FB customer service 2021-04-16 16:16:45 阅读数:618
Teatime Is a RPC Infiltration framework , It aims to help researchers scan and discover the wrong configuration in blockchain nodes .Teatime Support to detect all kinds of problems , From information leakage to open account , And then configuration tampering , It's very powerful .
Teatime Our goal is to help us Scan nodes with security vulnerabilities , And minimize the risk of node based attacks caused by common vulnerabilities .Teatime Using a plug-in based architecture , Therefore, the majority of researchers can easily use their own inspection extension library .
Please note that , This project is only a proof of concept at present PoC, The documentation is not rich enough , But then the developers will continue to improve .
Teatime be based on Python 3.6 Development , Therefore, the majority of users need to install and configure on their own devices first Python v3.6+ Environmental Science .
First , We need to use the following command to install Teatime：
$ pip3 install teatime
Or say , We can also use the following command to clone the source code of the project locally , Then run the install command ：
git clone https://github.com/dmuhs/teatime.git $ pip3 install
Yes, of course , We can also pass Python Of setuptools To install Teatime：
$ python3 setup.py install
First , We need to instantiate a Scanner class , Then pass in the target IP、 port 、 Node type and initialization plug-in list . You can use the following code samples as a reference , To detect the target node ：
from teatime.scanner import Scanner from teatime.plugins.context import NodeType from teatime.plugins.eth1 import NodeSync, MiningStatus TARGET_IP = "127.0.0.1" TARGET_PORT = 8545 INFURA_URL = "Infura API Endpoint" def get_scanner(): return Scanner( ip=TARGET_IP, port=TARGET_PORT, node_type=NodeType.GETH, plugins=[ NodeSync(infura_url=INFURA_URL, block_threshold=10), MiningStatus(should_mine=False) ] ) if __name__ == '__main__': scanner = get_scanner() report = scanner.run() print(report.to_dict())
For details, please refer to examples More examples of tools in the directory .Teatime It's completely typed , So if you don't like reading documents , It can also be in IDE Free to explore options in .
Teatime The future development direction has not yet been determined , But we prefer to add more than RPC Interface, broader inspection support , Especially for the following technologies ：
Ethereum 2.0 Filecoin IPFS
Teatime： Click on the bottom 【 Read the original 】 obtain
This article is from WeChat official account. - FreeBuf（freebuf）
The source and reprint of the original text are detailed in the text , If there is any infringement , Please contact the firstname.lastname@example.org Delete .
Original publication time ： 2021-03-25
Participation of this paper Tencent cloud media sharing plan , You are welcome to join us , share .
版权声明：本文为[FB customer service]所创，转载请带上原文链接，感谢。 https://netfreeman.com/2021/04/20210416144526691E.html