Step by Step Tutorials on Replicating 2 Famous Smart Contract Exploits
Hello friends, hackers, and hunters! I wanted to share here a few resources on how to replicate two different smart contract bugs, and a few key resources that greatly helped me in the past.
Fei Protocol – 60,000 ETH at Risk
- Post Mortem: https://medium.com/immunefi/fei-protocol-vulnerability-postmortem-483f9a7e6ad1
- Replicating the Bug: https://medium.com/immunefi/a-guide-to-reproducing-ethereum-exploits-fei-protocol-224b30b517d6
- Optimizing Attack Parameters: https://medium.com/immunefi/how-to-get-a-bigger-bounty-by-optimizing-attack-parameters-a51b144f5cc2
Alchemix – 60,000 ETH at Risk
- Post Mortem: https://medium.com/immunefi/alchemix-access-control-bug-fix-debrief-a13d39b9f2e0
- Replicating the Bug: https://medium.com/immunefi/a-step-by-step-guide-for-reusing-development-test-code-to-validate-smart-contract-exploits-31ffb1afd044
- Creating a PoC: https://medium.com/immunefi/how-to-poc-your-bug-leads-5ec76abdc1d8
Both tutorials have been very easy to understand and got me up to speed pretty quickly. Also, don't forget that you should never test this on mainnet or public testnets (https://medium.com/immunefi/why-you-should-never-test-exploits-on-mainnet-or-public-testnets-7e904a2cbf05).
submitted by /u/Wolfram_George
[link] [comments]