Skip to content

An HTML/Javascript Silent Miner... Simple html page I made that contains the famous Monero Miner Coin Hive, the miner start without user consent and silently ... You can set the% of the processor to take to the victim machine...

Notifications You must be signed in to change notification settings

JonnyBanana/Coin-Hive_Hidden-Miner.github.io

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Coin-Hive_Hidden-Miner.github.io

Silent HTML Monero Miner

Alt text

I have created this simple html page as a demonstration on how to make hidden the javascript miner of Coin Hive.
In fact, even if the site says that you can not use the miner without the consent of the user, in reality, things are very different ...
In part however it is true what they say, in fact if you try to call the .js file of the miner directly from their servers, that is:

https://coinhive.com/lib/coinhive.min.js?v8
https://authedmine.com/lib/authedmine.min.js?v8

you will see that the user's consent will be required, but the thing is easily circumvented, in fact just host the .js file directly on the server where you host the html page you want to use for the miner, for security I also changed the file name, since now the miner is well known by the vendor antivirus and company ....

:trollface: :trollface: :trollface: :trollface: :trollface: :trollface::trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface:

https://jonnybanana.github.io/Coin-Hive_Hidden-Miner.github.io/

:trollface: :trollface: :trollface: :trollface: :trollface: :trollface::trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface: :trollface:


Requirements


Browser Compatibility

All


How it Works???

Once you register on CoinHive and after creating the site key you are ready for the simple setting of the miner. In practice everything is concentrated in the few lines in the code index.html file that you can see in the image:


Alt text


In line 20 it is sufficient to replace the url (in my case hosted in github) with that of the webserver where you have loaded the html page. Note that I replaced the file name from coinhive.min.js to pino.js, this for a further avoidance of the AV, of course you can rename the file with a name of your choice ...

You can see the original file hosted on CoinHive servers here:

https://coinhive.com/lib/coinhive.min.js?v8

From line 22 onwards the miner settings start, with the Coinhive.Anonymous command we tell the miner to start anonymously,
after which you can see my public key, which you have to replace with your public site key.
The throttle command determines the % of the processor you want to steal from the victim machine, 0 is 100% while 0.8 is the minimum.

In my case I set the request to 80%

Alt text

While the miner.start command simply starts the miner (in our case without user consent ...).

The commands of the javascript miner are many, you can consult them from here:

https://coinhive.com/documentation/miner#constructor-options


The miner is not persistent, and lasts as long as the browser is open, but it is very easy to create a simple script that opens a browser in "headless mode" and that is injected in the startup processes (in windows for example it is enough to copy the script in the startup folder), if you want to know more about the hedless mode of browsers you can read here:

https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Headless_mode

https://developers.google.com/web/updates/2017/04/headless-chrome

https://gist.github.com/JonnyBanana/b5561f9fc7ac081a399c518831893531


you can test my miner from here:

https://jonnybanana.github.io/Coin-Hive_Hidden-Miner.github.io/

Thanks for the hashing! ❤️ ❤️ ❤️

Alt text


Curiosity

The image PNG used as background in this example is actually a simple algorithm that i have designed / written in PIET.
Who wants can test it in the online interface from here:

https://www.bertnase.de/npiet/npiet-execute.php


Alt text


Update Feb. 2019

CoinHive has announced that it will discontinue its services on March 8, 2019.

So unfortunately the page is no longer working and it is no longer possible to test the silent miner...

https://thehackernews.com/2019/02/cryptocurrency-mining-coinhive.html


About

An HTML/Javascript Silent Miner... Simple html page I made that contains the famous Monero Miner Coin Hive, the miner start without user consent and silently ... You can set the% of the processor to take to the victim machine...

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published