何方圜的博客

CTF-LostAssert这道题我感觉属于签到题了。就是分清包装代币，s代币，原生代币的关系 题目源码： //SPDX-License-Identifier:MITpragma solidity ^0.8.26;import "@openzeppelin/contracts/token/ERC20/ERC20.sol";import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";import {IERC20Permit, ERC20Permit} from "@openzeppelin/contracts/token/ERC20/extensions/draft-ERC20Permit.sol";// 普通的ERC20代币contract MockWETH is ERC20("Wrapped ETH", "WETH") { event Deposit(address indexed ...

title: Java课程设计代码date: 2024-12-02 03:03:51tags: java数据库设计代码//创建数据库create database Student;use student;//创建学生信息表create table student( stuid1 char(20) unique comment '学号', name char(20) comment '姓名', telenumber int comment '电话号码', qqmail char(20) comment '邮箱', classnumber char (20) comment '班级')comment'学生信息表';//插入学生信息insert into student (stuid1,name,telenumber,qqmail,classnumber ) values ('2023131051' ,' ...

Java代码import javax.swing.JButton;import javax.swing.JFrame;import javax.swing.JLabel;import javax.swing.JPanel;import javax.swing.JPasswordField;import javax.swing.JTextField;import javax.swing.*;import java.awt.*;import java.sql.*;import java.util.List;import java.util.ArrayList;import javax.swing.table.DefaultTableModel;import org.jfree.chart.*;import org.jfree.chart.plot.*;import org.jfree.data.category.DefaultCategoryDataset;import java.io.*;import java.text.DecimalFormat;// 主类public class s ...

CTF-OwnerBuy题目源码有很多文件。就看一个最关键的 // 0.5.1-c8a2// Enable optimizationpragma solidity ^0.5.0;import "./contracts/ERC20.sol";import "./contracts/IERC20.sol";import "./contracts/ERC20Detailed.sol";interface Changing { function isOwner(address) external returns (bool);}contract Ownable { address public _owner; address public _previousOwner; event OwnershipTransferred( address indexed previousOwner, address indexed newOwner ); ...

CTF-Merkle题目原代码： // SPDX-License-Identifier: GPL-3.0pragma solidity ^0.8.13;library MerkleProof { function verify( bytes32[] memory proof, bytes32 root, bytes32 leaf) internal pure returns (bool) { return processProof(proof, leaf) == root; } function processProof(bytes32[] memory proof, bytes32 leaf) internal pure returns (bytes32) { bytes32 computedHash = leaf; for (uint256 i = 0; i < proof.length; i++) { bytes32 proofEleme ...

CTF-SVip首先先看题目代码 // pragma solidity 0.4.24; //这是原来的版本，很奇怪不知道为啥无法在foundry编译，所以换成以下版本pragma solidity ^0.8.13;contract SVip { // 一个地址记录一个分数 mapping(address => uint) public points; // 查看某地址是不是超级VIP mapping(address => bool) public isSuperVip; uint256 public numOfFree; // 用户成为超级VIP需要999分数 function promotionSVip() public { require(points[msg.sender] >= 999, "Sorry, you don't have enough points"); isSuperVip[msg.sender] = true;  ...

CTF-TrusterLenderPool这个题很经典。又是假装还款的存在 有用到swap交换，而且还是address(this)来检查token0的地址，所以就更加可以用来假装还款了 题目源码： // SPDX-License-Identifier: MITpragma solidity ^0.8.0;import "@openzeppelin/contracts/token/ERC20/IERC20.sol";import "@openzeppelin/contracts/utils/Address.sol";import "@openzeppelin/contracts/security/ReentrancyGuard.sol";contract Cert is IERC20 { mapping(address => uint256) private _balances; mapping(address => mapping(address => uint256)) private ...

一SummaryDue to the lack of access control on the stopFunding function, anyone can monitor the blockchain, identify a program with an active funding process, and maliciously call the stopFunding function to stop the program, resulting in improper fund allocation.I know you have already described ithttps://github.com/sherlock-audit/2024-11-superfluid-locking-contract-HeYuan-33?tab=readme-ov-file#q-please-discuss-any-design-choices-you-madeBut can you be sure that the participant is not an attacker ...

一SummaryThere is no verification of the incentives recipient, which allows anyone to impersonate other borrowers and claim their incentives. Root CauseVulnerable code: 2024-11-debita-finance-v3-HeYuan-33/Debita-V3-Contracts/contracts/DebitaIncentives.sol Line 203 in 1465ba6 IERC20(token).transfer(msg.sender, amountToClaim); Using msg.sender to send rewards to the caller without performing a check allows an attacker to impersonate a borrower and claim their incentives . Additiona ...