Notice
Recent Posts
Recent Comments
Link
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 |
Tags
- EVM
- tx.origin
- ethereum
- transaction
- openzepplin
- secureum
- Ethererum
- Smart contract
- Coin
- Block
- web assembly
- byte code
- syntax
- solidity
- writeup
- ethereum virtual machine
- TransferFrom
- Oracle Cloud
- Wargame
- chain reorganization
- coin flip
- web3
- Assembly
- NaughtCoin
- audit
- hard fork
- libray
- ethernaut
- approve
- soft fork
Archives
- Today
- Total
목록tx.origin (1)
c0mpos3r
[Ethernaut] 04. Telephone WriteUp
1. 문제 분석While this example may be simple, confusing tx.origin with msg.sender can lead to phishing-style attacks, such as this.An example of a possible attack is outlined below.Use tx.origin to determine whose tokens to transfer, e.g.function transfer(address _to, uint _value) { tokens[tx.origin] -= _value; tokens[_to] += _value; } Attacker gets victim to send funds to a malicious contract that ..
Web3/Hacking
2025. 8. 24. 23:49