Scribd Logo
Upload

Welcome to Scribd!

  • Blockchain Summit Workshop DeFi and Ecosystem Attacks Lab

    Uploaded by

    KUAN TING PAN
    15 views24 pages
    This document describes a workshop lab that teaches how to exploit a decentralized autonomous organization (DAO) using flash loans. The lab objectives are to become familiar with flash loans, learn how to use the Brownie testing framework, discover how to exploit vulnerabilities using flash loans, and realize the effects flash loans can have on a DAO by draining the contract. The lab walkthrough demonstrates setting up the vulnerable DAO contract and flashloaner, modifying the exploit contract to bypass the quorum, running Ganache and Brownie, and executing an attack script to drain the DAO contract by exploiting a vulnerability.

    Original Description:

    Original Title

    Blockchain_Summit_Workshop_DeFi_and_Ecosystem_Attacks_Lab

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document describes a workshop lab that teaches how to exploit a decentralized autonomous organization (DAO) using flash loans. The lab objectives are to become familiar with flash loans, learn how to use the Brownie testing framework, discover how to exploit vulnerabilities using flash loans, and realize the effects flash loans can have on a DAO by draining the contract. The lab walkthrough demonstrates setting up the vulnerable DAO contract and flashloaner, modifying the exploit contract to bypass the quorum, running Ganache and Brownie, and executing an attack script to drain the DAO contract by exploiting a vulnerability.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    15 views24 pages

    Blockchain Summit Workshop DeFi and Ecosystem Attacks Lab

    Uploaded by

    KUAN TING PAN
    This document describes a workshop lab that teaches how to exploit a decentralized autonomous organization (DAO) using flash loans. The lab objectives are to become familiar with flash loans, learn how to use the Brownie testing framework, discover how to exploit vulnerabilities using flash loans, and realize the effects flash loans can have on a DAO by draining the contract. The lab walkthrough demonstrates setting up the vulnerable DAO contract and flashloaner, modifying the exploit contract to bypass the quorum, running Ganache and Brownie, and executing an attack script to drain the DAO contract by exploiting a vulnerability.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    Workshop:

    Decentralized Finance
    and Ecosystem Attacks
    Lab:
    Exploiting a DAO using
    flash loans

    Decentralized Finance and Ecosystem Attacks


    AGENDA

    • Lab Objectives
    • Lab Intro
    • Solution
    • Q&A section

    Decentralized Finance and Ecosystem Attacks


    Lab Objectives

    Decentralized Finance and Ecosystem Attacks


    LAB OBJECTIVES

    Become familiar with flash loans

    Learn a bit how to use Brownie testing framework

    Discover how to exploit vulnerabilities using flash loans

    Realize the effects that flash loans can have on a DAO


    Drain the contract!!

    Decentralized Finance and Ecosystem Attacks 4


    Lab Intro

    Decentralized Finance and Ecosystem Attacks


    LAB INTRO

    • FlashloanerERC20 allows flash loans


    • Voting powers relies on SANS balance of each voter

    mint

    OWNER

    FlashloanerERC20

    SANS tokens

    SANS tokens
    USER

    castVote: true / false


    propose and then execute
    OTHER
    (if it reaches the quorum) USERS
    DamnVulnerableDAO

    Decentralized Finance and Ecosystem Attacks 6


    Lab Walkthrough

    Decentralized Finance and Ecosystem Attacks


    LAB WALKTHROUGH

    Step 1:
    Go to https://infura.io/ and create a new API key in Infura to use it later in this lab:

    Decentralized Finance and Ecosystem Attacks 8


    LAB WALKTHROUGH

    Step 2:
    Go to https://etherscan.io/ and create a new API key in Etherscan to use it later in this lab:

    Decentralized Finance and Ecosystem Attacks 9


    LAB WALKTHROUGH

    Step 3:
    Unzip Vulnerable_DAO folder and copy it to Ziion’s Desktop:

    Decentralized Finance and Ecosystem Attacks 10


    LAB WALKTHROUGH

    Step 4:
    Go to Vulnerable_DAO/contracts folder and open Exploit.sol. Modify the value of
    variable to give the contract enough SANS tokens to bypass the quorum:

    Decentralized Finance and Ecosystem Attacks 11


    LAB WALKTHROUGH

    Step 5:
    Inside Vulnerable_DAO folder, execute :

    Once the installation finishes, the following message will appear:

    Decentralized Finance and Ecosystem Attacks 12


    LAB WALKTHROUGH

    Step 6:
    Execute the following command to run ganache-cli (using Infura API key from Step 1):

    Decentralized Finance and Ecosystem Attacks 13


    LAB WALKTHROUGH

    A blockchain forked from Mainnet will be running on Infura node, we can interact with it through
    port 8545:

    Once the installation finishes, the following message will appear:

    Decentralized Finance and Ecosystem Attacks 14


    LAB WALKTHROUGH

    Step 7:
    Open another terminal while ganache-cli runs the blockchain and, inside Vulnerable_DAO
    folder, launch the brownie console using the following command:

    Decentralized Finance and Ecosystem Attacks 15


    LAB WALKTHROUGH

    Step 8:
    Go to Vulnerable_DAO folder and open exploit.py file. For the ETHERSCAN_API_KEY
    variable use the Etherscan API key from Step 2:

    Decentralized Finance and Ecosystem Attacks 16


    LAB WALKTHROUGH

    Step 9:
    In the same file from the previous step (exploit.py), include a command in the script to launch
    the attack:

    Decentralized Finance and Ecosystem Attacks 17


    LAB WALKTHROUGH

    Step 10:
    In order to execute the exploit, copy the content of exploit.py script and paste it in the
    brownie console you have just opened. If the attack is successful, the final message will indicate
    that the hacker has drained the DamnVulnerableDAO contract:

    Decentralized Finance and Ecosystem Attacks 18


    Solution

    Decentralized Finance and Ecosystem Attacks


    SOLUTION

    DamnVulnerableDAO.sol:
    • When a user tries to call function, it verifies that is equal to
    :

    • functions verifies the against function:

    • quorumVotes function returns :

    Decentralized Finance and Ecosystem Attacks 21


    SOLUTION

    Exploit.sol:
    The value of variable should be greater than to bypass the quorum:

    Decentralized Finance and Ecosystem Attacks 22


    SOLUTION

    exploit.py:
    The command to add to launch the attack is the following:

    Decentralized Finance and Ecosystem Attacks 23


    Thanks!

    /in/luisquispegonzales /OwlAtNite

    Decentralized Finance and Ecosystem Attacks

    You might also like