Security
迄今為止,發生了多少次 The DAO 遞歸呼叫漏洞攻擊?
第一個確定的 The DAO 遞歸呼叫漏洞攻擊發生在 2016 年 6 月 17 日,其中確定的帳戶涉及對 The DAO 進行遞歸呼叫漏洞攻擊?.
迄今為止,還發生了多少其他 DAO 攻擊?
概括
截至 2016 年 6 月 22 日 AEST,以下確定了 5 次以上的攻擊:
1 2016 年 6 月 17 日的主要攻擊 #1,在ether.camp/dao-thief中描繪(來自使用者iamtrillion在文章DAOhub.org 中的資訊 -$$ Workgroup $$DAO 白帽團隊)。
- #2 0xae8ad906948ef5ad5e95eed52990ff89312887d7在這裡你可以看到在遞歸呼叫傳輸0x0f6994bd16df20f0d0992a607ab78e8be1a05cb07b411437fed2fec83be1bc9c,已淨賺160.09485354醚($ 1,807.47)0xfe24cdd8648121a43a7c86d289be4dd2951ed49f,並在2016年6月19日下午12時17分37秒開始。第一次攻擊是在reddit/r/ethereum 中發現的——DAO 再次受到攻擊,在撰寫本文時 22 ETH 被黑客入侵。使用了提案#74。
- #3 0x1eb9bd9c2236649b15ee8be1961b40397a64a166在這裡你可以看到在遞歸呼叫傳輸0xfa19dcc4af83627730f63ca92281a87d00e3c5d9f06b173d55e2ce5a47283440,已淨賺2.123311222醚($ 23.84)0xf14c14075d6c4ed84b86798af0956deef67365b5,並在2016年6月19日下午十點20分35秒開始。使用了提案#81。
- #4 0xf68d23ee23703a99d8374a71a92ec0678354498e在這裡你可以看到在遞歸呼叫傳輸0x27a52fd947e623d3393ca59f3e99c654938d387657bf7c12a04f736c27f45648,與269.80994743醚($ 3,145.98)的電流平衡0xfe24cdd8648121a43a7c86d289be4dd2951ed49f,並在2016年6月21日上午08點28分16秒開始(同一帳號在攻擊#2)。許多失敗的交易,餘額不一定都是由遞歸呼叫漏洞造成的。另一個測試攻擊?這些在更長的時間內間隔開。
- #5 0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf是另一個測試或小攻擊。這些在更長的時間內間隔開。目前在0x4613f3bca5c44ea06337a9e439fbc6d42e501d0a, 11605 ETH中有一些積累。
- 呸。最後。白帽攻擊和白帽攻擊更新。 0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334在這裡你可以看到在遞歸呼叫傳輸0x60c58610f70682454d88483e289b7a374b274e546d4f28e76900b9520b40880d和目標帳戶0xb136707642a4ea12fb4bae820f03d2562ebff487與平衡7,277,336.423038517醚($ 96,934,121.15),其開始於塊1745899在2016年6月21日下午5時44分27秒。少數傳輸事件如下:
1,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 2,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 3,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 4,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 5,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 6,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 7,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 8,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 9,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 10,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 11,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 12,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 13,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 14,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 15,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 16,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 17,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 18,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 19,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 20,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 21,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 22,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 23,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 24,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 25,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 26,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 27,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 28,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 29,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 30,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 31,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746770,1000 32,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746785,10000 33,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746808,5000 34,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746825,5000 35,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746830,2500 36,0x2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334,1746830,2500更新 11:54 22/06/2016 AEST
新的攻擊正在進行中。確認白帽 - https://mobile.twitter.com/LefterisJP/status/745419842954530816。現在餘額為 0.14 ETH,因此不再對主賬戶進行攻擊。現在所有拆分提案都不能拆分。
1,0x4f0daa112142ffc4ba1b9f3b76bcd238a094d65b,1747775,1605973 2,0x4f0daa112142ffc4ba1b9f3b76bcd238a094d65b,1747775,1605973 3,0x4f0daa112142ffc4ba1b9f3b76bcd238a094d65b,1747775,1605973 4,0x4f0daa112142ffc4ba1b9f3b76bcd238a094d65b,1747775,1605973 5,0x4f0daa112142ffc4ba1b9f3b76bcd238a094d65b,1747775,1605973 ... 231,0x4f0daa112142ffc4ba1b9f3b76bcd238a094d65b,1747838,1605973大約 266 kETH 已被耗盡。0x4f0daa112142ffc4ba1b9f3b76bcd238a094d65b,目標賬戶為 0x84ef4b2357079cd7a7c69fd7a37cd0609a679106,目前餘額為 266,897.915541427 乙太幣(3,755,253.67 美元)。轉移可以在0x6f8c0d2751e7e18325e1a113019a9ae5372f306d5424722f79d2123a0eb7d598中看到。
更新 22:03 22/06/2016
有關消耗量的詳細資訊,請參閱通過對 DAO 的遞歸呼叫攻擊消耗了多少乙太幣?.
2016 年 6 月 27 日更新
這是https://medium.com/@oaeee通過查看遞歸深度對攻擊帳戶進行的另一種分析,數據取自http://pastebin.com/BZGNeXyR。對 The DAO 的遞歸呼叫攻擊消耗了多少乙太幣?:
Analysis by https://medium.com/@oaeee DAO Wars: The Clone Wars This table shows DAO clones that resulted from attacks and their prey: Depth refers to the recursion depth reached during the attack. The tx field shows the number of ether transfers to the child dao child_dao depth tx prey ------------------------------------------------------------------------------------- b136707642a4ea12fb4bae820f03d2562ebff487 91 642 7561423 <-- Whitehat DAO 1 304a554a310c7e546dfe434669c62820b7d83490 85 14460 3731498 <-- The Dark DAO 84ef4b2357079cd7a7c69fd7a37cd0609a679106 91 1167 386602 <-- Whitehat DAO 2 f4c64518ea10f995918a454158c6b61407ea345c 94 679 325263 4613f3bca5c44ea06337a9e439fbc6d42e501d0a 97 42 22603 aeeb8ff27288bdabc0fa5ebb731b6f409507516c 91 17 6028 fe24cdd8648121a43a7c86d289be4dd2951ed49f 91 36 285 This list shows accounts that successfully attacked the dao: c0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89 <-- orignial hack (proxy 1) f835a0247b0063c04ef22006ebe57c5f11977cc4 <-- original hack (proxy 2) 4f0daa112142ffc4ba1b9f3b76bcd238a094d65b <-- white hat hack 2 2ba9d006c1d72e67a70b5526fc6b4b0c0fd6d334 <-- white hat hack 1 2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf e306aac52823ba1d3938608381a2444d9d641cc1 34a5451ef61a567ee088dcf5f324bfbc4bcf426f ae8ad906948ef5ad5e95eed52990ff89312887d7 f68d23ee23703a99d8374a71a92ec0678354498e Fun fact: The heist has cost the attacker approximately 8.7 ether in gas.細節
將以下腳本複製到
getTheDAOTransferEvents:#!/bin/sh # First search from 1428757 (The DAO creation) to 1736131 # First Transfer event in block 1599207 FIRSTBLOCK=${1:-1599207} LASTBLOCK=${2:-"'latest'"} echo "Searching for The DAO Transfer events to address 0x0000000000000000000000000000000000000000 between blocks $FIRSTBLOCK and $LASTBLOCK" geth attach << EOF | egrep -e ",0x" var theDAOABI = [{"anonymous":false,"inputs":[{"indexed":true,"name":"_from","type":"address"},{"indexed":true,"name":"_to","type":"address"},{"indexed":false,"name":"_amount","type":"uint256"}],"name":"Transfer","type":"event"}]; var theDAOAddress = "0xBB9bc244D798123fDe783fCc1C72d3Bb8C189413"; var theDAO = web3.eth.contract(theDAOABI).at(theDAOAddress); var theDAOTransferEvent = theDAO.Transfer({}, {fromBlock: $FIRSTBLOCK, toBlock: $LASTBLOCK}); console.log("No,From,Block,DAOs"); var i = 0; theDAOTransferEvent.watch(function(error, result){ var args = result.args; if (args._to == "0x0000000000000000000000000000000000000000") { i++; var daos = args._amount / 1e16; console.log(i + "," + args._from + "," + result.blockNumber + "," + daos); } }); theDAOTransferEvent.stopWatching(); EOF使用 . 設置文件的可執行位
chmod 700 getTheDAOTransferEvents。不帶任何參數的腳本會搜尋區塊 1599207(第一個 Transfer 事件出現在該區塊)和最新區塊之間的 Transfer 事件。這需要一些時間。您可以指定一個參數,該參數將用作要搜尋的第一個塊。或者,您可以為要搜尋的第一個和最後一個塊指定兩個參數。
此腳本將僅搜尋
_to:地址所在的傳輸事件,0x0000000000000000000000000000000000000000因為這是遞歸呼叫漏洞黑客傳輸的特徵。來自同一地址的多個 Transfer 事件將位於同一塊編號中。首先
geth console在終端視窗中執行。然後在單獨的終端視窗中執行腳本以提取所有感興趣的傳輸事件,使用
./getTheDAOTransferEvents > output.txt讓我們排除 6 月 17 日攻擊的地址 - 0xf835a0247b0063c04ef22006ebe57c5f11977cc4和0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89:
egrep -v "0xf835a024|0xc0ee9db1" output.txt Searching for The DAO Transfer events to address 0x0000000000000000000000000000000000000000 between blocks 1599207 and 'latest' 1,0x13680fa2a60fd551894199f009cca20fb63a3e31,1642728,1.0000000000000409 2,0xa72ded5c1122312d9f4ed66bf4a396139eadaf56,1648837,99999.99 3,0x56bcc40e5e76c658fad956ee32e4250bf97468a1,1648853,100000 4,0xf8f9fc62a19c87c657a06febd184f068c0fc9cae,1652799,50000 5,0x1502447aadf5979e7a842709cd6c4f60afb0a281,1653975,6086.72863124 6,0xb0ea1855228793d06e22dd6164fe6e8ea60a9145,1657485,125000 7,0x3d5507b53d1613d8491a606ecf5c9268301095dd,1657567,79.851818 8,0x042d2f9c0356d54e2f91ecfc30eac6711d40d8c4,1657649,10 9,0x13680fa2a60fd551894199f009cca20fb63a3e31,1659011,3457499.18 10,0xf398c9b8107dccc697546969fb2d5956762b60fb,1659144,1686495.654 11,0xe7535ddfcbefe5c318d271476d068d5f7cf77290,1661021,1000 12,0x6c0d74c64b4ed871837651c4ab3cdce425c1ec6c,1663755,9999.851818000001 13,0x95a61f934d66580dd410a7369f9c5b8e228d2ff3,1663977,1000 14,0xb18e6467db64686dfed14c7368ca59e5019c95c8,1664014,36737.990714019994 15,0x598c72e3fe70e76d2e2f47f529f22634330ffcf3,1665558,4 16,0xb42da5b3701a0592e5aa0aebc0c20711bd49fb46,1666381,10705 17,0xcf69ab35bb6a87a68ce83571a174eef4f998baa7,1667056,960964.209 18,0xcf69ab35bb6a87a68ce83571a174eef4f998baa7,1667381,21326.5709481 19,0xcf69ab35bb6a87a68ce83571a174eef4f998baa7,1667694,155758.42108477 20,0xfdf97eaa34a883647fac329926b1747e9ef601c6,1668800,5000 21,0x7ead5155cef3c97a938967902ab4f9a5c0fc1930,1668807,4999 22,0x50211bb45d81714938e047707c25cdfcd3f5d2f4,1668818,16686.37588422 23,0xa7c605a1aacb641d873c82f9b2715e87339dfd48,1670146,4117.329243 24,0xf4c0eef475ab35625ac223394f9c410ccb577747,1670795,212183.45006283 25,0x98dac39fdcc5c9a8dfc6f63898b62704806851b4,1674370,7676.17428491 26,0xcf69ab35bb6a87a68ce83571a174eef4f998baa7,1676663,85848.11449128 27,0x2b15c5211bda6a867c582080536f6c61766aa5af,1679412,10000 28,0x5a422fb07fc9270f5b310fc61f85b8e779cb29a2,1684882,25000 29,0xcf69ab35bb6a87a68ce83571a174eef4f998baa7,1690158,90000 30,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1690199,307399.18075137 31,0x374139a05ac55917badd3f934f1b93f5c8623ded,1691232,17500 32,0xe82d5b10ad98d34df448b07a5a62c1affbef758f,1693763,98900 33,0xaf2ac7f7115e96eed2d7a992c6d9558275da55d4,1697247,400 34,0x8b78537055e83b79a68ef00d8ed78d3c09480067,1697276,100 35,0x67d6a8aa1bf8d6eaf7384e993dfdf10f0af68a61,1698403,19806.551818 36,0x231d94155dbcfe2a93a319b6171f63b20bd2b6fa,1699065,381995.051818 37,0x5992624c54cdec60a5ae938033af8be0c50cbb0a,1699098,362167.651818 38,0x2dd2951b955a805f9e1e5204c2f420df6a74995d,1699123,1e-16 39,0x883a78aeabaa50d8ddd8570bcd34265f14b19363,1699141,387994.951818 40,0xf8c3879ee8dde81f074abca79b2270eab9942ec1,1701591,2 41,0x0f935781046701897c9e0d9876fb5c82d89d53be,1701640,100 42,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1703092,311546.00029172003 43,0x5accb9f69bb0c04465d6701bdce4d8bd0198d0f6,1704529,500 44,0xd68ba7734753e2ee54103116323aba2d94c78dc5,1704540,285000.07800000004 45,0x4a719061f5285495b37b9d7ef8a51b07d6e6acac,1704686,146979.831818 46,0x065f074f1e93a215a9a05b2c92059ca44a4827eb,1707213,0.99 47,0x42b8a09e46e6e367ed0135d3cd7fbdce777e0873,1709070,1527.604 48,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1710310,167069.04039553 49,0x547389052a8dc86365c46641b5184956ec22749d,1713216,1095687.54708443 50,0xf6175d230b6fc1398c3cd5fd3054366cd1e193cb,1713223,1973982.13583881 51,0x208e4a03118380b4f63cf056ecbfe0a241a41b46,1713572,500 52,0x65c407ffea9fcff194fe9d3335d2b78416226056,1714399,10 53,0x9a9d6a470fc8034085ee8e509623e2f742da6625,1715645,100000 54,0x46664c1e2ddd896a3e0c2b3d502842f261b9e62f,1718201,1.41384222 5815,0x4b595e2328b73a7f4e4cb65b506a74d836bbd7f9,1719077,118000.00000001 12138,0x4b595e2328b73a7f4e4cb65b506a74d836bbd7f9,1719710,33647.948106920005 12429,0xc914fe094086017d0596869f8fb31621f93bde14,1719742,9000.00000001 12662,0x4b595e2328b73a7f4e4cb65b506a74d836bbd7f9,1719778,9999.99 12895,0x4853143d0f5524df67a0a5bdd2fb63c76c7693f6,1719809,1000 13302,0xb45614546c57d8fd106091095e06de0f10a86035,1719946,199500 13738,0x53cec6c88092f756efe56f7db11228a2db45b122,1720084,238999.99000000002 13855,0xc914fe094086017d0596869f8fb31621f93bde14,1720133,10.238061 13914,0x7b0aed10c3b86738f96cbd4fb0933085e0e1ddca,1720156,40465 13944,0x38b16b208a94ee3516d2d3977ebddcc027fb70ca,1720158,40000 14119,0x653a92d29da111e0912b4c01ed453c2e2de73170,1720223,2500099.8369998 14120,0x5b5d8c8eed6c85ac215661de026676823faa0a0c,1720223,200000 14179,0x1502447aadf5979e7a842709cd6c4f60afb0a281,1720256,1 14180,0x835ad98ab8af27814f6563b3117d6b0ab897f83b,1720256,149900 14181,0x96dade6c87e483acb081e9f669b4fc029a440e8b,1720319,99700 14182,0x4e0494181464ce213089eb86b8195ed135eb4d48,1720648,136306.34604707002 14183,0xa4084616dac89e5fd7b81c30e73deb7bcbcc8716,1720726,100000 14184,0x3065a8444787f076bff10e5df3ec66606e3c8b68,1720794,10 14185,0xf3b7a623e833331db177484ec75e1ca522d8d780,1720850,15000 14186,0x5accb9f69bb0c04465d6701bdce4d8bd0198d0f6,1720941,84339.01838214 14187,0xc111bfcb7f36dbbbd07222a44d2c151ce6e8a2cc,1720983,44417.816687743805 14188,0x7892e574caddbb5e9491de9f26c1f2747f442eee,1721041,10000 14189,0x0d70592f27ec3d8996b4317150b3ed8c0cd57e38,1721044,108445.261 14190,0xe3d788da2861b258b2d3f61ed8d8a699bda06ed6,1721046,4000 14191,0xabe6d3b3b88277e5d9d58318be0d66896d806d92,1721050,200000 14192,0x9999d6102715ac273c8d89bb7c219571f80a80c1,1721075,662.87305153 14193,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1722391,900 14194,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1722428,132570.44771255 14195,0xc914fe094086017d0596869f8fb31621f93bde14,1722488,5000 14196,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1722565,36500 14197,0x556b2b8d4c0da3433544756c237503ccf51b2df4,1722667,4983.2928 14198,0xf8f9fc62a19c87c657a06febd184f068c0fc9cae,1723074,16086.67311529 14199,0x547389052a8dc86365c46641b5184956ec22749d,1723509,3.3158869 14200,0x547389052a8dc86365c46641b5184956ec22749d,1723627,3.40679797 14201,0x7b0aed10c3b86738f96cbd4fb0933085e0e1ddca,1724036,11516.00337837 14202,0xf71571246613349c0d5e9aedc88c8366cc20d08b,1724345,55936.990000000005 14203,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1724434,61492.09406702001 14204,0x65c407ffea9fcff194fe9d3335d2b78416226056,1724566,10 14205,0x65c407ffea9fcff194fe9d3335d2b78416226056,1724636,30 14206,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1725553,64736.291076919995 14207,0xf8f9fc62a19c87c657a06febd184f068c0fc9cae,1725674,14400.005001489999 14208,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1726584,13898.51109647 14209,0x65c407ffea9fcff194fe9d3335d2b78416226056,1726699,12560 14210,0x65c407ffea9fcff194fe9d3335d2b78416226056,1726771,113000 14211,0xfaed3f06255794bf3f83d7ab08d4554d5d218b41,1727021,1999.99 14212,0xde013d0fb1b41ea3c86bb335487c52acc8484bf2,1727467,102500 14213,0xb97da70585d77f3a54fc213efd0adb6f07158bd8,1727501,2e-16 14214,0xf5200578ee1147886b55cfdc3e7798557dfaa1b4,1727512,102500 14215,0x534206b24e54e1edd4940cf465e5b66db0ad73b6,1727528,120095.13098016 14216,0xb97da70585d77f3a54fc213efd0adb6f07158bd8,1727529,2e-16 14217,0x26bdce6e4ea9afd060049993ed11f153eb1e322f,1727535,102500 14218,0x286635c294b61bf10f416bbb7b579a0035379d33,1727540,410000 14219,0x5553b4f0e2ce499930b79c3b48bd6c13a0571c34,1727548,150000 14220,0xf8f9fc62a19c87c657a06febd184f068c0fc9cae,1727693,8177.390000010001 14221,0x7b0aed10c3b86738f96cbd4fb0933085e0e1ddca,1727918,16567.13716853 14222,0xaf496a1083a3a7c7edb831f2e9a31eb065f5a228,1728600,4 14223,0x7d799e7f1ed991a8cc7be2e24c4abf8775317538,1728724,115.665 14224,0xda2384f1a7d80ca65469576228d268a5cacbfbe7,1728771,210.56135662 14225,0x56bcc40e5e76c658fad956ee32e4250bf97468a1,1729108,9.84281477 14226,0x68bbe7b8ea5c6435c427e1423d2b35da29eb148a,1730795,24900 14227,0x10ed2372778da1b9d96782c894b752d8a647deb8,1730874,151.735 14228,0xf8f9fc62a19c87c657a06febd184f068c0fc9cae,1731788,2795.79 14229,0xab9acc3c451e43e18dd61ab11048c07b74c99eee,1732408,123 14230,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732448,124 14231,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732448,124 14232,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732448,124 14233,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732448,124 14234,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732448,124 14235,0x374139a05ac55917badd3f934f1b93f5c8623ded,1732460,3000.61667718 14236,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14237,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14238,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14239,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14240,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14241,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14242,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14243,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14244,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14245,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14246,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14247,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14248,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14249,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14250,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14251,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14252,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14253,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14254,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14255,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14256,0xae8ad906948ef5ad5e95eed52990ff89312887d7,1732504,124 14257,0x7727b2afc5a6816452a455e65a6a7dd01d03af4b,1732829,101.904674 14258,0x36786c2ef40834810a6513f48a7ff497cda5f3af,1732902,406.474050294275 14259,0x56bcc40e5e76c658fad956ee32e4250bf97468a1,1733443,3000 14260,0xb3f27731bfe38848694930b3a4db9a973df1560a,1733709,4000 14261,0xf68d23ee23703a99d8374a71a92ec0678354498e,1733738,8000 14262,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735080,81.21739093 14263,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735080,81.21739093 14264,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735080,81.21739093 14265,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735235,60 14266,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735485,1 14267,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735485,1 14268,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735485,1 14269,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735506,1 14270,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735506,1 14271,0x1eb9bd9c2236649b15ee8be1961b40397a64a166,1735506,1 14272,0xb3f27731bfe38848694930b3a4db9a973df1560a,1737170,8000從上面的列表中,候選人是:
- 0xae8ad906948ef5ad5e95eed52990ff89312887d7在這裡你可以看到在遞歸呼叫傳輸0x0f6994bd16df20f0d0992a607ab78e8be1a05cb07b411437fed2fec83be1bc9c並已拘捕160.09485354醚(1,807.47 $)0xfe24cdd8648121a43a7c86d289be4dd2951ed49f。第一次攻擊是在reddit/r/ethereum 中發現的——DAO 再次受到攻擊,在撰寫本文時 22 ETH 被黑客入侵。
- 0x1eb9bd9c2236649b15ee8be1961b40397a64a166在這裡你可以看到在遞歸呼叫傳輸0xfa19dcc4af83627730f63ca92281a87d00e3c5d9f06b173d55e2ce5a47283440並已拘捕2.123311222醚(23.84 $)0xf14c14075d6c4ed84b86798af0956deef67365b5。
更新 21/06/2016
還有幾個看起來可疑的 DAO Transfer 事件,間隔數小時,用於測試或避免檢測:
1,0xf68d23ee23703a99d8374a71a92ec0678354498e,1743641,0.002 2,0xf68d23ee23703a99d8374a71a92ec0678354498e,1743641,0.002 3,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745366,5000 4,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745366,5000 5,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745402,1000 6,0xf68d23ee23703a99d8374a71a92ec0678354498e,1745408,1 7,0xf68d23ee23703a99d8374a71a92ec0678354498e,1745408,1 8,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745431,5500 9,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745434,5500 10,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745491,5500 11,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745517,6300 12,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745533,18800 13,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745559,18800 15,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745576,18800 15,0x2ed6dac2b01a2a27803d6fe4f8e9729e92a8dfcf,1745602,18800拆分提案 ID
要查找用於發起攻擊的拆分提案,請瀏覽帳戶並蒐索合約創建後第一個非內部交易的輸入數據。例如,考慮0xae8ad906948ef5ad5e95eed52990ff89312887d7。區塊 1732364 中頁面上的倒數第二筆交易,txid 為0x8445ab0d5738a1ddb06b461b733280ed7df1ce8ff34495e165d4905029eca8b8,輸入數據如下:
0x43902c87 000000000000000000000000bb9bc244d798123fde783fcc1c72d3bb8c189413 000000000000000000000000000000000000000000000000000000000000004a 0000000000000000000000001bc31e2e4f1bcc0a7dd9d849dfc57e66e59896ab 0000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000011355d6e217c0000第三行中的 0…004a 是十六進制格式的提案 ID - 提案 #74。
賬戶
第二行中的0xbb9bc244d798123fde783fcc1c72d3bb8c189413是 DAO 帳戶。第四行中的0x1bc31e2e4f1bcc0a7dd9d849dfc57e66e59896ab似乎是 splitDAO() 創建的持有乙太幣 27 天的賬戶。
2016 年 6 月 17 日的攻擊轉移事件
以下是 2016 年 6 月 17 日 14,112 次攻擊轉移事件的一小部分(我只是選擇了塊 1718497 和 1718504 之間的一小部分):
user@Kumquat:~$ ./getTheDAOTransferEvents 1718497 1718504 Searching for The DAO Transfer events to address 0x0000000000000000000000000000000000000000 between blocks 1718497 and 1718504 1,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 2,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 3,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 4,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 5,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 6,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 7,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 8,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 9,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718497,25805.6141471 ... 44,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718504,25805.6141471 45,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718504,25805.6141471 46,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718504,25805.6141471 47,0xc0ee9db1a9e07ca63e4ff0d5fb6f86bf68d47b89,1718504,25805.6141471