Teatime: RPC Framework attack on Blockchain
Teatime is an RPC attack Framework, which aims to make it easier to detect incorrect configurations on blockchain nodes.
Detects a wide variety of security issues, from information leaks to account opening and setting management.
Its purpose is to enable node vulnerabilities to scan for nodes and to minimize the risk of node-based attacks due to common vulnerabilities. Teatime uses an add-on architecture, so expanding the library with your own controls is simple and easy.
Teatime runs on Python 3.6+.
To get started, just run
$ pip3 install teatime
Alternatively, download the repository and run it
$ pip3 install .
Or directly via Python's setuptools:
$ python3 setup.py install
To get started, simply create a Scanner class and pass your target IP, port, node type, and list of installed plugins. Consider the following example to check if a node is synchronized and working:
from teatime.scanner import Scanner from teatime.plugins.context import NodeType from teatime.plugins.eth1 import NodeSync, MiningStatus TARGET_IP = "127.0.0.1" TARGET_PORT = 8545 INFURA_URL = Infura API Endpoint def get_scanner(): return Scanner( ip=TARGET_IP, port=TARGET_PORT, node_type=NodeType.GETH, plugins=[ NodeSync(infura_url=INFURA_URL, block_threshold=10), MiningStatus(should_mine=False)]) if __name__ == '__main__': scanner = get_scanner() report = scanner.run() print(report.to_dict()