coinspect / learn-evm-attacks Goto Github PK
View Code? Open in Web Editor NEWLearn & Contribute on previously exploited vulnerabilities across several EVM projects.
License: MIT License
Learn & Contribute on previously exploited vulnerabilities across several EVM projects.
License: MIT License
For instance a delta of 100 wei
is shown as one tenth of ether (0.1
)
If adding attacker to an allowlist is necessary then is better to spoof the owner's address and add our random attacker address to the allow list. This way the exploit code will be more real and more valuable for future research projects based on this repository.
Feature: Pool and Pair creation under utils folder
Overview: This utility has to allow users to quickly instantiate and create DEX pairs to enable broader test scenarios that depend on custom token pairs.
On Aug 30, 2021 an attacker stole ~$18MM Cream Finance.
Attack Overview
Total Lost: ~$18MM
Key Info Sources
Writeup: https://rekt.news/cream-rekt/
Twitter: https://twitter.com/peckshield/status/1432249600002478081
Twitter: https://twitter.com/creamdotfinance/status/1432249773575208964
Reproduction: https://github.com/SunWeb3Sec/DeFiHackLabs#20210830-cream-finance---flashloan-attack--reentrancy
Principle: Reentrancy - Flashloan + Reentrancy
On Feb 24, 2022 an attacker stole ~80MM of COMP tokens were mistakenly distributed from Compound.
Attack Overview
Total Lost: ~80MM of COM
Key Info Sources
Writeup: https://rekt.news/compound-rekt/
Reproduction: https://github.com/SunWeb3Sec/DeFiHackLabs#20220322-compoundtusdsweeptokenbypass
Writeup: https://medium.com/chainsecurity/trueusd-compound-vulnerability-bc5b696d29e2
Principle: Access Control - Non controlled drip function, double entry point
There should be no need to use prank(attacker)
in most scenarios, and there should be no need to hardcode payloads. We should be able to reproduce everything in the actual test.
getPayload
reproduces payload for any addressprank
but OK, no interesting on-chain interactions, meat is offchainprank
but attacker address needs to be hardcoded due to bytecodeattacker
address, attack is fully reproduced from scratchencode
functions, nothing hardcodedaddress(this)
is the attacker contract, could change it to anythingaddress(this)
is the attacker contract, could change it to anythingaddress(this)
is the attacker contract, could change it to anythingassertGe
asserts more thingsattacker
address but no prank
, only to transfer lootasserts
as token interactions are not clear.On Nov 2, 2021 an attacker stole 1.1MM in NEAR tokens from Skyward Finance.
Attack Overview
Total Lost: 3.2MM USD (1.1MM NEAR)
// Key Info Sources
Writeup: https://rekt.news/skyward-rekt/
Principle: Business Logic - Multiple deposits on single withdraws
On Apr 16, 2022 an attacker stole $76MM from Skyward Finance.
Attack Overview
Total Lost: $76MM
Key Info Sources
Writeup: https://rekt.news/beanstalk-rekt/
Twitter: https://twitter.com/kelvinfichter/status/1515735717305008138
Twitter: https://twitter.com/peckshield/status/1515692144190648322
Principle: Business Logic - Governance Malicious Proposal with Flashloan
On Aug 10, 2021 an attacker stole ~5MM from Punk Protocol.
Attack Overview
Total Lost: ~5MM
Key Info Sources
Writeup: https://rekt.news/punkprotocol-rekt/
Principle: Access Control - Public Initializer. Whitehat frontrunning that safeguarded half of the funds.
There is mentioning that the read-only reentrancy is theoretical and there aren't cases out there where this was exploited. This is not true, as we published this class of vulnerability based on an actual bug with 100m+ at risk back when it was active. The technical details are here: https://chainsecurity.com/curve-lp-oracle-manipulation-post-mortem/ and a description of the vulnerable projects here: https://chainsecurity.com/heartbreaks-curve-lp-oracles/ (including how it was fixed by e.g. MakerDAO)
Till today, incorrect use of the stETH/ETH pool on Curve will allow attackers to exploit projects with this read-only reentrancy.
On Feb 27, 2021 an attacker stole ~18MM from Furucombo.
Attack Overview
Total Lost: ~18MM
// Key Info Sources
Writeup: https://rekt.news/furucombo-rekt/
Principle: Business Logic - Deceiving Furucombo making it think that Aave V2 changed its implementation.
After executing:
$ git clone https://github.com/coinspect/learn-evm-attacks
$ forge install
$ forge test --match-contract Exploit_MBCToken -vvv
I recieved a lot of errors and was unable to complie the contract:
...
Discovered incompatible solidity versions in following
: test\Reentrancy\RevestFinance\RevestFinance.attack.sol (^0.8.17) imports:
lib/forge-std/src\Test.sol (>=0.6.2 <0.9.0)
test\TestHarness.sol (^0.8.17)
test\interfaces\IERC20.sol (^0.8.0)
...
I've added solc="0.8.17"
to foundry.toml, contracts compiled, and I received new error (the same as other 2 people):
forge test --match-contract Exploit_MBCToken
[⠢] Compiling...
No files changed, compilation skipped
The application panicked (crashed).
Message: Failed to get account for 0x55d3…7955
(code: -32002, message: the resource eth_getCode is not available., data: None)
Location: evm/src/executor/fork/backend.rs:271
This is a bug. Consider reporting it at https://github.com/foundry-rs/foundry
Backtrace omitted. Run with RUST_BACKTRACE=1 environment variable to display it.
Run with RUST_BACKTRACE=full to include source snippets.
Aborted
This looks loke the problem with the rpc, could you please check that?
When possible (ie: when the vulnerable code is verified, or we know its github, or we somehow have access to its sourcecode...) we should strive to add it to the repository, possibly to the test itself.
By itself, this would be a win, as it is easier to read: instead of going to etherscan and finding my way through their serviceable but not great code viewer, I can just inspect it here right next to the attack.
And with a bit of tinkering I think this would allow us to go even further and use Foundry's step-by-step debugger on attacks, which would be amazing to understand all the details of each exploit.
On Feb 8, 2022 an attacker stole ~6.2MM in various tokens from Superfluid.
Attack Overview
Total Lost: ~6.2MM
Key Info Sources
Writeup: https://rekt.news/superfluid-rekt/
Principle: Access Control / Input Validation - Calldata crafting to impersonate an access controlled account
When I am running this command
forge test --match-contract Exploit_MBCToken -vvv
I am getting this error:
2023-03-24T08:42:22.475520Z ERROR sharedbackend: Failed to send/recv
basicerr=GetAccount(0x55d398326f99059ff775485246999027b3197955, (code: -32002, message: the resource eth_getBalance is not available., data: None)) address=0x55d398326f99059ff775485246999027b3197955 2023-03-24T08:42:22.601997Z ERROR sharedbackend: Failed to send/recv
basicerr=GetAccount(0x9f8ccdafcc39f3c7d6ebf637c9151673cbc36b88, (code: -32002, message: the resource eth_getTransactionCount is not available., data: None)) address=0x9f8ccdafcc39f3c7d6ebf637c9151673cbc36b88 The application panicked (crashed). Message: called
Option::unwrap()on a
None value
Does anybody faced this issue before?
On Sept 20, 2022 an attacker stole 160MM USD in OP tokens from Wintermute.
Attack Overview
Total Lost: 160MM USD (20 MM OP)
Key Info Sources
Writeup: https://rekt.news/wintermute-rekt-2/
Reproduction: https://github.com/SunWeb3Sec/DeFiHackLabs#20220608-optimism---wintermute
Principle: Business Logic - Vanity Address Generator Vuln?
Following tests are failing. If they are not needed, delete them
Encountered 1 failing test in test/Bad_Data_Validation/Superfluid/Superfluid.attack.sol:Exploit_Superfluid
[FAIL. Reason: Setup failed: Failed to get account for 0x1804c8ab1f12e6bbf3894d4083f33e07309d1f38: 0x1804c8ab1f12e6bbf3894d4083f33e07309d1f38] setUp() (gas: 0)
Encountered 1 failing test in test/Bad_Data_Validation/TransitSwap/TransitSwap.attack.sol:Exploit_TransitSwap
[FAIL. Reason: XswapApprove:Access restricted] test_attack_reproduced() (gas: 21784)
Encountered 1 failing test in test/Bridges/Wintermute/Wintermute.attack.sol:Exploit_Wintermute
[FAIL. Reason: EvmError: Revert] test_attack() (gas: 48996)
Encountered 1 failing test in test/Business_Logic/Beanstalk/Beanstalk.attack.sol:Exploit_Beanstalk
[FAIL. Reason: EvmError: Revert] test_attack() (gas: 5180199)
This passes, but throws errors
Running 1 test for test/Reentrancy/ReadOnlyReentrancy/ReadOnlyReentrancy.attack.sol:Exploit_ReadOnly
[PASS] test_attack() (gas: 423818)
Test result: ok. 1 passed; 0 failed; finished in 15.17s
2022-12-07T15:55:35.198195Z ERROR sharedbackend: Failed to send/recv `basic` err=GetAccount(0x1804c8ab1f12e6bbf3894d4083f33e07309d1f38,
(code: -32000, message: missing trie node eed22da7bf5ca4462adb3a5f34fb65fe538fd808b89f05187c540913ca9d130f (path ), data: None)) address=0x1804c8ab1f12e6bbf3894d4083f33e07309d1f38
2022-12-07T15:55:35.198363Z ERROR forge::runner: setUp failed reason="Failed to get account for 0x1804c8ab1f12e6bbf3894d4083f33e07309d1f38: 0x1804c8ab1f12e6bbf3894d4083f33e07309d1f38" contract=0x7fa9385be102ac3eac297483dd6233d62b3e1496
The Polynetwork Bridge Test has a Exploit_PolyNetwork_Deserializer
that is not used anywhere.
Can it be removed?
On Apr 28, 2022 an attacker stole ~13MM from Deus DAO.
Attack Overview
Total Lost: ~13MM
Key Info Sources
Writeup: https://rekt.news/deus-dao-rekt-2/
Twitter: https://twitter.com/peckshield/status/1519533378529562624
Principle: Business Logic - Flashloan, on-chain and off-chain oracle manipulation
On Apr 28, 2021 an attacker stole ~$57MM from Uranium V2.
Attack Overview
Total Lost: ~$57MM
Key Info Sources
Writeup: https://rekt.news/uranium-rekt/
Twitter: https://twitter.com/FrankResearcher/status/1387347025742557186
Reproduction: https://github.com/SunWeb3Sec/DeFiHackLabs#20210428-uranium---miscalculation
Principle: Business Logic - Mistakenly calculated deposit/Withdraw amounts
What I did
npx hardhat test
What I expected: tests to run
What happened:
Error HH8: There's one or more errors in your config file:
* Invalid account: #0 for network: mainnet - private key too short, expected 32 bytes
* Invalid account: #0 for network: bsc - private key too short, expected 32 bytes
* Invalid account: #0 for network: fantom - private key too short, expected 32 bytes
* Invalid account: #0 for network: gnosis - private key too short, expected 32 bytes
* Invalid account: #0 for network: polygon - private key too short, expected 32 bytes
*
To learn more about Hardhat's configuration, please go to https://hardhat.org/config/
For more info go to https://hardhat.org/HH8 or run Hardhat with --show-stack-traces```
I tried to fix it by removing the accounts
in the configuration, but then test simply don't run.
$ npx hardhat test
No need to generate any newer typings.
0 passing (0ms)
I think we should deprecate hardhat support for now and focus on making it work nicely with Foundry, then we can add Hardhat support. It would also easy documentation.
On October 27, 2022 an attacker $15.8 M in tokens from Team Finance.
Attack Overview
Total Lost: $15.8M USD
Key Info Sources
Writeup: https://rekt.news/teamfinance-rekt/
Principle: Business Logic - Faulty migrate function
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.