E., Cao, Y., You, J., Mao, Z.M.: Client-side
name collision vulnerability in the new gTLD era: a systematic study. In: Proceed-
ings of the 2017 ACM SIGSAC Conference on Computer and Communications
Security, pp. 941–956. ACM (2017)
23. Chen, T., et al.: Understanding ethereum via graph analysis. In: Proceedings of
INFOCOM (2018)
24. Dannen, C.: Introducing Ethereum and Solidity. Springer, Heidelberg (2017).
https://doi.org/10.1007/978-1-4842-2535-6
25. Das, A., Borisov, N., Caesar, M.: Tracking mobile web users through motion sen-
sors: attacks and defenses. In: NDSS (2016)
26. Ge, X., Payer, M., Jaeger, T.: An evil copy: how the loader betrays you. In: NDSS
(2017)
27. Gelernter, N., Kalma, S., Magnezi, B., Porcilan, H.: The password reset MitM
attack. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 251–267.
IEEE (2017)
28. Genkin, D., Pachmanov, L., Pipman, I., Tromer, E., Yarom, Y.: ECDSA key extrac-
tion from mobile devices via nonintrusive physical side channels. In: Proceedings of
the 2016 ACM SIGSAC Conference on Computer and Communications Security,
pp. 1626–1638. ACM (2016)
29. Han, X., Kheir, N., Balzarotti, D.: Phisheye: live monitoring of sandboxed phishing
kits. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and
Communications Security, pp. 1402–1413. ACM (2016)
30. He, S., et al.: A social-network-based cryptocurrency wallet-management scheme.
IEEE Access 6, 7654–7663 (2018)
31. Hojjati, A., et al.: Leave your phone at the door: side channels that reveal factory
floor secrets. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer
and Communications Security, pp. 883–894. ACM (2016)
32. Homoliak, I., Breitenbacher, D., Binder, A., Szalachowski, P.: An air-gapped 2-
factor authentication for smart-contract wallets (2018). https://doi.org/10.13140/
RG.2.2.11358.69445
 Attainable Hacks on Keystore Files in Ethereum Wallets 115

33. Houshmand, S., Aggarwal, S., Flood, R.: Next Gen PCFG password cracking. IEEE
Trans. Inf. Forensics Secur. 10(8), 1776–1791 (2015)
34. Hranickỳ, R., Zobal, L., Ryšavỳ, O., Kolář, D.: Distributed password cracking with
BOINC and hashcat. Digit. Investig. 30, 161–172 (2019)
35. Invernizzi, L., Thomas, K., Kapravelos, A., Comanescu, O., Picod, J.M., Bursztein,
E.: Cloak of visibility: detecting when machines browse a different web. In: 2016
IEEE Symposium on Security and Privacy (SP), pp. 743–758. IEEE (2016)
36. Jero, S., Koch, W., Skowyra, R., Okhravi, H., Nita-Rotaru, C., Bigelow, D.: Identi-
fier binding attacks and defenses in software-defined networks. In: 26th {USENIX}
Security Symposium ({USENIX} Security 2017), pp. 415–432 (2017)
37. Jin, X., Hu, X., Ying, K., Du, W., Yin, H., Peri, G.N.: Code injection attacks on
HTML5-based mobile apps: characterization, detection and mitigation. In: Pro-
ceedings of the 2014 ACM SIGSAC Conference on Computer and Communications
Security, pp. 66–77. ACM (2014)
38. Karapanos, N., Capkun, S.: On the effective prevention of {TLS} man-in-the-
middle attacks in web applications. In: 23rd {USENIX} Security Symposium
({USENIX} Security 2014), pp. 671–686 (2014)
39. Kogan, D., Manohar, N., Boneh, D.: T/key: second-factor authentication from
secure hash chains. In: Proceedings of the 2017 ACM SIGSAC Conference on Com-
puter and Communications Security, pp. 983–999. ACM (2017)
40. Lauinger, T., Chaabane, A., Arshad, S., Robertson, W., Wilson, C., Kirda, E.:
Thou shalt not depend on me: analysing the use of outdated javascript libraries
on the web. arXiv preprint arXiv:1811.00918 (2018)
41. Li, T., et al.: Unleashing the walking dead: understanding cross-app remote infec-
tions on mobile webviews. In: Proceedings of the 2017 ACM SIGSAC Conference
on Computer and Communications Security, pp. 829–844. ACM (2017)
42. Li, X., Jiang, P., Chen, T., Luo, X., Wen, Q.: A survey on the security of blockchain
systems. Futur. Gener. Comput. Syst. (2017)
43. Lin, I.C., Liao, T.C.: A survey of blockchain security issues and challenges. IJ
Netw. Secur. 19(5), 653–659 (2017)
44. Luo, M., Starov, O., Honarmand, N., Nikiforakis, N.: Hindsight: understanding
the evolution of UI vulnerabilities in mobile browsers. In: Proceedings of the 2017
ACM SIGSAC Conference on Computer and Communications Security, pp. 149–
162. ACM (2017)
45. Meng, W., Xing, X., Sheth, A., Weinsberg, U., Lee, W.: Your online interests:
Pwned! a pollution attack against targeted advertising. In: Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications Security, pp.
129–140. ACM (2014)
46. Monshizadeh, M., Naldurg, P., Venkatakrishnan, V.: MACE: detecting privilege
escalation vulnerabilities in web applications. In: Proceedings of the 2014 ACM
SIGSAC Conference on Computer and Communications Security, pp. 690–701.
ACM (2014)
47. Muthukumaran, D., O’Keeffe, D., Priebe, C., Eyers, D., Shand, B., Pietzuch, P.:
Flowwatcher: defending against data disclosure vulnerabilities in web applications.
In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Commu-
nications Security, pp. 603–615. ACM (2015)
48. Naiakshina, A., Danilova, A., Tiefenau, C., Herzog, M., Dechand, S., Smith, M.:
Why do developers get password storage wrong?: a qualitative usability study. In:
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communi-
cations Security, pp. 311–328. ACM (2017)
116 P. Praitheeshan et al.

49. Palladino, S.: The parity wallet hack explained, July 2017. https://blog.zeppelin.
solutions/on-the-parity-wallet-multisig-hack-405a8c12e8f7
50. Redini, N., et al.: Bootstomp: on the security of bootloaders in mobile devices.
In: 26th {USENIX} Security Symposium ({USENIX} Security 2017), pp. 781–798
(2017)
51. Sanchez-Rola, I., Santos, I., Balzarotti, D.: Extension breakdown: security analy-
sis of browsers extension resources control policies. In: 26th {USENIX} Security
Symposium ({USENIX} Security 2017), pp. 679–694 (2017)
52. Shan, H., Wang, Q., Pu, C.: Tail attacks on web applications. In: Proceedings of
the 2017 ACM SIGSAC Conference on Computer and Communications Security,
pp. 1725–1739. ACM (2017)
53. Silver, D., Jana, S., Boneh, D., Chen, E., Jackson, C.: Password managers: attacks
and defenses. In: 23rd {USENIX} Security Symposium ({USENIX} Security 2014),
pp. 449–464 (2014)
54. Song, Y., Cai, Z., Zhang, Z.L.: Multi-touch authentication using hand geometry
and behavioral information. In: 2017 IEEE Symposium on Security and Privacy
(SP), pp. 357–372. IEEE (2017)
55. Soska, K., Christin, N.: Automatically detecting vulnerable websites before they
turn malicious. In: 23rd {USENIX} Security Symposium ({USENIX} Security
2014), pp. 625–640 (2014)
56. Su, Y., Genkin, D., Ranasinghe, D., Yarom, Y.: {USB} snooping made easy:
crosstalk leakage attacks on {USB} hubs. In: 26th {USENIX} Security Sympo-
sium ({USENIX} Security 2017), pp. 1145–1161 (2017)
57. Tajalizadehkhoob, S., et al.: Herding vulnerable cats: a statistical approach to
disentangle joint responsibility for web security in shared hosting. In: Proceedings
of the 2017 ACM SIGSAC Conference on Computer and Communications Security,
pp. 553–567. ACM (2017)
58. Tatlı, E.I.: Cracking more password hashes with patterns. IEEE Trans. Inf. Foren-
sics Secur. 10(8), 1656–1665 (2015)
59. Tian, D.J., Bates, A., Butler, K.R., Rangaswami, R.: ProvUSB: Block-level
provenance-based data protection for USB storage devices. In: Proceedings of the
2016 ACM SIGSAC Conference on Computer and Communications Security, pp.
242–253. ACM (2016)
60. Valenta, M., Sandner, P.: Comparison of ethereum, hyperledger fabric and corda.
[ebook] Frankfurt School, Blockchain Center (2017)
61. Vanhoef, M., Piessens, F.: Key reinstallation attacks: forcing nonce reuse in WPA2.
In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Commu-
nications Security, pp. 1313–1328. ACM (2017)
62. Varadarajan, V., Zhang, Y., Ristenpart, T., Swift, M.: A placement vulnerabil-
ity study in multi-tenant public clouds. In: 24th {USENIX} Security Symposium
({USENIX} Security 2015), pp. 913–928 (2015)
63. Vissers, T., Barron, T., Van Goethem, T., Joosen, W., Nikiforakis, N.: The wolf of
name street: hijacking domains through their nameservers. In: Proceedings of the
2017 ACM SIGSAC Conference on Computer and Communications Security, pp.
957–970. ACM (2017)
64. Wash, R., Rader, E., Berman, R., Wellmer, Z.: Understanding password choices:
how frequently entered passwords are re-used across websites. In: Twelfth Sympo-
sium on Usable Privacy and Security ({SOUPS} 2016), pp. 175–188 (2016)
65. Wood, G.: Ethereum: a secure decentralised generalised transaction ledger.
Ethereum Proj. Yellow Pap. 151, 1–32 (2014)
 Attainable Hacks on Keystore Files in Ethereum Wallets 117

66. Wressnegger, C., Yamaguchi, F., Maier, A., Rieck, K.: Twice the bits, twice the
trouble: vulnerabilities induced by migrating to 64-bit platforms. In: Proceedings
of the 2016 ACM SIGSAC Conference on Computer and Communications Security,
pp. 541–552. ACM (2016)
67. Xiao, Y., Li, M., Chen, S., Zhang, Y.: Stacco: differentially analyzing side-channel
traces for detecting SSL/TLS vulnerabilities in secure enclaves. In: Proceedings of
the 2017 ACM SIGSAC Conference on Computer and Communications Security,
pp. 859–874. ACM (2017)
68. Yli-Huumo, J., Ko, D., Choi, S., Park, S., Smolander, K.: Where is current research
on blockchain technology? A systematic review. PloS ONE 11(10), e0163477 (2016)
69. Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-tenant side-channel
attacks in PaaS clouds. In: Proceedings of the 2014 ACM SIGSAC Conference
on Computer and Communications Security, pp. 990–1003. ACM (2014)
70. Zuo, C., Zhao, Q., Lin, Z.: Authscope: towards automatic discovery of vulnera-
ble authorizations in online services. In: Proceedings of the 2017 ACM SIGSAC
Conference on Computer and Communications Security, pp. 799–813. ACM (2017)

View publication stats