2

I'm new in security of ICO and smart contracts. Trying to find bugs in verified contracts. I believe I found some problems in 0x42dB5Bfe8828f12F164586AF8A992B3a7B038164 but I dont know how to withdrawal. Do I need to create a transaction by myself?

Mike N.
  • 23
  • 4

1 Answers1

15

HaHa - very sneaky.

***Warning***

To anyone tempted to mess with this contract - i.e. exploit the apparent flaw: you will likely lose your Ether.

Explanation follows.

It looks like there is a pretty tempting vulnerability in the withdrawal() function: when you send the function more than Limit Wei then it will send you the whole balance of the contract - the amount you sent plus the 0.36 Eth already there. Instant profit!

However, there is this innocent-looking, but nonetheless peculiar delegatecall to a logEvent() function in a different contract. To cut a long story short, this does not log an event. It actually sneakily modifies the value of the adr storage variable so that it no longer points to msg.sender. So the contract balance will not be sent back to you by the adr.send(this.balance) call, it will be sent somewhere else, since adr is no longer equal to msg.sender.

It's a bit obfuscated, but it looks like the delegated call to the email.logEvent() contract function causes adr to be set to the contract's own address: i.e. it sends all the Ether (including that which you sent) to itself. Only the contract owner (0x46Feeb381e90f7e30635B4F33CE3F6fA8EA6ed9b) can actually withdraw the Eth.

Community
  • 1
benjaminion
  • 9,247
  • 1
  • 23
  • 36
  • The first line in your answer implies that the dude who posted the question is trying to pull a scam. Did you really intend to imply this? – goodvibration Dec 29 '17 at 14:17
  • Ah, I see. Very good :-) +1 – Richard Horrocks Dec 29 '17 at 14:55
  • I'm not a scammer, I'm researching the contracts only. Thank you a lot for the awareness! – Mike N. Dec 29 '17 at 15:14
  • @Mike N. In that case, welcome and feel free to mark the answer accepted. Hopefully I've explained sufficiently why it's not a good idea to have anything to do with this contract if you don't own it. – benjaminion Dec 29 '17 at 16:07
  • Sure! How can I accept it? By the way I've looked though other contracts and find several similar! 0x62d5c4a317b93085697cfb1c775be4398df0678c and 0x477D1EE2F953A2F85dbEcBcB371c2613809eA452 . Probably there are much more. Can we block them somehow? – Mike N. Dec 29 '17 at 16:21
  • What to do when someone answers my question tl;dr - click the check mark alongside the answer you want to accept. – benjaminion Dec 29 '17 at 16:26
  • 2
    "Can we block them somehow?" - this is the blockchain. Despite the name, nothing can be blocked. It's a feature. If people lose Eth trying to hack the hackers, I'm not really that sympathetic. – benjaminion Dec 29 '17 at 16:30
  • Sorry for the additional questions. I've deployed the contract code locally. But as I dont have the source code of different contract which is called. How can I deploy this contract in test network? And these two other contracts are seemed a bit different. I'd like to test them too... Do you debug the transactions in Remix? – Mike N. Dec 29 '17 at 17:08
  • The Tx that created the email contract is here. Just copy and paste the bytecode into whatever deployment tool you use. You then need to change the address in the other contract to point to the new address of email. I use a decompiler I wrote and a lot of scribbling on bits of paper to analyse things. Remix is good if there is an existing Tx to trace, but there wasn't in this case. – benjaminion Dec 29 '17 at 17:18
  • Hi, It seems someone has done the withdrawal from both contracts above. Could someone explain how it was done? – Mike N. Dec 29 '17 at 20:18
  • It looks like someone is just kidding )) Another one ) 0x47000dE9Ac92E29d4Fee617732fFEedc306Bd10E ... So how can I check on the possibility to take the ether? How do you call this function from another contract? – Mike N. Dec 29 '17 at 20:45
  • @Mike N. The author killed the contract themselves. Your follow-ups would be better asked as fresh questions than buried here. – benjaminion Dec 29 '17 at 21:31
  • Ok! Moved discussion here - https://ethereum.stackexchange.com/questions/34708/security-in-contracts – Mike N. Dec 30 '17 at 06:27