From d8de112e44c6ca14de613cd874877f10c1931ede Mon Sep 17 00:00:00 2001
From: Chan9390 <bnchandrapal@gmail.com>
Date: Tue, 26 Sep 2017 17:14:13 +0530
Subject: [PATCH 1/2] Initial Bitcoin OSINT commit

---
 bitcoinOsint.py                   | 17 ++++++++
 bitcoins/__init__.py              | 11 +++++
 bitcoins/base.py                  |  5 +++
 bitcoins/bitcoin_blockexplorer.py | 70 +++++++++++++++++++++++++++++++
 bitcoins/template.py              | 37 ++++++++++++++++
 datasploit.py                     |  4 ++
 6 files changed, 144 insertions(+)
 create mode 100644 bitcoinOsint.py
 create mode 100644 bitcoins/__init__.py
 create mode 100644 bitcoins/base.py
 create mode 100644 bitcoins/bitcoin_blockexplorer.py
 create mode 100644 bitcoins/template.py

diff --git a/bitcoinOsint.py b/bitcoinOsint.py
new file mode 100644
index 00000000..4a335c7e
--- /dev/null
+++ b/bitcoinOsint.py
@@ -0,0 +1,17 @@
+#!/usr/bin/env python
+
+import sys
+import osint_runner
+import optparse
+
+
+def run(bitcoin, output = None):
+    osint_runner.run("bitcoin", "bitcoins", bitcoin, output)
+
+
+if __name__ == "__main__":
+    parser = optparse.OptionParser()
+    parser.add_option('-o', '--output', action="store", dest="output", help="Save output in either JSON or HTML")
+    options, args = parser.parse_args()
+    bitcoin = args[0]
+    run(bitcoin, options.output)
diff --git a/bitcoins/__init__.py b/bitcoins/__init__.py
new file mode 100644
index 00000000..2b5bc091
--- /dev/null
+++ b/bitcoins/__init__.py
@@ -0,0 +1,11 @@
+
+from os.path import dirname, basename, isfile, abspath
+import glob, importlib, sys
+
+modules = glob.glob(dirname(__file__) + "/bitcoin_*.py")
+__all__ = [basename(f)[:-3] for f in modules if isfile(f)]
+sys.path.append(dirname(abspath(__file__)))
+
+for m in __all__:
+        __import__(m, locals(), globals())
+del m, f, dirname, basename, isfile, abspath, glob, importlib, sys, modules
diff --git a/bitcoins/base.py b/bitcoins/base.py
new file mode 100644
index 00000000..2d3f5a2f
--- /dev/null
+++ b/bitcoins/base.py
@@ -0,0 +1,5 @@
+import sys
+import os
+
+dir_path = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
+sys.path.insert(0, dir_path)
diff --git a/bitcoins/bitcoin_blockexplorer.py b/bitcoins/bitcoin_blockexplorer.py
new file mode 100644
index 00000000..dd79f5d0
--- /dev/null
+++ b/bitcoins/bitcoin_blockexplorer.py
@@ -0,0 +1,70 @@
+#!/usr/bin/env python
+
+import base
+import config as cfg
+import sys
+from termcolor import colored
+import requests
+
+# Control whether the module is enabled or not
+ENABLED = True
+
+class style:
+    BOLD = '\033[1m'
+    END = '\033[0m'
+
+def validate(bitcoin_address):
+    r = requests.get("https://blockexplorer.com/api/addr-validate/" + bitcoin_address)
+    return r.content
+
+def get_account_properties(bitcoin_address):
+    block_explorer_url_addr = "https://blockexplorer.com/api/addr/"
+    try:
+        print "[!] Details in Satoshis"
+        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/balance"
+        balance = requests.get(block_explorer_url_full)
+        print "[+] Balance             : %s" % balance.content
+
+        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/totalReceived"
+        total_received = requests.get(block_explorer_url_full)
+        print "[+] Total Received      : %s" % total_received.content
+
+        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/totalSent"
+        total_sent = requests.get(block_explorer_url_full)
+        print "[+] Total Sent          : %s" % total_sent.content
+
+        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/unconfirmedBalance"
+        unconfirmed_balance = requests.get(block_explorer_url_full)
+        print "[+] Unconfirmed Balance : %s" % unconfirmed_balance.content
+
+        print ""
+    except Exception as e:
+        print e
+        print "[-] Error retrieving bitcoin wallet balance\n"
+
+def banner():
+    print colored(style.BOLD + '---> Finding details of this Bitcoin wallet\n' + style.END, 'blue')
+
+
+def main(bitcoin):
+    if validate(bitcoin) == 'true':
+        print "[+] Bitcoin address exists\n"
+        get_account_properties(bitcoin)
+    else:
+        print "[-] Invalid Bitcoin address"
+
+# def output(data, bitcoin=""):
+#    for i in data:
+#        print i
+
+
+if __name__ == "__main__":
+    try:
+        bitcoin = sys.argv[1]
+        banner()
+        #result = main(bitcoin)
+        #output(result, bitcoin)
+        main(bitcoin)
+    except Exception as e:
+        print e
+        print "Please provide an valid Bitcoin address as argument"
diff --git a/bitcoins/template.py b/bitcoins/template.py
new file mode 100644
index 00000000..b7aaf990
--- /dev/null
+++ b/bitcoins/template.py
@@ -0,0 +1,37 @@
+#!/usr/bin/env python
+
+import base
+import config as cfg
+import sys
+from termcolor import colored
+
+# Control whether the module is enabled or not
+ENABLED = True
+
+
+def banner():
+    # Write a cool banner here
+    pass
+
+
+def main(bitcoin):
+    # Use the bitcoin variable to do some stuff and return the data
+    print bitcoin
+    return []
+
+
+def output(data, bitcoin=""):
+    # Use the data variable to print out to console as you like
+    for i in data:
+        print i
+
+
+if __name__ == "__main__":
+    try:
+        bitcoin = sys.argv[1]
+        banner()
+        result = main(bitcoin)
+        output(result, bitcoin)
+    except Exception as e:
+        print e
+        print "Please provide an valid Bitcoin address as argument"
diff --git a/datasploit.py b/datasploit.py
index 813e11c9..bd52d065 100755
--- a/datasploit.py
+++ b/datasploit.py
@@ -6,6 +6,7 @@
 import emailOsint
 import domainOsint
 import ipOsint
+import bitcoinOsint
 import usernameOsint
 
 parser = optparse.OptionParser()
@@ -41,6 +42,9 @@ def main(user_input, output = None):
     elif re.match('^[a-zA-Z\d-]{,63}(\.[a-zA-Z\d-]{,63}).$', user_input):
         print "Looks like a DOMAIN, running domainOsint...\n"
         domainOsint.run(user_input, output)
+    elif re.match('^[13][a-km-zA-HJ-NP-Z1-9]{25,34}$', user_input):
+        print "Looks like a Bitcoin address...\n"
+        bitcoinOsint.run(user_input, output)
     else:
         print "Looks like a Username, running usernameOsint...\n"
         usernameOsint.run(user_input, output)

From dce20d72f727d5c9e69f1b7437469f4e28904f19 Mon Sep 17 00:00:00 2001
From: Chan9390 <bnchandrapal@gmail.com>
Date: Sun, 17 Dec 2017 08:08:10 +0530
Subject: [PATCH 2/2] Added exception handling

---
 bitcoins/bitcoin_blockexplorer.py | 39 +++++++++++++++++--------------
 1 file changed, 22 insertions(+), 17 deletions(-)

diff --git a/bitcoins/bitcoin_blockexplorer.py b/bitcoins/bitcoin_blockexplorer.py
index dd79f5d0..11ab2366 100644
--- a/bitcoins/bitcoin_blockexplorer.py
+++ b/bitcoins/bitcoin_blockexplorer.py
@@ -17,25 +17,30 @@ def validate(bitcoin_address):
     r = requests.get("https://blockexplorer.com/api/addr-validate/" + bitcoin_address)
     return r.content
 
+def get_data(bitcoin_address, url):
+    block_explorer_url_full = "https://blockexplorer.com/api/addr/" + bitcoin_address + url
+    res = requests.get(block_explorer_url_full)
+    # Status 400 - Some internal error "Bitcoin JSON-RPC: Work queue depth exceeded. Code:429"
+    # Status 502 - Internal server error. Cloudflare error page breaks the code.
+    while res.status_code == 400 or res.status_code == 502: 
+      res = requests.get(block_explorer_url_full)
+    return res.content
+
 def get_account_properties(bitcoin_address):
-    block_explorer_url_addr = "https://blockexplorer.com/api/addr/"
     try:
-        print "[!] Details in Satoshis"
-        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/balance"
-        balance = requests.get(block_explorer_url_full)
-        print "[+] Balance             : %s" % balance.content
-
-        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/totalReceived"
-        total_received = requests.get(block_explorer_url_full)
-        print "[+] Total Received      : %s" % total_received.content
-
-        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/totalSent"
-        total_sent = requests.get(block_explorer_url_full)
-        print "[+] Total Sent          : %s" % total_sent.content
-
-        block_explorer_url_full = block_explorer_url_addr + bitcoin_address + "/unconfirmedBalance"
-        unconfirmed_balance = requests.get(block_explorer_url_full)
-        print "[+] Unconfirmed Balance : %s" % unconfirmed_balance.content
+        print "[!] Details in Satoshis (1 BTC = 100,000,000 Satoshis)"
+
+        balance = get_data(bitcoin_address, "/balance")
+        print "[+] Balance             : %s" % balance
+
+        total_received = get_data(bitcoin_address, "/totalReceived")
+        print "[+] Total Received      : %s" % total_received
+
+        total_sent = get_data(bitcoin_address, "/totalSent")
+        print "[+] Total Sent          : %s" % total_sent
+
+        unconfirmed_balance = get_data(bitcoin_address, "/unconfirmedBalance")
+        print "[+] Unconfirmed Balance : %s" % unconfirmed_balance
 
         print ""
     except Exception as e: