blockchain | 基于ethers.js的ctf合约攻击模板
之前做题用的是truffle命令行和truffle exec来进行编写代码,封装的层级比较高,这个框架主要还是用来开发比较方便,看了大师傅的wp(https://www.seaeye.cn/archives/497.html)以后觉得还是得写一个自己用起来顺手的攻击模板。
使用ethers.js v6(网上没有中文文档,是目前的最新版本)
文档:https://docs.ethers.org/v6/api/contract/
暂时写好了是这样的模板如下【遇到许许多多的坑,特别是构造合约的参数那里】:
const ethers = require('ethers');
const fs = require('fs');
let url = "http://127.0.0.1:8545";
let Provider = new ethers.getDefaultProvider(url);
let privateKey = "0x957c03cef7400defc7585d5dd81c48455557aa29c12c627ad0fd17d73effe696"
let wallet = new ethers.Wallet(privateKey, Provider);
//let wallet = ethers.Wallet.createRandom();
console.log(wallet.address)
// 等一手货币
const readline = require("readline");
let r1 = readline.createInterface({
input: process.stdin,
output: process.stdout
})
r1.question("ok?", async function (answer) {
console.log('ok!');
await _start(); // 开始操作
r1.close();
})
let _start = async function(){
// 看看是否到账
let balance = await Provider.getBalance(wallet.address)
console.log(balance)
// 获取abi[这里abi使用的是truffle solidity编译好的json文件]
let jsonabi = JSON.parse(fs.readFileSync('Checkin.json', 'utf8')).abi
const abi = new ethers.Interface(jsonabi);
console.log(abi.format("full"))
// 获取合约
// 合约地址: 0xc32813d108cf5E21189Cb33fc60c064a90E2Cbb4
let contract = new ethers.Contract(
"0xc32813d108cf5E21189Cb33fc60c064a90E2Cbb4",
abi,
(await Provider.getSigner(0))
)
let result = await contract.getstr()
console.log(result)
// 进行攻击
let tx = await contract.setMsg('Welcome to VNCTF', 65535)
await tx.wait()
result = await contract.getstr()
console.log(result)
// 验证
result = await contract.isSolved()
console.log(result)
}
标签:console,log,await,blockchain,js,ctf,let,result,ethers
From: https://www.cnblogs.com/Mz1-rc/p/17293371.html