Professional Documents
Culture Documents
Blockchain Summit Workshop DeFi and Ecosystem Attacks Lab
Blockchain Summit Workshop DeFi and Ecosystem Attacks Lab
Decentralized Finance
and Ecosystem Attacks
Lab:
Exploiting a DAO using
flash loans
• Lab Objectives
• Lab Intro
• Solution
• Q&A section
mint
OWNER
FlashloanerERC20
SANS tokens
SANS tokens
USER
Step 1:
Go to https://infura.io/ and create a new API key in Infura to use it later in this lab:
Step 2:
Go to https://etherscan.io/ and create a new API key in Etherscan to use it later in this lab:
Step 3:
Unzip Vulnerable_DAO folder and copy it to Ziion’s Desktop:
Step 4:
Go to Vulnerable_DAO/contracts folder and open Exploit.sol. Modify the value of
variable to give the contract enough SANS tokens to bypass the quorum:
Step 5:
Inside Vulnerable_DAO folder, execute :
Step 6:
Execute the following command to run ganache-cli (using Infura API key from Step 1):
A blockchain forked from Mainnet will be running on Infura node, we can interact with it through
port 8545:
Step 7:
Open another terminal while ganache-cli runs the blockchain and, inside Vulnerable_DAO
folder, launch the brownie console using the following command:
Step 8:
Go to Vulnerable_DAO folder and open exploit.py file. For the ETHERSCAN_API_KEY
variable use the Etherscan API key from Step 2:
Step 9:
In the same file from the previous step (exploit.py), include a command in the script to launch
the attack:
Step 10:
In order to execute the exploit, copy the content of exploit.py script and paste it in the
brownie console you have just opened. If the attack is successful, the final message will indicate
that the hacker has drained the DamnVulnerableDAO contract:
DamnVulnerableDAO.sol:
• When a user tries to call function, it verifies that is equal to
:
Exploit.sol:
The value of variable should be greater than to bypass the quorum:
exploit.py:
The command to add to launch the attack is the following:
/in/luisquispegonzales /OwlAtNite