门罗部分流量特征

门罗部分流量特征

门罗币采用Cryptonight算法，公开提供的程序有xmr-stak，xmrig，claymore等，相应的主要流量请求特征为：

xmr-stak：

request：

{"method":"login","params":{"login":"xxxxxxx","pass":"xxx","rigid":"","agent":"xxxxxx"},"id":1}{"method":"submit","params":{"id":"xx","job_id":"xxxxxx","nonce":"xxxxx","result":"xxxxxx"},"id":1}

response：

{"method":"job","params":{"target":"xxxxx","job_id":"xxxxxx","blob":"xxxxxxx"}}

xmrig：

request：

{"id":x,"jsonrpc":"2.0","method":"login","params":{"login":"xxxxxx","pass":"x","agent":"xxxxx","algo":["xxx","xxx","xxx"]}}{"id":x,"jsonrpc":"2.0","method":"submit","params":{"id":"xxxx","job_id":"xx","nonce":"xxxx","result":"xxxxxxx"}}

response：

{"params":{"blob":"xxxxxx","taget":"xxxx","job_id":"xxxxx"},"method":"xxx"}

claymore：

request：

{"method":"login","params":{"login":"xxxxxx","pass":"x","agent":"xxx"},"id":1}{"method":"submit","params":{"id":"xxxx","job_id":"xxx","nonce":"xxxxx","result":"xxxxx"},"id":x}

response：

{"params":{"blob":"xxxxxx","target":"xxxx","job_id":"xxx"},"method":"xxx"}