华人策略论坛
注册
找回密码 |
天策评选的优秀公司,所有会员与公司发生的问题我们将负责尽力协助处理。
S级信誉公司
ManBetX万博
易发国际
鸿运国际
乐天堂
乐投
188金宝博
E世博
12BET
A级信誉公司
Beplay
K7娱乐城
TT娱乐
乐百家娱乐城
吉祥坊
F88娱乐Ⅱ
立即博
乐动体育
B级信誉公司
新利18luck
bet365
KTO亚洲
BTC365币投
LOKI
C级合作公司
CMP
金星
  • 推荐主题
  • 热门活动
  • 币圈快讯
  • 商城动态
重要通知
 
谷歌搜索
论坛搜索
              搜索
Array ( [fid] => 6974 [description] => 专注于币圈最新最快资讯,数字货币应用及知识普及 [password] => [icon] => b1/common_6974_icon.png [redirect] => [attachextensions] => [creditspolicy] => Array ( [post] => Array ( [usecustom] => 1 [cycletype] => 1 [cycletime] => 0 [rewardnum] => 5 [extcredits1] => 1 [extcredits2] => 1 [extcredits3] => 0 [extcredits4] => 0 [extcredits5] => 0 [extcredits6] => 0 [extcredits7] => 0 [extcredits8] => 0 [rid] => 1 [fid] => 6974 [rulename] => 发表主题 [action] => post [fids] => 32,52,67,447,1120,1151,1156,6750,6762,6763,6766,6769,6772,6773,6787,6796,6808,6809,6810,6813,6814,6820,6829,6830,6846,6856,6864,6865,6827,6930,6931,6776,6858,6880,6764,6932,6871,6758,6905,1116,6788,6812,6798,6736,6759,6842,6966,6767,6828,6924,6935,6936,6938,6940,6941,6826,6909,6803,6919,6911,6908,6881,6920,6912,6913,6921,6925,6922,6789,6818,6819,6872,6928,6866,6969,6891,6889,6888,6917,6939,6947,6961,6824,6937,6943,6970,6869,6900,6902,6783,6817,1111,6870,6821,6951,6876,6952,6954,6960,6942,6910,6949,6962,6963,6964,6927,6926,6973,6728,6929,6874,6894,6896,6885,6857,6868,1113,6778,56,6844,6878,6802,6933,6811,6923,6877,6875,6918,6892,6757,6832,6833,6795,6793,6848,6837,6849,6850,6851,6852,6853,6854,6863,6882,6836,6790,6838,6794,6791,6845,6765,6873,555,6895,6934,6879,6948,6958,6944,6945,6907,6779,6886,6950,6904,6956,6862,6957,6855,6955,6959,6914,6965,6971,6972,6953,1121,6977,6975,6903,6815,6976,6799,6974 ) [reply] => Array ( [usecustom] => 1 [cycletype] => 1 [cycletime] => 0 [rewardnum] => 0 [extcredits1] => 0 [extcredits2] => 1 [extcredits3] => 10 [extcredits4] => 0 [extcredits5] => 0 [extcredits6] => 0 [extcredits7] => 0 [extcredits8] => 0 [rid] => 2 [fid] => 6974 [rulename] => 发表回复 [action] => reply [fids] => 32,52,67,447,1120,1151,1156,6750,6763,6766,6769,6772,6773,6787,6796,6808,6809,6810,6813,6814,6820,6829,6830,6846,6856,6864,6865,6827,6930,6931,6776,6858,6880,6764,6932,6871,6758,1116,6788,6812,6798,6736,6759,6842,6966,6767,6828,6924,6935,6936,6938,6940,6941,6826,6909,6803,6919,6911,6908,6881,6920,6912,6913,6921,6925,6922,6789,6818,6819,6872,6928,6866,6969,6891,6889,6888,6917,6939,6947,6961,6824,6937,6943,6970,6869,6900,6902,6783,6817,1111,6870,6821,6951,6876,6952,6954,6960,6942,6910,6949,6962,6963,6964,6927,6926,6973,6728,6929,6874,6894,6896,6885,6857,6868,1113,6778,56,6844,6878,6802,6933,6811,6923,6877,6875,6918,6892,6757,6832,6833,6795,6793,6848,6837,6849,6850,6851,6852,6853,6854,6863,6836,6790,6838,6794,6791,6845,6765,6873,555,6895,6934,6879,6948,6958,6944,6945,6907,6779,6886,6950,6904,6956,6862,6957,6855,6955,6959,6914,6965,6971,6972,6953,1121,6977,6975,6903,6815,6976,6799,6974 ) ) [formulaperm] => a:5:{i:0;s:0:"";i:1;s:0:"";s:7:"message";s:0:"";s:5:"medal";N;s:5:"users";s:0:"";} [moderators] => [rules] => [threadtypes] => Array ( [required] => 1 [listable] => 1 [prefix] => 1 [types] => Array ( [1590] => 论坛公告 [1603] => 虚拟币交流 [1654] => 虚拟币知识 [1655] => 虚拟币资讯 [1656] => 区块链 [1657] => 非同质化代币 [1661] => 入驻合作 ) [icons] => Array ( [1590] => [1603] => [1654] => [1655] => [1656] => [1657] => [1661] => ) [moderators] => Array ( [1590] => 1 [1603] => [1654] => [1655] => [1656] => [1657] => [1661] => ) ) [threadsorts] => Array ( ) [viewperm] => 9 26 22 11 12 13 14 15 27 43 44 60 61 62 63 64 19 31 67 68 69 73 75 76 83 84 87 90 91 92 33 38 57 58 65 66 74 77 79 80 85 86 1 2 3 7 8 [postperm] => 22 11 12 13 14 15 27 43 44 60 61 62 63 64 19 67 68 69 73 75 76 83 84 87 90 91 92 33 38 57 58 65 66 74 77 79 80 85 86 1 2 3 [replyperm] => 26 22 11 12 13 14 15 27 43 44 60 61 62 63 64 19 67 68 69 73 75 76 83 84 87 90 91 92 33 38 57 58 65 66 74 77 79 80 85 86 1 2 3 [getattachperm] => 26 22 11 12 13 14 15 27 43 44 60 61 62 63 64 19 67 68 69 73 75 76 83 84 87 90 91 92 33 38 57 58 65 66 74 77 79 80 85 86 1 2 3 [postattachperm] => 26 22 11 12 13 14 15 27 43 44 60 61 62 63 64 19 67 68 69 73 75 76 83 84 87 90 91 92 33 38 57 58 65 66 74 77 79 80 85 86 1 2 3 [postimageperm] => 26 22 11 12 13 14 15 27 43 44 60 61 62 63 64 19 67 68 69 73 75 76 83 84 87 90 91 92 33 38 57 58 65 66 74 77 79 80 85 86 1 2 3 [spviewperm] => [seotitle] => [keywords] => [seodescription] => [supe_pushsetting] => [modrecommend] => Array ( [open] => 0 [num] => 10 [imagenum] => 0 [imagewidth] => 300 [imageheight] => 250 [maxlength] => 0 [cachelife] => 0 [dateline] => 0 ) [threadplugin] => Array ( ) [replybg] => [extra] => a:2:{s:9:"namecolor";s:0:"";s:9:"iconwidth";s:2:"60";} [jointype] => 0 [gviewperm] => 0 [membernum] => 0 [dateline] => 0 [lastupdate] => 0 [activity] => 0 [founderuid] => 0 [foundername] => [banner] => [groupnum] => 0 [commentitem] => [relatedgroup] => [picstyle] => 0 [widthauto] => 0 [noantitheft] => 0 [noforumhidewater] => 0 [noforumrecommend] => 0 [livetid] => 0 [price] => 0 [fup] => 6729 [type] => forum [name] => 虚拟币讨论大厅 [status] => 1 [displayorder] => 3 [styleid] => 0 [threads] => 4833 [posts] => 20871 [todayposts] => 0 [yesterdayposts] => 5 [rank] => 9 [oldrank] => 61 [lastpost] => 2478795 《爱游戏》豪礼大放送,首存+复存+包赔 1656428978 爱游戏客服 [domain] => [allowsmilies] => 1 [allowhtml] => 1 [allowbbcode] => 1 [allowimgcode] => 1 [allowmediacode] => 0 [allowanonymous] => 0 [allowpostspecial] => 21 [allowspecialonly] => 0 [allowappend] => 0 [alloweditrules] => 1 [allowfeed] => 0 [allowside] => 0 [recyclebin] => 1 [modnewposts] => 2 [jammer] => 1 [disablewatermark] => 0 [inheritedmod] => 0 [autoclose] => 0 [forumcolumns] => 3 [catforumcolumns] => 0 [threadcaches] => 0 [alloweditpost] => 1 [simple] => 16 [modworks] => 1 [allowglobalstick] => 1 [level] => 0 [commoncredits] => 0 [archive] => 0 [recommend] => 0 [favtimes] => 0 [sharetimes] => 0 [disablethumb] => 0 [disablecollect] => 0 [ismoderator] => 0 [threadtableid] => 0 [allowreply] => [allowpost] => [allowpostattach] => )
[区块链] 卷土重来?黑客获利约130万美元,FEGexPRO合约被攻击事件分析
[复制链接]
avatar
2022年5月16日,成都链安链必应-区块链安全态势感知平台舆情监测显示,Ethereum和BNB Chain上FEGtoken项目的FEGexPRO合约遭受黑客攻击,黑客获利约3280 BNB 以及144 ETH,价值约130万美元。成都链安技术团队对事件进行了分析,结果如下。; t8 P$ t. N! a% c% f

* U% N" \3 g& K. u: \. k. `/ c, }& g! i; d8 j( X9 d
/ O6 s3 s( p1 \

! E) b- R9 {# V9 j0 q& i. g( F" t7 Z. i; b
#1 事件相关信息
8 Q% j" h$ p8 d
; B1 L8 i, f. D5 l3 e" i8 F3 J1 }0 W, {4 w7 n7 T) Y

7 _4 k2 z3 x4 W. {  @9 o本次攻击事件包含多笔交易,部分交易信息如下所示:
. D" n/ G" @) f; H+ M- v: k2 i" z6 ~1 Q; u! G

! M/ N9 N2 u  R0 t% o/ U2 Z: \, @( ^4 q+ t2 o. R- x- o" Y
攻击交易 (部分)
2 S- \# L; U9 |& f3 u0 E
7 b, a( t# m8 b) y4 P9 a6 ~1 t0x77cf448ceaf8f66e06d1537ef83218725670d3a509583ea0d161533fda56c063 (BNB Chain)
2 B6 f( b; s( `- k- q6 P
& r  f9 w5 t- Q. }$ m  F  J" B5 E0x1e769a59a5a9dabec0cb7f21a3e346f55ae1972bb18ae5eeacdaa0bc3424abd2 (Ethereum)
1 c% u2 Y5 P) {  ^) m" y! w1 F: t: B- m& n7 Y* t/ L" n7 X

; G" \7 q6 S1 x3 h% T% }  ~9 q: @1 U( h7 x# I9 J6 p1 R0 Y
攻击者地址" c0 E) ~8 P. n/ k* ^- b4 O

6 u* s9 }0 @% H4 ^& E# p/ Y0x73b359d5da488eb2e97990619976f2f004e9ff7c( P5 I! A, J. Q% h: [
2 Y$ Z6 v/ y: _5 s: x* E
! h; j) E! n9 I% |5 A
+ E. @1 m# @' X1 }* j
攻击合约
+ G( E, f( U6 d
" e9 r# X# y' a* O0x9a843bb125a3c03f496cb44653741f2cef82f445, @  w7 ^. K- x! U2 A

( {* l9 G8 c0 `% n
, h0 V# @" s7 x: h7 H: _5 [+ e* y, d5 S! J2 t/ F# C, n
被攻击合约(部分)+ V7 p( [% C4 k! r6 Y
/ c- k; r" @1 s: r& p7 V& T+ B
0x818e2013dd7d9bf4547aaabf6b617c1262578bc7 (BNB Chain)
& P. o* `8 ]. H3 m, h5 e& f  b9 a8 d- r) W
0xf2bda964ec2d2fcb1610c886ed4831bf58f64948 (Ethereum)7 z) I* }5 }" ?+ e' z5 v/ f7 n

8 n( [5 c+ ~( X: c3 D5 b7 V# r5 ~3 t$ Q; e2 x

& _! i8 X1 Y' H% r6 q+ b+ _/ N#2 攻击流程
2 d7 s2 E/ a7 ?+ u2 h
! `* v$ z: l$ a' E5 Z1 y$ k9 e! I* |) ?
Ethereum和BNB Chain上使用攻击手法相同,以下分析基于BNB Chain上攻击:
, I) \8 m3 J1 D! u3 |7 o& P
; }; R7 x' s" }- S0 J0 t1 ~. n8 E2 p2 E8 b& z+ j- a% x
" x6 W  y2 k* @/ T, W/ s) m
1. 攻击者调用攻击合约(0x9a84...f445)利用闪电贷从DVM合约(0xd534...0dd7)中借贷915.84 WBNB,然后将116.81 WBNB兑换成115.65 fBNB为后续攻击做准备。! ~9 P+ E- Q2 H, L+ N, B

0 I' ~6 o# K7 T. m- ^6 w3 Q. o( k8 F% z5 z- x6 H/ w

& s" }1 A3 r7 ~; m0 I* o: z2. 攻击者利用攻击合约创建了10个合约,为后续攻击做准备。
. e% r+ H% {1 k4 i
5 _9 w* `7 L  d, P' ^, x  W& H; d! m
: J) Y; ~, A4 P6 a& Q" n" C( n  _" k; b6 y/ B6 ^. x, @$ B
+ \% M3 l4 \9 L0 f; a5 s! Y

; f5 B) ?, B% t/ B5 W4 L3. 攻击者接下来将兑换得到的fBNB代币抵押到FEGexPRO合约(0x818e...8bc7)中。* _7 R* [6 e) f( W9 C

# _1 t2 Q" W. }8 Y
. c1 a5 k# A9 J9 k! F" Y0 w6 f4 e$ M" d4 A
4. 然后攻击者重复调用depositInternal和swapToSwap函数,让FEGexPRO合约授权fBNB给之前创建好的其他攻击合约。
/ g2 U- p( g, Y& D8 n- _2 V; K6 k0 n3 p, I8 u8 ^( J9 D

: `! n4 J6 w7 @, C# k
. a1 L- v7 W& J1 L6 |. V. X  m4 J* \1 p3 a& W6 g% I! l

+ B. F! ]* o0 {+ J" Q  @0 P' p8 {5. 然后利用其他攻击合约调用transferFrom函数将FEGexPRO合约中fBNB全部转移到攻击合约(0x9a84...f445)中。! B4 |" Q$ u7 r$ F( j% D3 B( h* [

3 T4 w  l( \8 F$ o' K6 k
/ F' E. u! |4 v: }' ~
/ A9 O( T. o# B8 {+ g& z
! ?2 q) D9 a% B( x
! y9 T" C. F4 {0 y6. 接下来又在LP交易对合约(0x2aa7...6c14)中借贷31,217,683,882,286.007211154 FEG代币和423 WBNB。
' ^0 `2 S7 S/ j  }
  V9 _5 ^/ ^( w# W1 x) j3 ]
( ^6 L* S  C* R; Y
) N' {8 U3 `2 a. a8 c7. 然后重复3、4、5步骤的攻击手法,将FEGexPRO合约中大量FEG代币盗取到攻击合约中。
+ Q" F, x. n9 ^% x2 V
% s0 j0 C% @) X7 S/ D
6 [$ ]/ p" G* T% W  D, o. ?' K- i0 }3 D7 v& s

# D: W4 p1 w% Y
$ X& Z# B* Q3 Q9 B! ]" M, _) i' ^
+ `4 L' ?$ Z. n8 n" z  V# F
  O5 u% u3 F  [& J# I1 Q8. 然后归还闪电贷,将获得的WBNB转入攻击合约中完成此笔攻击。  W7 G1 w: G# p3 T: ~8 ]/ N
9 l0 G& r9 X: i+ |& E0 Y' s1 P

! r3 ?9 u1 w; ~! p- D
& q3 ^7 B* z* e) n( K1 B! c* V3 S8 V. w, n! O
$ T5 u% [) f2 _4 W8 r+ P1 |: I$ C
9. 此后,又利用相同的原理,执行了50余笔相同的攻击,最获利约144 ETH和3280 BNB。
/ K$ _( V. P5 H, e" a! }, t3 ^; ]
) j* l; b9 U6 D5 g
& i5 d& c2 [0 z" `$ _9 J2 h4 \7 g8 E7 a

! _+ Q% ], A! J
1 s; M) g; ~8 o9 [3 v6 T, M0 m0 G$ a1 Z2 T3 G2 t

& f7 c5 ^. x4 ]* m$ ^0 J/ P3 C
+ u9 I, a' j( U& ~
" R5 Y1 o  \! l1 M* e7 k#3 漏洞分析7 c9 B* b: i, q2 m, {
0 }: W; h/ l0 f* q% Y

+ s" k+ R" f  u/ h$ J; V) b/ S  K本次攻击主要利用了FEGexPRO合约中swapToSwap函数中path地址可控且合约中未对path地址进行有效性校验的漏洞。由于合约中depositInternal函数中更新用户余额时依赖于合约中当前代币余额,攻击者通过传入一个恶意的path地址,调用swapToSwap函数时合约中代币余额并未发生变化,导致攻击者可以反复重置攻击合约在FEGexPRO合约中记录的代币数量,从而让FEGexPRO合约将自身代币反复授权给攻击者所控制的多个恶意合约。& \$ c2 h/ e7 R* d3 |4 q" D3 I; f8 P
5 M- z6 U/ X& t- _

9 n, X$ H( p: E; n3 n. ]7 E4 |- e# i. V, G& N, `7 C$ R# [( k9 ~
& I/ G$ s+ r( u3 f$ G1 Q

" D& u$ c3 o6 L5 g+ }' H/ \" o' F9 C- {9 w5 p
! D# A, j$ v! ?; F- k
#4 资金追踪
; c( u3 `* `% I( S2 M( R3 w9 T  [4 Q# Q' {

1 D/ ?" S% x% U- ^$ l$ E0 u; [. T截止发文时,被盗资金仍在攻击者地址(0x73b3...ff7c)中并未转移。
: o6 D5 m% ^/ A' c1 _* h$ ~( a. J, _4 J* p& Z0 S' e5 b- Z
. _# V# p1 q* A3 @4 ^! G! _
' A0 X( R5 s4 A7 e5 B9 b
! q. C# f7 g; @5 s7 T0 W

9 q; a4 X$ `0 J9 j  T+ J1 b
2 o+ Y* i! A. q8 d8 K
+ n. }. X, x' f4 M, D1 n  u7 j% g  {* f% x, I+ G5 r
+ m8 D) K' N( x1 i5 Q. E

: b8 L9 P( z: C  E) H: F& ^
! i! ?0 h$ G' V#5 总结
/ W5 w* C+ P% {8 {0 u+ v9 [/ ^) D
# i- I+ }) T8 g' A- \
1 o, }8 a1 f% ]) Q0 r针对本次事件,成都链安技术团队建议:
  @' R  ]% I/ h# ]. J  q( d8 v. M" f+ s. h

7 Z' f2 r( f- q% C, K
/ l# M; F6 p$ R3 _% x% F项目开发时,应该注意与其他合约交互时可能存在的安全风险,尽量避免将关键参数设置为用户可控。如果业务需求如此,则需要严格判断用户输入的参数是否存在风险。此外建议项目上线前选择专业的安全审计公司进行全面的安全审计,规避安全风险。5 d5 K1 x1 e5 u2 |' m! K
4 e8 V( k1 u1 T3 N# `# Q
avatar
黑客也是厉害啊,又是赚到很多。
avatar
开始发新闻了,也是一堆吧
avatar
如果是行业内的人可以分析一下
avatar
主题回复处广告图案-天策传媒
那你还赶紧的去出手赢个几百万的
avatar
这类新闻适当看一看就可以了
avatar
以后还是立志去干黑客比较赚钱
avatar
黑客很厉害啊,又是赚到了不少的钱的咯
avatar
有门技术肯定是比较好赚钱的事
avatar
这也是要有技术的才能做到了
avatar
还是需要有技术才能够赚钱呢。
avatar
这些黑客果然也是很厉害了
avatar
黑客真的是牛逼哄哄了的哦。
avatar
黑客的火力的那么多啊
avatar
黑客,真厉害,无所不在啊,这是
avatar
看来它还是挺引人注目的公司
 
9.89分 
 
9.42分 
 
9.93分 
 
9.31分 
 
9.92分 
您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

:) :( :D :'( :@ :o
:P :$ ;P :L :Q :lol
:loveliness: :funk: :curse: :dizzy: :shutup: :sleepy:
:hug: :victory: :time: :kiss: :handshake: :call:
{:8_286:} {:8_287:} {:8_288:} {:8_289:}
{:8_290:} {:8_291:} {:8_292:} {:8_293:}
{:8_294:} {:8_295:} {:8_296:} {:8_297:}
{:8_298:} {:8_299:} {:8_300:} {:8_301:}
{:8_302:} {:8_303:} {:8_304:} {:8_305:}
{:8_306:} {:8_307:} {:8_308:} {:8_309:}
{:8_310:} {:8_311:} {:8_312:}
{:8_313:} {:8_314:} {:8_315:} {:8_316:}
{:8_317:} {:8_318:} {:8_319:} {:8_320:}
:) :( :D :'( :@ :o
:P :$ ;P :L :Q :lol
:loveliness: :funk: :curse: :dizzy: :shutup: :sleepy:
:hug: :victory: :time: :kiss: :handshake: :call:
:) :( :D :'( :@ :o
:P :$ ;P :L :Q :lol
:loveliness: :funk: :curse: :dizzy: :shutup: :sleepy:
:hug: :victory: :time: :kiss: :handshake: :call:
:hug: :victory:
:) :( :D :'( :@ :o
:P :$ ;P :L :Q :lol
:loveliness: :funk: :curse: :dizzy: :shutup: :sleepy:
:hug: :victory: :time: :kiss: :handshake: :call:
未有绑定记录
 


Powered by 天策论坛   © 2007-2022 天策论坛 | 小黑屋 | 手机|
1717 : 0