engn33r/vulncreate2detector.sh

## vulncreate2detector.sh
#!/bin/bash

# This script is a hacked together PoC, don't trust it to work well
# For proper detection of vulnerable contracts, recursive testing must be performed because CREATE2 in a contract's ancestry could be problematic: https://medium.com/@jason.carver/defend-against-wild-magic-in-the-next-ethereum-upgrade-b008247839d2#3f90
# Improved tool and full research coming from yAcademy next month: https://twitter.com/yAcademyDAO

contract_addr="0x0d4a11d5eeaac28ec3f61d100daf4d40471f1852" # default value is a uniswap V2 pair from https://v2.info.uniswap.org/pairs
etherscan_api_key=""

if [[ -z "$etherscan_api_key" ]]; then
  echo "Please store your enterscan API key in the proper variable"
  exit 1
fi

# Step 1: Check if CREATE2 used to create the contract
# Using etherscan API to find creation tx hash: https://docs.etherscan.io/api-endpoints/contracts#get-contract-creator-and-creation-tx-hash
create_tx=$(curl -s "https://api.etherscan.io/api?module=contract&action=getcontractcreation&contractaddresses=$contract_addr&apikey=$etherscan_api_key" | jq ".result[].txHash" | tr -d '"')
create2=$(curl -s "https://tx.eth.samczsun.com/api/v1/trace/ethereum/$create_tx" | jq .result.entrypoint | grep -B 2 $contract_addr | grep '"variant": "create2",' | grep '"variant": "create2",')

sleep 1 # wait a sec, keep etherscan happy :)

# Step 2: determine if source contains selfdestruct
self_destr=$(curl -s "https://api.etherscan.io/api?module=contract&action=getsourcecode&address=$contract_addr&apikey=$etherscan_api_key" | grep "selfdestruct")

if [[ -n "$create2" && -n "$self_destr" ]]; then
  echo "Vulnerable: Contract created with CREATE2 and contract contains selfdestruct"
else
  echo "Probably not vulnerable: Contract not created with CREATE2 OR contract does not contain selfdestruct"
fi
	#!/bin/bash

	# This script is a hacked together PoC, don't trust it to work well
	# For proper detection of vulnerable contracts, recursive testing must be performed because CREATE2 in a contract's ancestry could be problematic: https://medium.com/@jason.carver/defend-against-wild-magic-in-the-next-ethereum-upgrade-b008247839d2#3f90
	# Improved tool and full research coming from yAcademy next month: https://twitter.com/yAcademyDAO

	contract_addr="0x0d4a11d5eeaac28ec3f61d100daf4d40471f1852" # default value is a uniswap V2 pair from https://v2.info.uniswap.org/pairs
	etherscan_api_key=""

	if [[ -z "$etherscan_api_key" ]]; then
	echo "Please store your enterscan API key in the proper variable"
	exit 1
	fi

	# Step 1: Check if CREATE2 used to create the contract
	# Using etherscan API to find creation tx hash: https://docs.etherscan.io/api-endpoints/contracts#get-contract-creator-and-creation-tx-hash
	create_tx=$(curl -s "https://api.etherscan.io/api?module=contract&action=getcontractcreation&contractaddresses=$contract_addr&apikey=$etherscan_api_key" \| jq ".result[].txHash" \| tr -d '"')
	create2=$(curl -s "https://tx.eth.samczsun.com/api/v1/trace/ethereum/$create_tx" \| jq .result.entrypoint \| grep -B 2 $contract_addr \| grep '"variant": "create2",' \| grep '"variant": "create2",')

	sleep 1 # wait a sec, keep etherscan happy :)

	# Step 2: determine if source contains selfdestruct
	self_destr=$(curl -s "https://api.etherscan.io/api?module=contract&action=getsourcecode&address=$contract_addr&apikey=$etherscan_api_key" \| grep "selfdestruct")

	if [[ -n "$create2" && -n "$self_destr" ]]; then
	echo "Vulnerable: Contract created with CREATE2 and contract contains selfdestruct"
	else
	echo "Probably not vulnerable: Contract not created with CREATE2 OR contract does not contain selfdestruct"
	fi