lol Cryptopunks theft

on under Web
2 minute read

lol Cryptopunks theft

I was browsing youtube today and noticed that John Hammond, aka TheCyberMentor, released a video about NFTs.
He just casually used the browser developer tools to find the root directory of a cryptopunk 120x120 image and scripted out a sequential GET (I guess) to GET them all.
Honestly I didn’t finish watching the video yet.
I just closed the video and ran with it. I had wanted a cryptopunk but, of course, I’m not buying one, I won’t even buy an ESXI license!

So…
I went to the cryptopunks website, larvalabs.com/cryptopunks.
I browsed around for a bit, until I found a cryptopunk that I wanted.
I couldn’t decide, so I stole the one that I think Alex Becker uses.
This is the punk I chose: https://www.larvalabs.com/cryptopunks/details/4940 If you right-click the large punk image, and open image in new tab, then you get the super tiny version of it, as pictured below:
punk4940openinnewtab
I opened up my (Chrome) browser developer tools, navigated to Network, and refreshed the page. Refreshing the page populates all the network requests of the page.
Once the fresh requests populate under the Network section, I clicked the Img tab. The Img tab shows data on all the images requested for that page over the network.
punk4940networkimglist
Clicking on either listed image then brings up the headers. I have been learning lately that headers are VERY useful, by the way.
Here are the headers for the larger image listed.
punk4940networkimgsrc
As you can see, it shows the actual URL for that image, which is different from our current location of /cryptopunks/details/4940. So I went to that URL, downloaded the image, and uploaded it into http://realfavicongenerator.net/! I then went through the process of removing the old stock favicons and replacing them with the entire package generated by our friendly generator site.
WINNING
SUCCESS! That was a fun 20min or so, and hour of typing this up, messing with imgur and markdown links, etc! Next up will likely be either some basic dumps about Cisco’s Email Security Appliance, or some TryHackMe stuff!

Web
comments powered by Disqus