├── .github └── workflows │ ├── build-ducks-agent.yaml │ ├── build-hide-on-bush-daemon.yaml │ └── build-infra.yaml ├── README.md ├── challenges ├── .gitignore ├── be-billionaire-today │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ └── Challenge.sol │ │ └── solve.py ├── cup-of-tea │ ├── .gitignore │ ├── Move.lock │ ├── Move.toml │ ├── README.md │ ├── sources │ │ └── Cupof7ea.move │ ├── tests │ │ └── Cupof7eaTest.move │ └── to-players │ │ └── Cupof7ea.mv ├── ducks │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── README.md │ │ ├── agents │ │ ├── Dockerfile │ │ ├── abi │ │ │ ├── Context.abi │ │ │ ├── Ducks.abi │ │ │ ├── ERC20.abi │ │ │ ├── IERC20Errors.abi │ │ │ ├── IERC20Metadata.abi │ │ │ ├── IERC20V.abi │ │ │ ├── Ownable.abi │ │ │ ├── RewardToken.abi │ │ │ ├── WETH.json │ │ │ └── bad.json │ │ ├── anvil │ │ ├── anvil-bin │ │ ├── frontend │ │ │ ├── barn2.png │ │ │ ├── duck0.png │ │ │ ├── duck1.png │ │ │ ├── duck10.png │ │ │ ├── duck11.png │ │ │ ├── duck12.png │ │ │ ├── duck2.png │ │ │ ├── duck3.png │ │ │ ├── duck4.png │ │ │ ├── duck5.png │ │ │ ├── duck6.png │ │ │ ├── duck7.png │ │ │ ├── duck8.png │ │ │ ├── duck9.png │ │ │ ├── earth.png │ │ │ ├── earth2.png │ │ │ ├── gift.png │ │ │ ├── index.html │ │ │ └── poop.png │ │ ├── index.js │ │ ├── initializer.py │ │ ├── package-lock.json │ │ └── package.json │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ ├── Challenge.sol │ │ │ └── ERC20.sol │ │ └── solve.py ├── eazy-nft │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ ├── forge-std │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ ├── ci.yml │ │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ │ └── ds-test │ │ │ │ │ │ ├── .github │ │ │ │ │ │ └── workflows │ │ │ │ │ │ │ └── build.yml │ │ │ │ │ │ ├── .gitignore │ │ │ │ │ │ ├── LICENSE │ │ │ │ │ │ ├── Makefile │ │ │ │ │ │ ├── default.nix │ │ │ │ │ │ ├── demo │ │ │ │ │ │ └── demo.sol │ │ │ │ │ │ ├── package.json │ │ │ │ │ │ └── src │ │ │ │ │ │ ├── test.sol │ │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ │ ├── Base.sol │ │ │ │ │ ├── Script.sol │ │ │ │ │ ├── StdAssertions.sol │ │ │ │ │ ├── StdChains.sol │ │ │ │ │ ├── StdCheats.sol │ │ │ │ │ ├── StdError.sol │ │ │ │ │ ├── StdInvariant.sol │ │ │ │ │ ├── StdJson.sol │ │ │ │ │ ├── StdMath.sol │ │ │ │ │ ├── StdStorage.sol │ │ │ │ │ ├── StdStyle.sol │ │ │ │ │ ├── StdUtils.sol │ │ │ │ │ ├── Test.sol │ │ │ │ │ ├── Vm.sol │ │ │ │ │ ├── console.sol │ │ │ │ │ ├── console2.sol │ │ │ │ │ ├── interfaces │ │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ │ └── IMulticall3.sol │ │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ │ ├── StdChains.t.sol │ │ │ │ │ ├── StdCheats.t.sol │ │ │ │ │ ├── StdError.t.sol │ │ │ │ │ ├── StdMath.t.sol │ │ │ │ │ ├── StdStorage.t.sol │ │ │ │ │ ├── StdStyle.t.sol │ │ │ │ │ ├── StdUtils.t.sol │ │ │ │ │ ├── Vm.t.sol │ │ │ │ │ ├── compilation │ │ │ │ │ ├── CompilationScript.sol │ │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ │ ├── CompilationTest.sol │ │ │ │ │ └── CompilationTestBase.sol │ │ │ │ │ └── fixtures │ │ │ │ │ └── broadcast.log.json │ │ │ └── openzeppelin-contracts │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── contracts │ │ │ │ ├── access │ │ │ │ │ ├── AccessControl.sol │ │ │ │ │ ├── IAccessControl.sol │ │ │ │ │ ├── Ownable.sol │ │ │ │ │ ├── Ownable2Step.sol │ │ │ │ │ ├── README.adoc │ │ │ │ │ ├── extensions │ │ │ │ │ │ ├── AccessControlDefaultAdminRules.sol │ │ │ │ │ │ ├── AccessControlEnumerable.sol │ │ │ │ │ │ ├── IAccessControlDefaultAdminRules.sol │ │ │ │ │ │ └── IAccessControlEnumerable.sol │ │ │ │ │ └── manager │ │ │ │ │ │ ├── AccessManaged.sol │ │ │ │ │ │ ├── AccessManager.sol │ │ │ │ │ │ ├── AuthorityUtils.sol │ │ │ │ │ │ ├── IAccessManaged.sol │ │ │ │ │ │ ├── IAccessManager.sol │ │ │ │ │ │ └── IAuthority.sol │ │ │ │ ├── finance │ │ │ │ │ ├── README.adoc │ │ │ │ │ └── VestingWallet.sol │ │ │ │ ├── governance │ │ │ │ │ ├── Governor.sol │ │ │ │ │ ├── IGovernor.sol │ │ │ │ │ ├── README.adoc │ │ │ │ │ ├── TimelockController.sol │ │ │ │ │ ├── extensions │ │ │ │ │ │ ├── GovernorCountingSimple.sol │ │ │ │ │ │ ├── GovernorPreventLateQuorum.sol │ │ │ │ │ │ ├── GovernorSettings.sol │ │ │ │ │ │ ├── GovernorStorage.sol │ │ │ │ │ │ ├── GovernorTimelockAccess.sol │ │ │ │ │ │ ├── GovernorTimelockCompound.sol │ │ │ │ │ │ ├── GovernorTimelockControl.sol │ │ │ │ │ │ ├── GovernorVotes.sol │ │ │ │ │ │ └── GovernorVotesQuorumFraction.sol │ │ │ │ │ └── utils │ │ │ │ │ │ ├── IVotes.sol │ │ │ │ │ │ └── Votes.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC1155MetadataURI.sol │ │ │ │ │ ├── IERC1155Receiver.sol │ │ │ │ │ ├── IERC1271.sol │ │ │ │ │ ├── IERC1363.sol │ │ │ │ │ ├── IERC1363Receiver.sol │ │ │ │ │ ├── IERC1363Spender.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC1820Implementer.sol │ │ │ │ │ ├── IERC1820Registry.sol │ │ │ │ │ ├── IERC1967.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC20Metadata.sol │ │ │ │ │ ├── IERC2309.sol │ │ │ │ │ ├── IERC2612.sol │ │ │ │ │ ├── IERC2981.sol │ │ │ │ │ ├── IERC3156.sol │ │ │ │ │ ├── IERC3156FlashBorrower.sol │ │ │ │ │ ├── IERC3156FlashLender.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC4906.sol │ │ │ │ │ ├── IERC5267.sol │ │ │ │ │ ├── IERC5313.sol │ │ │ │ │ ├── IERC5805.sol │ │ │ │ │ ├── IERC6372.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ ├── IERC721Enumerable.sol │ │ │ │ │ ├── IERC721Metadata.sol │ │ │ │ │ ├── IERC721Receiver.sol │ │ │ │ │ ├── IERC777.sol │ │ │ │ │ ├── IERC777Recipient.sol │ │ │ │ │ ├── IERC777Sender.sol │ │ │ │ │ ├── README.adoc │ │ │ │ │ ├── draft-IERC1822.sol │ │ │ │ │ └── draft-IERC6093.sol │ │ │ │ ├── metatx │ │ │ │ │ ├── ERC2771Context.sol │ │ │ │ │ ├── ERC2771Forwarder.sol │ │ │ │ │ └── README.adoc │ │ │ │ ├── mocks │ │ │ │ │ ├── AccessManagedTarget.sol │ │ │ │ │ ├── ArraysMock.sol │ │ │ │ │ ├── AuthorityMock.sol │ │ │ │ │ ├── CallReceiverMock.sol │ │ │ │ │ ├── ContextMock.sol │ │ │ │ │ ├── DummyImplementation.sol │ │ │ │ │ ├── EIP712Verifier.sol │ │ │ │ │ ├── ERC1271WalletMock.sol │ │ │ │ │ ├── ERC165 │ │ │ │ │ │ ├── ERC165InterfacesSupported.sol │ │ │ │ │ │ ├── ERC165MaliciousData.sol │ │ │ │ │ │ ├── ERC165MissingData.sol │ │ │ │ │ │ ├── ERC165NotSupported.sol │ │ │ │ │ │ └── ERC165ReturnBomb.sol │ │ │ │ │ ├── ERC2771ContextMock.sol │ │ │ │ │ ├── ERC3156FlashBorrowerMock.sol │ │ │ │ │ ├── EtherReceiverMock.sol │ │ │ │ │ ├── InitializableMock.sol │ │ │ │ │ ├── MulticallHelper.sol │ │ │ │ │ ├── MultipleInheritanceInitializableMocks.sol │ │ │ │ │ ├── PausableMock.sol │ │ │ │ │ ├── ReentrancyAttack.sol │ │ │ │ │ ├── ReentrancyMock.sol │ │ │ │ │ ├── RegressionImplementation.sol │ │ │ │ │ ├── SingleInheritanceInitializableMocks.sol │ │ │ │ │ ├── Stateless.sol │ │ │ │ │ ├── StorageSlotMock.sol │ │ │ │ │ ├── TimelockReentrant.sol │ │ │ │ │ ├── UpgradeableBeaconMock.sol │ │ │ │ │ ├── VotesMock.sol │ │ │ │ │ ├── compound │ │ │ │ │ │ └── CompTimelock.sol │ │ │ │ │ ├── docs │ │ │ │ │ │ ├── ERC20WithAutoMinerReward.sol │ │ │ │ │ │ ├── ERC4626Fees.sol │ │ │ │ │ │ ├── access-control │ │ │ │ │ │ │ ├── AccessControlERC20MintBase.sol │ │ │ │ │ │ │ ├── AccessControlERC20MintMissing.sol │ │ │ │ │ │ │ ├── AccessControlERC20MintOnlyRole.sol │ │ │ │ │ │ │ ├── AccessManagedERC20MintBase.sol │ │ │ │ │ │ │ └── MyContractOwnable.sol │ │ │ │ │ │ └── governance │ │ │ │ │ │ │ ├── MyGovernor.sol │ │ │ │ │ │ │ ├── MyToken.sol │ │ │ │ │ │ │ ├── MyTokenTimestampBased.sol │ │ │ │ │ │ │ └── MyTokenWrapped.sol │ │ │ │ │ ├── governance │ │ │ │ │ │ ├── GovernorMock.sol │ │ │ │ │ │ ├── GovernorPreventLateQuorumMock.sol │ │ │ │ │ │ ├── GovernorStorageMock.sol │ │ │ │ │ │ ├── GovernorTimelockAccessMock.sol │ │ │ │ │ │ ├── GovernorTimelockCompoundMock.sol │ │ │ │ │ │ ├── GovernorTimelockControlMock.sol │ │ │ │ │ │ ├── GovernorVoteMock.sol │ │ │ │ │ │ └── GovernorWithParamsMock.sol │ │ │ │ │ ├── proxy │ │ │ │ │ │ ├── BadBeacon.sol │ │ │ │ │ │ ├── ClashingImplementation.sol │ │ │ │ │ │ └── UUPSUpgradeableMock.sol │ │ │ │ │ └── token │ │ │ │ │ │ ├── ERC1155ReceiverMock.sol │ │ │ │ │ │ ├── ERC20ApprovalMock.sol │ │ │ │ │ │ ├── ERC20DecimalsMock.sol │ │ │ │ │ │ ├── ERC20ExcessDecimalsMock.sol │ │ │ │ │ │ ├── ERC20FlashMintMock.sol │ │ │ │ │ │ ├── ERC20ForceApproveMock.sol │ │ │ │ │ │ ├── ERC20Mock.sol │ │ │ │ │ │ ├── ERC20MulticallMock.sol │ │ │ │ │ │ ├── ERC20NoReturnMock.sol │ │ │ │ │ │ ├── ERC20Reentrant.sol │ │ │ │ │ │ ├── ERC20ReturnFalseMock.sol │ │ │ │ │ │ ├── ERC20VotesLegacyMock.sol │ │ │ │ │ │ ├── ERC20VotesTimestampMock.sol │ │ │ │ │ │ ├── ERC4626LimitsMock.sol │ │ │ │ │ │ ├── ERC4626Mock.sol │ │ │ │ │ │ ├── ERC4626OffsetMock.sol │ │ │ │ │ │ ├── ERC4646FeesMock.sol │ │ │ │ │ │ ├── ERC721ConsecutiveEnumerableMock.sol │ │ │ │ │ │ ├── ERC721ConsecutiveMock.sol │ │ │ │ │ │ ├── ERC721ReceiverMock.sol │ │ │ │ │ │ └── ERC721URIStorageMock.sol │ │ │ │ ├── package.json │ │ │ │ ├── proxy │ │ │ │ │ ├── Clones.sol │ │ │ │ │ ├── ERC1967 │ │ │ │ │ │ ├── ERC1967Proxy.sol │ │ │ │ │ │ └── ERC1967Utils.sol │ │ │ │ │ ├── Proxy.sol │ │ │ │ │ ├── README.adoc │ │ │ │ │ ├── beacon │ │ │ │ │ │ ├── BeaconProxy.sol │ │ │ │ │ │ ├── IBeacon.sol │ │ │ │ │ │ └── UpgradeableBeacon.sol │ │ │ │ │ ├── transparent │ │ │ │ │ │ ├── ProxyAdmin.sol │ │ │ │ │ │ └── TransparentUpgradeableProxy.sol │ │ │ │ │ └── utils │ │ │ │ │ │ ├── Initializable.sol │ │ │ │ │ │ └── UUPSUpgradeable.sol │ │ │ │ ├── token │ │ │ │ │ ├── ERC1155 │ │ │ │ │ │ ├── ERC1155.sol │ │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ │ ├── IERC1155Receiver.sol │ │ │ │ │ │ ├── README.adoc │ │ │ │ │ │ ├── extensions │ │ │ │ │ │ │ ├── ERC1155Burnable.sol │ │ │ │ │ │ │ ├── ERC1155Pausable.sol │ │ │ │ │ │ │ ├── ERC1155Supply.sol │ │ │ │ │ │ │ ├── ERC1155URIStorage.sol │ │ │ │ │ │ │ └── IERC1155MetadataURI.sol │ │ │ │ │ │ └── utils │ │ │ │ │ │ │ └── ERC1155Holder.sol │ │ │ │ │ ├── ERC20 │ │ │ │ │ │ ├── ERC20.sol │ │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ │ ├── README.adoc │ │ │ │ │ │ ├── extensions │ │ │ │ │ │ │ ├── ERC20Burnable.sol │ │ │ │ │ │ │ ├── ERC20Capped.sol │ │ │ │ │ │ │ ├── ERC20FlashMint.sol │ │ │ │ │ │ │ ├── ERC20Pausable.sol │ │ │ │ │ │ │ ├── ERC20Permit.sol │ │ │ │ │ │ │ ├── ERC20Votes.sol │ │ │ │ │ │ │ ├── ERC20Wrapper.sol │ │ │ │ │ │ │ ├── ERC4626.sol │ │ │ │ │ │ │ ├── IERC20Metadata.sol │ │ │ │ │ │ │ └── IERC20Permit.sol │ │ │ │ │ │ └── utils │ │ │ │ │ │ │ └── SafeERC20.sol │ │ │ │ │ ├── ERC721 │ │ │ │ │ │ ├── ERC721.sol │ │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ │ ├── IERC721Receiver.sol │ │ │ │ │ │ ├── README.adoc │ │ │ │ │ │ ├── extensions │ │ │ │ │ │ │ ├── ERC721Burnable.sol │ │ │ │ │ │ │ ├── ERC721Consecutive.sol │ │ │ │ │ │ │ ├── ERC721Enumerable.sol │ │ │ │ │ │ │ ├── ERC721Pausable.sol │ │ │ │ │ │ │ ├── ERC721Royalty.sol │ │ │ │ │ │ │ ├── ERC721URIStorage.sol │ │ │ │ │ │ │ ├── ERC721Votes.sol │ │ │ │ │ │ │ ├── ERC721Wrapper.sol │ │ │ │ │ │ │ ├── IERC721Enumerable.sol │ │ │ │ │ │ │ └── IERC721Metadata.sol │ │ │ │ │ │ └── utils │ │ │ │ │ │ │ └── ERC721Holder.sol │ │ │ │ │ └── common │ │ │ │ │ │ ├── ERC2981.sol │ │ │ │ │ │ └── README.adoc │ │ │ │ ├── utils │ │ │ │ │ ├── Address.sol │ │ │ │ │ ├── Arrays.sol │ │ │ │ │ ├── Base64.sol │ │ │ │ │ ├── Context.sol │ │ │ │ │ ├── Create2.sol │ │ │ │ │ ├── Multicall.sol │ │ │ │ │ ├── Nonces.sol │ │ │ │ │ ├── Pausable.sol │ │ │ │ │ ├── README.adoc │ │ │ │ │ ├── ReentrancyGuard.sol │ │ │ │ │ ├── ShortStrings.sol │ │ │ │ │ ├── StorageSlot.sol │ │ │ │ │ ├── Strings.sol │ │ │ │ │ ├── cryptography │ │ │ │ │ │ ├── ECDSA.sol │ │ │ │ │ │ ├── EIP712.sol │ │ │ │ │ │ ├── MerkleProof.sol │ │ │ │ │ │ ├── MessageHashUtils.sol │ │ │ │ │ │ └── SignatureChecker.sol │ │ │ │ │ ├── introspection │ │ │ │ │ │ ├── ERC165.sol │ │ │ │ │ │ ├── ERC165Checker.sol │ │ │ │ │ │ └── IERC165.sol │ │ │ │ │ ├── math │ │ │ │ │ │ ├── Math.sol │ │ │ │ │ │ ├── SafeCast.sol │ │ │ │ │ │ └── SignedMath.sol │ │ │ │ │ ├── structs │ │ │ │ │ │ ├── BitMaps.sol │ │ │ │ │ │ ├── Checkpoints.sol │ │ │ │ │ │ ├── DoubleEndedQueue.sol │ │ │ │ │ │ ├── EnumerableMap.sol │ │ │ │ │ │ └── EnumerableSet.sol │ │ │ │ │ └── types │ │ │ │ │ │ └── Time.sol │ │ │ │ └── vendor │ │ │ │ │ └── compound │ │ │ │ │ ├── ICompoundTimelock.sol │ │ │ │ │ └── LICENSE │ │ │ │ ├── foundry.toml │ │ │ │ └── lib │ │ │ │ ├── erc4626-tests │ │ │ │ ├── ERC4626.prop.sol │ │ │ │ ├── ERC4626.test.sol │ │ │ │ ├── LICENSE │ │ │ │ └── README.md │ │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ └── ci.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ └── test.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ └── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ └── IERC721.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ └── Challenge.sol │ │ └── solve.py ├── ghost │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ └── Challenge.sol │ │ └── solve.py ├── hello-world │ └── README.md ├── hide-on-bush │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── .dockerignore │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── frontrun-bot │ │ ├── .gitignore │ │ ├── Cargo.lock │ │ ├── Cargo.toml │ │ ├── Dockerfile │ │ ├── daemon.py │ │ └── src │ │ │ ├── call_tracer.rs │ │ │ ├── frontrun_strategy.rs │ │ │ ├── main.rs │ │ │ ├── mempool_executor.rs │ │ │ └── utils.rs │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ ├── Exploit.sol │ │ │ │ ├── HoneyPot.sol │ │ │ │ ├── SafeClaimer.sol │ │ │ │ └── trigger.py │ │ └── src │ │ │ ├── AirdropDistributor.sol │ │ │ ├── Challenge.sol │ │ │ ├── FrontrunBot.sol │ │ │ └── IWETH.sol │ │ └── solve.py ├── jambo │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ └── Challenge.sol │ │ └── solve.py ├── ketai │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ ├── Challenge.sol │ │ │ ├── ERC20.sol │ │ │ ├── Ketai.sol │ │ │ ├── PancakeSwap │ │ │ ├── PancakeERC20.sol │ │ │ ├── PancakeFactory.sol │ │ │ ├── PancakePair.sol │ │ │ ├── PancakeRouter.sol │ │ │ ├── PancakeRouter01.sol │ │ │ ├── TransferHelper.sol │ │ │ ├── interfaces │ │ │ │ ├── IERC20.sol │ │ │ │ ├── IPancakeCallee.sol │ │ │ │ ├── IPancakeERC20.sol │ │ │ │ ├── IPancakeFactory.sol │ │ │ │ ├── IPancakeMigrator.sol │ │ │ │ ├── IPancakePair.sol │ │ │ │ ├── IPancakeRouter01.sol │ │ │ │ ├── IPancakeRouter02.sol │ │ │ │ └── IWETH.sol │ │ │ └── libraries │ │ │ │ ├── Babylonian.sol │ │ │ │ ├── Math.sol │ │ │ │ ├── PancakeLibrary.sol │ │ │ │ ├── SafeMath.sol │ │ │ │ ├── UQ112x112.sol │ │ │ │ └── WBNB.sol │ │ │ ├── USDC.sol │ │ │ └── USDT.sol │ │ └── solve.py ├── lockless-swap │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── README.md │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ ├── Challenge.sol │ │ │ ├── ERC20.sol │ │ │ └── LocklessPancakePair.sol │ │ └── solve.py ├── maze │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ ├── Challenge.sol │ │ │ └── Maze.yul │ │ └── solve.py ├── missing │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ └── Deploy.s.sol │ │ └── src │ │ │ └── Challenge.sol │ │ └── solve.py ├── rock-paper-scissor │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ │ ├── Dockerfile │ │ ├── Dockerfile.local │ │ ├── challenge.py │ │ ├── docker-compose.yml │ │ ├── project │ │ ├── .gitignore │ │ ├── foundry.toml │ │ ├── lib │ │ │ ├── forge-ctf │ │ │ │ └── src │ │ │ │ │ ├── CTFDeployer.sol │ │ │ │ │ └── CTFSolver.sol │ │ │ └── forge-std │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ ├── ci.yml │ │ │ │ │ └── sync.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── .gitmodules │ │ │ │ ├── LICENSE-APACHE │ │ │ │ ├── LICENSE-MIT │ │ │ │ ├── README.md │ │ │ │ ├── foundry.toml │ │ │ │ ├── lib │ │ │ │ └── ds-test │ │ │ │ │ ├── .github │ │ │ │ │ └── workflows │ │ │ │ │ │ └── build.yml │ │ │ │ │ ├── .gitignore │ │ │ │ │ ├── LICENSE │ │ │ │ │ ├── Makefile │ │ │ │ │ ├── default.nix │ │ │ │ │ ├── demo │ │ │ │ │ └── demo.sol │ │ │ │ │ ├── package.json │ │ │ │ │ └── src │ │ │ │ │ ├── test.sol │ │ │ │ │ └── test.t.sol │ │ │ │ ├── package.json │ │ │ │ ├── src │ │ │ │ ├── Base.sol │ │ │ │ ├── Script.sol │ │ │ │ ├── StdAssertions.sol │ │ │ │ ├── StdChains.sol │ │ │ │ ├── StdCheats.sol │ │ │ │ ├── StdError.sol │ │ │ │ ├── StdInvariant.sol │ │ │ │ ├── StdJson.sol │ │ │ │ ├── StdMath.sol │ │ │ │ ├── StdStorage.sol │ │ │ │ ├── StdStyle.sol │ │ │ │ ├── StdUtils.sol │ │ │ │ ├── Test.sol │ │ │ │ ├── Vm.sol │ │ │ │ ├── console.sol │ │ │ │ ├── console2.sol │ │ │ │ ├── interfaces │ │ │ │ │ ├── IERC1155.sol │ │ │ │ │ ├── IERC165.sol │ │ │ │ │ ├── IERC20.sol │ │ │ │ │ ├── IERC4626.sol │ │ │ │ │ ├── IERC721.sol │ │ │ │ │ └── IMulticall3.sol │ │ │ │ └── safeconsole.sol │ │ │ │ └── test │ │ │ │ ├── StdAssertions.t.sol │ │ │ │ ├── StdChains.t.sol │ │ │ │ ├── StdCheats.t.sol │ │ │ │ ├── StdError.t.sol │ │ │ │ ├── StdMath.t.sol │ │ │ │ ├── StdStorage.t.sol │ │ │ │ ├── StdStyle.t.sol │ │ │ │ ├── StdUtils.t.sol │ │ │ │ ├── Vm.t.sol │ │ │ │ ├── compilation │ │ │ │ ├── CompilationScript.sol │ │ │ │ ├── CompilationScriptBase.sol │ │ │ │ ├── CompilationTest.sol │ │ │ │ └── CompilationTestBase.sol │ │ │ │ └── fixtures │ │ │ │ └── broadcast.log.json │ │ ├── remappings.txt │ │ ├── script │ │ │ ├── Deploy.s.sol │ │ │ ├── Solve.s.sol │ │ │ └── exploit │ │ │ │ └── Exploit.sol │ │ └── src │ │ │ └── Challenge.sol │ │ └── solve.py └── tornado-crash │ ├── .challengeignore │ ├── README.md │ ├── challenge.yaml │ └── challenge │ ├── Dockerfile │ ├── Dockerfile.local │ ├── challenge.py │ ├── docker-compose.yml │ ├── project │ ├── .gitignore │ ├── foundry.toml │ ├── lib │ │ ├── forge-ctf │ │ │ └── src │ │ │ │ ├── CTFDeployer.sol │ │ │ │ └── CTFSolver.sol │ │ └── forge-std │ │ │ ├── .github │ │ │ └── workflows │ │ │ │ ├── ci.yml │ │ │ │ └── sync.yml │ │ │ ├── .gitignore │ │ │ ├── .gitmodules │ │ │ ├── LICENSE-APACHE │ │ │ ├── LICENSE-MIT │ │ │ ├── README.md │ │ │ ├── foundry.toml │ │ │ ├── lib │ │ │ └── ds-test │ │ │ │ ├── .github │ │ │ │ └── workflows │ │ │ │ │ └── build.yml │ │ │ │ ├── .gitignore │ │ │ │ ├── LICENSE │ │ │ │ ├── Makefile │ │ │ │ ├── default.nix │ │ │ │ ├── demo │ │ │ │ └── demo.sol │ │ │ │ ├── package.json │ │ │ │ └── src │ │ │ │ ├── test.sol │ │ │ │ └── test.t.sol │ │ │ ├── package.json │ │ │ ├── src │ │ │ ├── Base.sol │ │ │ ├── Script.sol │ │ │ ├── StdAssertions.sol │ │ │ ├── StdChains.sol │ │ │ ├── StdCheats.sol │ │ │ ├── StdError.sol │ │ │ ├── StdInvariant.sol │ │ │ ├── StdJson.sol │ │ │ ├── StdMath.sol │ │ │ ├── StdStorage.sol │ │ │ ├── StdStyle.sol │ │ │ ├── StdUtils.sol │ │ │ ├── Test.sol │ │ │ ├── Vm.sol │ │ │ ├── console.sol │ │ │ ├── console2.sol │ │ │ ├── interfaces │ │ │ │ ├── IERC1155.sol │ │ │ │ ├── IERC165.sol │ │ │ │ ├── IERC20.sol │ │ │ │ ├── IERC4626.sol │ │ │ │ ├── IERC721.sol │ │ │ │ └── IMulticall3.sol │ │ │ └── safeconsole.sol │ │ │ └── test │ │ │ ├── StdAssertions.t.sol │ │ │ ├── StdChains.t.sol │ │ │ ├── StdCheats.t.sol │ │ │ ├── StdError.t.sol │ │ │ ├── StdMath.t.sol │ │ │ ├── StdStorage.t.sol │ │ │ ├── StdStyle.t.sol │ │ │ ├── StdUtils.t.sol │ │ │ ├── Vm.t.sol │ │ │ ├── compilation │ │ │ ├── CompilationScript.sol │ │ │ ├── CompilationScriptBase.sol │ │ │ ├── CompilationTest.sol │ │ │ └── CompilationTestBase.sol │ │ │ └── fixtures │ │ │ └── broadcast.log.json │ ├── remappings.txt │ ├── script │ │ ├── Deploy.s.sol │ │ ├── Solve.s.sol │ │ └── exploit │ │ │ └── Exploit.sol │ └── src │ │ ├── Challenge.sol │ │ ├── MerkelTree.sol.i-dont-want-it-to-compile │ │ ├── Miximus.sol.i-dont-want-it-to-compile │ │ ├── Pairing.sol.i-dont-want-it-to-compile │ │ └── Verifier.sol.i-dont-want-it-to-compile │ └── solve.py ├── infrastructure ├── .gitignore ├── README.md ├── forge-ctf │ └── src │ │ ├── CTFDeployer.sol │ │ └── CTFSolver.sol ├── kctf-challenge │ ├── Dockerfile │ ├── kctf_persist_env │ ├── kctf_restore_env │ └── nsjail.cfg ├── kubernetes │ ├── ctf-server.yaml │ └── easy-ticket.yaml └── paradigmctf.py │ ├── .dockerignore │ ├── .gitignore │ ├── Dockerfile │ ├── ctf_launchers │ ├── __init__.py │ ├── daemon.py │ ├── koth_launcher.py │ ├── launcher.py │ ├── pwn_launcher.py │ ├── score_submitter.py │ ├── team_provider.py │ └── utils.py │ ├── ctf_server │ ├── __init__.py │ ├── anvil_proxy.py │ ├── backends │ │ ├── __init__.py │ │ ├── backend.py │ │ ├── docker_backend.py │ │ └── kubernetes_backend.py │ ├── databases │ │ ├── __init__.py │ │ ├── database.py │ │ ├── redisdb.py │ │ └── sqlitedb.py │ ├── easy_ticket.py │ ├── http_proxy.py │ ├── orchestrator.py │ ├── types │ │ └── __init__.py │ └── utils.py │ ├── ctf_solvers │ ├── __init__.py │ ├── koth_solver.py │ ├── pwn_solver.py │ ├── solver.py │ └── utils.py │ ├── docker-compose.yml │ ├── foundry │ ├── __init__.py │ └── anvil.py │ ├── requirements.txt │ └── setup.py └── solutions ├── be-billionaire-today.md ├── cup-of-tea ├── README.md └── solution.py ├── eazy-nft.md ├── hello-world.md ├── hide-on-bush.md ├── jambo └── Solution.t.sol ├── ketai ├── README.md └── Solution.t.sol ├── lockless-swap ├── README.md └── Solution.t.sol ├── maze ├── README.md └── Solution.t.sol ├── missing ├── Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70 │ ├── Untitled 1.png │ ├── Untitled 2.png │ ├── Untitled 3.png │ ├── Untitled 4.png │ └── Untitled.png ├── README.md ├── Solution.t.sol └── tidy.py ├── rock-paper-scissor.md ├── saluting-ducks.md └── tornado-crash.md /challenges/.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | /artifacts/**/* -------------------------------------------------------------------------------- /challenges/be-billionaire-today/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: be-billionaire-today 5 | annotations: 6 | type: PWN 7 | name: Be biLLionAireS Today 8 | description: "" 9 | author: "shouc" 10 | tags: "pwn" 11 | flag: "blaz{C0ngr6t3_yOu_aR3_a1m0s7_Bi11iona1r3s$$$}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | # TIP: disable the healthcheck during development 19 | enabled: false 20 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | environment: 11 | - ETH_RPC_URL=https://mainnet.infura.io/v3/a5d448ae5f454f1488d667b98b9963ec 12 | expose: 13 | - 1337 14 | ports: 15 | - "1337:1337" 16 | networks: 17 | - ctf_network 18 | 19 | networks: 20 | ctf_network: 21 | name: paradigmctf 22 | external: true -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge(player)); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge immutable challenge; 8 | 9 | constructor(Challenge chal) payable { 10 | challenge = Challenge(chal); 11 | } 12 | 13 | function exploit() external { 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/project/src/Challenge.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.23; 3 | 4 | interface IERC20 { 5 | function balanceOf(address account) external view returns (uint256); 6 | } 7 | 8 | contract Challenge { 9 | IERC20 stETH = IERC20(0xae7ab96520DE3A18E5e111B5EaAb095312D7fE84); 10 | 11 | constructor(address) {} 12 | 13 | function isSolved() public view returns (bool) { 14 | return stETH.balanceOf(address(this)) >= 260000 ether; 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/be-billionaire-today/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/cup-of-tea/Move.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "cup-of-tea" 3 | version = "0.0.0" 4 | 5 | [dependencies] 6 | Sui = { git = "https://github.com/MystenLabs/sui.git", subdir = "crates/sui-framework/packages/sui-framework", rev = "299cbeafbb6aa5601e08f00ac24bd647c61a63e2" } 7 | 8 | [addresses] 9 | std = "0x1" 10 | sui = "0x2" -------------------------------------------------------------------------------- /challenges/cup-of-tea/README.md: -------------------------------------------------------------------------------- 1 | ## Build and Test 2 | 3 | ```bash 4 | # Install sui move 5 | cargo install --locked --git https://github.com/MystenLabs/sui.git --branch testnet sui 6 | sui move test 7 | ``` -------------------------------------------------------------------------------- /challenges/cup-of-tea/tests/Cupof7eaTest.move: -------------------------------------------------------------------------------- 1 | module 0x7ea::Cupof7eaTest { 2 | use 0x7ea::Cupof7ea::check_flag; 3 | #[test] 4 | fun test_check_flag() { 5 | assert!(check_flag(b"blaz{I7_Mu57_b3_yOur_Cup_oF_TEA}"), 255); 6 | assert!(false == check_flag(b"blaz{I7_Mu57_b3_yOur_Cup_oF_TEA?"), 255); 7 | } 8 | #[test] 9 | #[expected_failure] 10 | fun test_invalid_length() { 11 | assert!(false == check_flag(b"hello world"), 255); 12 | } 13 | } -------------------------------------------------------------------------------- /challenges/cup-of-tea/to-players/Cupof7ea.mv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/cup-of-tea/to-players/Cupof7ea.mv -------------------------------------------------------------------------------- /challenges/ducks/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/ducks/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: ducks 5 | annotations: 6 | type: PWN 7 | name: Saluting Ducks 8 | description: "This is an example description" 9 | author: "shouc" 10 | tags: "pwn" 11 | flag: "blaz{duc7_p00p_1s_7h3_b3s7_p00p}" 12 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/ducks/challenge/README.md: -------------------------------------------------------------------------------- 1 | Running the challenge locally: 2 | 3 | Assuming you have Foundry and Node.js installed, you can run the challenge locally with the following commands: 4 | ``` 5 | # start an anvil instance 6 | anvil & 7 | 8 | # use the default private key (the challenge does not use this key) 9 | export PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 10 | 11 | # deploy the challenge 12 | cd project && forge create Challenge --private-key $PRIVATE_KEY && cd .. 13 | 14 | # start the agents 15 | cd agents 16 | npm install 17 | DUCK_ADDRESS={the deployed contract address} node index.js 18 | ``` 19 | 20 | Then, the chain shall be up at `http://localhost:8545` and the web interface at `http://localhost:3000`. -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:latest AS foundry 2 | 3 | FROM node:18-alpine 4 | 5 | RUN apk add --no-cache python3 py3-pip make g++ git 6 | RUN pip3 install flask 7 | 8 | RUN mkdir /agents 9 | COPY package.json /agents 10 | WORKDIR /agents 11 | RUN npm install 12 | 13 | COPY . /agents 14 | 15 | COPY --from=foundry /usr/local/bin/anvil /usr/local/bin/anvil-bin 16 | COPY anvil /usr/local/bin/anvil 17 | RUN chmod +x /usr/local/bin/anvil 18 | RUN chmod +x /usr/local/bin/anvil-bin 19 | 20 | RUN apk add --no-cache bash 21 | 22 | EXPOSE 5000 23 | EXPOSE 80 24 | 25 | WORKDIR / -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/abi/Context.abi: -------------------------------------------------------------------------------- 1 | [] -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/abi/Ownable.abi: -------------------------------------------------------------------------------- 1 | [{"inputs":[],"stateMutability":"nonpayable","type":"constructor"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"address","name":"previousOwner","type":"address"},{"indexed":true,"internalType":"address","name":"newOwner","type":"address"}],"name":"OwnershipTransferred","type":"event"},{"inputs":[],"name":"owner","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[],"name":"renounceOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"newOwner","type":"address"}],"name":"transferOwnership","outputs":[],"stateMutability":"nonpayable","type":"function"}] -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/abi/bad.json: -------------------------------------------------------------------------------- 1 | [] -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/anvil: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cd /agents && python3 initializer.py & 4 | 5 | /usr/local/bin/anvil-bin "$@" -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/anvil-bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/anvil-bin -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/barn2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/barn2.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck0.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck0.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck1.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck10.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck11.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck12.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck12.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck2.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck3.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck4.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck5.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck6.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck7.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck8.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck8.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/duck9.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/duck9.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/earth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/earth.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/earth2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/earth2.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/gift.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/gift.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/frontend/poop.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/challenges/ducks/challenge/agents/frontend/poop.png -------------------------------------------------------------------------------- /challenges/ducks/challenge/agents/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ducks-backend", 3 | "version": "1.0.0", 4 | "description": "Backend for saluting ducks", 5 | "main": "index.js", 6 | "scripts": { 7 | "test": "echo \"Error: no test specified\" && exit 1" 8 | }, 9 | "author": "", 10 | "license": "ISC", 11 | "dependencies": { 12 | "@zoltu/ethereum-abi-encoder": "^5.0.4", 13 | "@zoltu/ethereum-types": "^9.0.4", 14 | "ethers": "^6.8.1", 15 | "express": "^4.18.2", 16 | "viem": "^1.19.9", 17 | "web3": "^4.2.2" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | networks: 17 | ctf_network: 18 | name: paradigmctf 19 | external: true -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge()); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge private immutable CHALLENGE; 8 | 9 | constructor(Challenge challenge) { 10 | CHALLENGE = challenge; 11 | } 12 | 13 | function exploit() external { 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ducks/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/eazy-nft/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: eazy-nft 5 | annotations: 6 | type: PWN 7 | name: Eazy NFT 8 | description: "NFT market is slowly booming and Tony's friends are showing off their NFT holdings. Tony has finally whitelisted a NFT project, he's anxiously waiting for minting his first NFT." 9 | author: "0xAWM" 10 | tags: "Solidity" 11 | flag: "blaz{e1111zzzzzzzzzz2zzzzzzzz22z2zz}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | networks: 17 | ctf_network: 18 | name: paradigmctf 19 | external: true -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = 9 | vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 10 | address challenge = vm.envAddress("CHALLENGE"); 11 | 12 | vm.startBroadcast(playerPrivateKey); 13 | 14 | solve(challenge, vm.addr(playerPrivateKey)); 15 | 16 | vm.stopBroadcast(); 17 | } 18 | 19 | function solve(address challenge, address player) internal virtual; 20 | } 21 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/forge-std"] 2 | branch = v1 3 | path = lib/forge-std 4 | url = https://github.com/foundry-rs/forge-std 5 | [submodule "lib/erc4626-tests"] 6 | path = lib/erc4626-tests 7 | url = https://github.com/a16z/erc4626-tests.git 8 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/access/manager/IAuthority.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (access/manager/IAuthority.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | /** 7 | * @dev Standard interface for permissioning originally defined in Dappsys. 8 | */ 9 | interface IAuthority { 10 | /** 11 | * @dev Returns true if the caller can invoke on a target the function identified by a function selector. 12 | */ 13 | function canCall(address caller, address target, bytes4 selector) external view returns (bool allowed); 14 | } 15 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/finance/README.adoc: -------------------------------------------------------------------------------- 1 | = Finance 2 | 3 | [.readme-notice] 4 | NOTE: This document is better viewed at https://docs.openzeppelin.com/contracts/api/finance 5 | 6 | This directory includes primitives for financial systems: 7 | 8 | - {VestingWallet} handles the vesting of Ether and ERC-20 tokens for a given beneficiary. Custody of multiple tokens can 9 | be given to this contract, which will release the token to the beneficiary following a given, customizable, vesting 10 | schedule. 11 | 12 | == Contracts 13 | 14 | {{VestingWallet}} 15 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC1155.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1155.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC1155} from "../token/ERC1155/IERC1155.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC1155MetadataURI.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1155MetadataURI.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC1155MetadataURI} from "../token/ERC1155/extensions/IERC1155MetadataURI.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC1155Receiver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC1155Receiver.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC1155Receiver} from "../token/ERC1155/IERC1155Receiver.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC165.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC165} from "../utils/introspection/IERC165.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC20.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC20.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC20} from "../token/ERC20/IERC20.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC20Metadata.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC20Metadata.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC20Metadata} from "../token/ERC20/extensions/IERC20Metadata.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC2309.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC2309.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | /** 7 | * @dev ERC-2309: ERC-721 Consecutive Transfer Extension. 8 | */ 9 | interface IERC2309 { 10 | /** 11 | * @dev Emitted when the tokens from `fromTokenId` to `toTokenId` are transferred from `fromAddress` to `toAddress`. 12 | */ 13 | event ConsecutiveTransfer( 14 | uint256 indexed fromTokenId, 15 | uint256 toTokenId, 16 | address indexed fromAddress, 17 | address indexed toAddress 18 | ); 19 | } 20 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC2612.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC2612.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC20Permit} from "../token/ERC20/extensions/IERC20Permit.sol"; 7 | 8 | interface IERC2612 is IERC20Permit {} 9 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC3156.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC3156.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC3156FlashBorrower} from "./IERC3156FlashBorrower.sol"; 7 | import {IERC3156FlashLender} from "./IERC3156FlashLender.sol"; 8 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC5313.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC5313.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | /** 7 | * @dev Interface for the Light Contract Ownership Standard. 8 | * 9 | * A standardized minimal interface required to identify an account that controls a contract 10 | */ 11 | interface IERC5313 { 12 | /** 13 | * @dev Gets the address of the owner. 14 | */ 15 | function owner() external view returns (address); 16 | } 17 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC5805.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC5805.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IVotes} from "../governance/utils/IVotes.sol"; 7 | import {IERC6372} from "./IERC6372.sol"; 8 | 9 | interface IERC5805 is IERC6372, IVotes {} 10 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC6372.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC6372.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | interface IERC6372 { 7 | /** 8 | * @dev Clock used for flagging checkpoints. Can be overridden to implement timestamp based checkpoints (and voting). 9 | */ 10 | function clock() external view returns (uint48); 11 | 12 | /** 13 | * @dev Description of the clock 14 | */ 15 | // solhint-disable-next-line func-name-mixedcase 16 | function CLOCK_MODE() external view returns (string memory); 17 | } 18 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC721.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC721.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC721} from "../token/ERC721/IERC721.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC721Enumerable.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC721Enumerable.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC721Enumerable} from "../token/ERC721/extensions/IERC721Enumerable.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC721Metadata.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC721Metadata.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC721Metadata} from "../token/ERC721/extensions/IERC721Metadata.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/interfaces/IERC721Receiver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (interfaces/IERC721Receiver.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | import {IERC721Receiver} from "../token/ERC721/IERC721Receiver.sol"; 7 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/metatx/README.adoc: -------------------------------------------------------------------------------- 1 | = Meta Transactions 2 | 3 | [.readme-notice] 4 | NOTE: This document is better viewed at https://docs.openzeppelin.com/contracts/api/metatx 5 | 6 | == Core 7 | 8 | {{ERC2771Context}} 9 | 10 | == Utils 11 | 12 | {{ERC2771Forwarder}} 13 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/ERC165/ERC165MaliciousData.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | contract ERC165MaliciousData { 6 | function supportsInterface(bytes4) public pure returns (bool) { 7 | assembly { 8 | mstore(0, 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff) 9 | return(0, 32) 10 | } 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/ERC165/ERC165MissingData.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | contract ERC165MissingData { 6 | function supportsInterface(bytes4 interfaceId) public view {} // missing return 7 | } 8 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/ERC165/ERC165NotSupported.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | contract ERC165NotSupported {} 6 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/ERC165/ERC165ReturnBomb.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {IERC165} from "../../utils/introspection/IERC165.sol"; 6 | 7 | contract ERC165ReturnBombMock is IERC165 { 8 | function supportsInterface(bytes4 interfaceId) public pure override returns (bool) { 9 | if (interfaceId == type(IERC165).interfaceId) { 10 | assembly { 11 | mstore(0, 1) 12 | } 13 | } 14 | assembly { 15 | return(0, 101500) 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/EtherReceiverMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | contract EtherReceiverMock { 6 | bool private _acceptEther; 7 | 8 | function setAcceptEther(bool acceptEther) public { 9 | _acceptEther = acceptEther; 10 | } 11 | 12 | receive() external payable { 13 | if (!_acceptEther) { 14 | revert(); 15 | } 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/ReentrancyAttack.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {Context} from "../utils/Context.sol"; 6 | 7 | contract ReentrancyAttack is Context { 8 | function callSender(bytes calldata data) public { 9 | (bool success, ) = _msgSender().call(data); 10 | require(success, "ReentrancyAttack: failed call"); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/docs/ERC20WithAutoMinerReward.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC20} from "../../token/ERC20/ERC20.sol"; 6 | 7 | contract ERC20WithAutoMinerReward is ERC20 { 8 | constructor() ERC20("Reward", "RWD") { 9 | _mintMinerReward(); 10 | } 11 | 12 | function _mintMinerReward() internal { 13 | _mint(block.coinbase, 1000); 14 | } 15 | 16 | function _update(address from, address to, uint256 value) internal virtual override { 17 | if (!(from == address(0) && to == block.coinbase)) { 18 | _mintMinerReward(); 19 | } 20 | super._update(from, to, value); 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/docs/access-control/MyContractOwnable.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {Ownable} from "../../../access/Ownable.sol"; 6 | 7 | contract MyContract is Ownable { 8 | constructor(address initialOwner) Ownable(initialOwner) {} 9 | 10 | function normalThing() public { 11 | // anyone can call this normalThing() 12 | } 13 | 14 | function specialThing() public onlyOwner { 15 | // only the owner can call specialThing()! 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/proxy/BadBeacon.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | contract BadBeaconNoImpl {} 6 | 7 | contract BadBeaconNotContract { 8 | function implementation() external pure returns (address) { 9 | return address(0x1); 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/proxy/ClashingImplementation.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | /** 6 | * @dev Implementation contract with a payable changeAdmin(address) function made to clash with 7 | * TransparentUpgradeableProxy's to test correct functioning of the Transparent Proxy feature. 8 | */ 9 | contract ClashingImplementation { 10 | event ClashingImplementationCall(); 11 | 12 | function upgradeToAndCall(address, bytes calldata) external payable { 13 | emit ClashingImplementationCall(); 14 | } 15 | 16 | function delegatedFunction() external pure returns (bool) { 17 | return true; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC20ApprovalMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.20; 3 | 4 | import {ERC20} from "../../token/ERC20/ERC20.sol"; 5 | 6 | abstract contract ERC20ApprovalMock is ERC20 { 7 | function _approve(address owner, address spender, uint256 amount, bool) internal virtual override { 8 | super._approve(owner, spender, amount, true); 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC20DecimalsMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC20} from "../../token/ERC20/ERC20.sol"; 6 | 7 | abstract contract ERC20DecimalsMock is ERC20 { 8 | uint8 private immutable _decimals; 9 | 10 | constructor(uint8 decimals_) { 11 | _decimals = decimals_; 12 | } 13 | 14 | function decimals() public view override returns (uint8) { 15 | return _decimals; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC20ExcessDecimalsMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | contract ERC20ExcessDecimalsMock { 6 | function decimals() public pure returns (uint256) { 7 | return type(uint256).max; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC20ForceApproveMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC20} from "../../token/ERC20/ERC20.sol"; 6 | 7 | // contract that replicate USDT (0xdac17f958d2ee523a2206206994597c13d831ec7) approval behavior 8 | abstract contract ERC20ForceApproveMock is ERC20 { 9 | function approve(address spender, uint256 amount) public virtual override returns (bool) { 10 | require(amount == 0 || allowance(msg.sender, spender) == 0, "USDT approval failure"); 11 | return super.approve(spender, amount); 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC20Mock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.20; 3 | 4 | import {ERC20} from "../../token/ERC20/ERC20.sol"; 5 | 6 | contract ERC20Mock is ERC20 { 7 | constructor() ERC20("ERC20Mock", "E20M") {} 8 | 9 | function mint(address account, uint256 amount) external { 10 | _mint(account, amount); 11 | } 12 | 13 | function burn(address account, uint256 amount) external { 14 | _burn(account, amount); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC20MulticallMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC20} from "../../token/ERC20/ERC20.sol"; 6 | import {Multicall} from "../../utils/Multicall.sol"; 7 | 8 | abstract contract ERC20MulticallMock is ERC20, Multicall {} 9 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC20ReturnFalseMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC20} from "../../token/ERC20/ERC20.sol"; 6 | 7 | abstract contract ERC20ReturnFalseMock is ERC20 { 8 | function transfer(address, uint256) public pure override returns (bool) { 9 | return false; 10 | } 11 | 12 | function transferFrom(address, address, uint256) public pure override returns (bool) { 13 | return false; 14 | } 15 | 16 | function approve(address, uint256) public pure override returns (bool) { 17 | return false; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC4626LimitsMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC4626} from "../../token/ERC20/extensions/ERC4626.sol"; 6 | 7 | abstract contract ERC4626LimitsMock is ERC4626 { 8 | uint256 _maxDeposit; 9 | uint256 _maxMint; 10 | 11 | constructor() { 12 | _maxDeposit = 100 ether; 13 | _maxMint = 100 ether; 14 | } 15 | 16 | function maxDeposit(address) public view override returns (uint256) { 17 | return _maxDeposit; 18 | } 19 | 20 | function maxMint(address) public view override returns (uint256) { 21 | return _maxMint; 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC4626Mock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.20; 3 | 4 | import {IERC20, ERC20} from "../../token/ERC20/ERC20.sol"; 5 | import {ERC4626} from "../../token/ERC20/extensions/ERC4626.sol"; 6 | 7 | contract ERC4626Mock is ERC4626 { 8 | constructor(address underlying) ERC20("ERC4626Mock", "E4626M") ERC4626(IERC20(underlying)) {} 9 | 10 | function mint(address account, uint256 amount) external { 11 | _mint(account, amount); 12 | } 13 | 14 | function burn(address account, uint256 amount) external { 15 | _burn(account, amount); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC4626OffsetMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC4626} from "../../token/ERC20/extensions/ERC4626.sol"; 6 | 7 | abstract contract ERC4626OffsetMock is ERC4626 { 8 | uint8 private immutable _offset; 9 | 10 | constructor(uint8 offset_) { 11 | _offset = offset_; 12 | } 13 | 14 | function _decimalsOffset() internal view virtual override returns (uint8) { 15 | return _offset; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/mocks/token/ERC721URIStorageMock.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | 3 | pragma solidity ^0.8.20; 4 | 5 | import {ERC721URIStorage} from "../../token/ERC721/extensions/ERC721URIStorage.sol"; 6 | 7 | abstract contract ERC721URIStorageMock is ERC721URIStorage { 8 | string private _baseTokenURI; 9 | 10 | function _baseURI() internal view virtual override returns (string memory) { 11 | return _baseTokenURI; 12 | } 13 | 14 | function setBaseURI(string calldata newBaseTokenURI) public { 15 | _baseTokenURI = newBaseTokenURI; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/proxy/beacon/IBeacon.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | // OpenZeppelin Contracts (last updated v5.0.0) (proxy/beacon/IBeacon.sol) 3 | 4 | pragma solidity ^0.8.20; 5 | 6 | /** 7 | * @dev This is the interface that {BeaconProxy} expects of its beacon. 8 | */ 9 | interface IBeacon { 10 | /** 11 | * @dev Must return an address that can be used as a delegate call target. 12 | * 13 | * {UpgradeableBeacon} will check that this address is a contract. 14 | */ 15 | function implementation() external view returns (address); 16 | } 17 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/contracts/token/common/README.adoc: -------------------------------------------------------------------------------- 1 | = Common (Tokens) 2 | 3 | Functionality that is common to multiple token standards. 4 | 5 | * {ERC2981}: NFT Royalties compatible with both ERC-721 and ERC-1155. 6 | ** For ERC-721 consider {ERC721Royalty} which clears the royalty information from storage on burn. 7 | 8 | == Contracts 9 | 10 | {{ERC2981}} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = 'contracts' 3 | out = 'out' 4 | libs = ['node_modules', 'lib'] 5 | test = 'test' 6 | cache_path = 'cache_forge' 7 | 8 | [fuzz] 9 | runs = 10000 10 | max_test_rejects = 150000 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.2.0", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/lib/openzeppelin-contracts/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | @openzeppelin=./lib/openzeppelin-contracts/contracts/ -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge(player)); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge private immutable CHALLENGE; 8 | 9 | constructor(Challenge challenge) { 10 | CHALLENGE = challenge; 11 | } 12 | 13 | function exploit() external { 14 | CHALLENGE.solve(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/eazy-nft/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/ghost/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/ghost/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: ghost 5 | annotations: 6 | type: PWN 7 | name: Ghost 8 | description: "Memory cannot be defined, yet it defines mankind" 9 | author: "Robert Chen (OtterSec) @notdeghost" 10 | tags: "pwn" 11 | flag: "blaz{gh0st_w1th_th3_sh3ll_81c9aj}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | # TIP: disable the healthcheck during development 19 | enabled: false 20 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/ghost/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() -------------------------------------------------------------------------------- /challenges/ghost/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | 17 | networks: 18 | ctf_network: 19 | name: paradigmctf 20 | external: true -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge(player)); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.20; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge immutable challenge; 8 | 9 | constructor(Challenge chal) payable { 10 | challenge = Challenge(chal); 11 | } 12 | 13 | function exploit() external {} 14 | } 15 | -------------------------------------------------------------------------------- /challenges/ghost/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/hello-world/README.md: -------------------------------------------------------------------------------- 1 | Tony heard about Ethereum and decided to explore. Soon, he discovered an interesting transaction: 2 | 3 | 0xe19bd1067cbdc46d6fdb8b374e3ca384c32fd88e1413a9434e03c36b36924877 -------------------------------------------------------------------------------- /challenges/hide-on-bush/.challengeignore: -------------------------------------------------------------------------------- 1 | frontrun-bot/target/* 2 | frontrun-bot/**/*.rs.bk 3 | frontrun-bot/*.pdb 4 | frontrun-bot/.idea/* 5 | 6 | project/cache/* 7 | project/out/* 8 | project/broadcast/* 9 | 10 | solve.py 11 | project/script/Solve.s.sol 12 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: hide-on-bush 5 | annotations: 6 | type: PWN 7 | name: Hide on Bush 8 | description: "Being in the dark forest, bots in the bush are watching you and waiting for your mistake." 9 | author: "tonyke-bot" 10 | tags: "pwn" 11 | flag: "blaz{m3V_p0w3r_1s_4w3s0m3}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/.dockerignore: -------------------------------------------------------------------------------- 1 | frontrun-bot -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | environment: 11 | TIMEOUT: 1888888888 12 | expose: 13 | - 1337 14 | ports: 15 | - "1337:1337" 16 | networks: 17 | - ctf_network 18 | networks: 19 | ctf_network: 20 | name: paradigmctf 21 | external: true -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/frontrun-bot/.gitignore: -------------------------------------------------------------------------------- 1 | debug/ 2 | target/ 3 | 4 | **/*.rs.bk 5 | *.pdb 6 | 7 | .idea 8 | .vscode 9 | logs/ 10 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/frontrun-bot/Dockerfile: -------------------------------------------------------------------------------- 1 | # ----------------- Bot Builder 2 | FROM rust:1.74-slim AS rust-builder 3 | WORKDIR /builder 4 | 5 | RUN apt-get update; apt-get install -y clang pkg-config build-essential libssl-dev 6 | 7 | COPY Cargo.toml Cargo.lock ./ 8 | COPY src/ ./src/ 9 | RUN cargo build --release 10 | 11 | # ----------------- Runtime 12 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 13 | 14 | COPY daemon.py /home/user/ 15 | COPY --from=rust-builder /builder/target/release/frontrun-bot /home/user/ 16 | 17 | CMD ["python3", "-u", "/home/user/daemon.py"] -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge private immutable CHALLENGE; 8 | 9 | constructor(Challenge challenge) { 10 | CHALLENGE = challenge; 11 | } 12 | 13 | function exploit() external { 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/project/src/IWETH.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.20; 3 | 4 | interface IWETH { 5 | function balanceOf(address account) external view returns (uint256); 6 | function totalSupply() external view returns (uint256); 7 | function allowance(address owner, address spender) external view returns (uint256); 8 | 9 | function transfer(address recipient, uint256 amount) external returns (bool); 10 | function transferFrom(address sender, address recipient, uint256 amount) external returns (bool); 11 | function approve(address spender, uint256 amount) external returns (bool); 12 | 13 | function deposit() external payable; 14 | function withdraw(uint256 amount) external; 15 | } 16 | -------------------------------------------------------------------------------- /challenges/hide-on-bush/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/jambo/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/jambo/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: jambo 5 | annotations: 6 | type: PWN 7 | name: Jambo 8 | description: "Play to earn." 9 | author: "publicqi" 10 | tags: "pwn" 11 | flag: "blaz{700_m4ny_4dm1ns_i_supp0s3}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/jambo/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() -------------------------------------------------------------------------------- /challenges/jambo/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | 17 | networks: 18 | ctf_network: 19 | name: paradigmctf 20 | external: true -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | evm_version = "shanghai" 7 | fs_permissions = [{ access = 'read-write', path = '/'}] 8 | 9 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 10 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge{value: 25 ether}()); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.20; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge immutable challenge; 8 | 9 | constructor(Challenge chal) payable { 10 | challenge = Challenge(chal); 11 | } 12 | 13 | function exploit() external {} 14 | } 15 | -------------------------------------------------------------------------------- /challenges/jambo/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/ketai/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/ketai/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: ketai 5 | annotations: 6 | type: PWN 7 | name: 科太币 8 | description: "The Ketai Token (KT) is a cutting-edge digital currency built on the Binance Smart Chain, known for its state-of-the-art features and commitment to sustainability and decentralized finance." 9 | author: "shouc" 10 | tags: "pwn" 11 | flag: "blaz{D0nt_bUy_sh1T_c0ln:((((}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | # TIP: disable the healthcheck during development 19 | enabled: false 20 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/ketai/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() -------------------------------------------------------------------------------- /challenges/ketai/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | 17 | networks: 18 | ctf_network: 19 | name: paradigmctf 20 | external: true -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | via_ir = true 7 | fs_permissions = [{ access = 'read-write', path = '/'}] 8 | 9 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 10 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | // deploy pancakeswap factory and router 13 | PancakeFactory factory = new PancakeFactory(address(this)); 14 | PancakeRouter router = new PancakeRouter(address(factory), address(0)); 15 | 16 | challenge = address(new Challenge(factory, router)); 17 | 18 | vm.stopBroadcast(); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.20; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge immutable challenge; 8 | 9 | constructor(Challenge chal) payable { 10 | challenge = Challenge(chal); 11 | } 12 | 13 | function exploit() external { 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/src/PancakeSwap/interfaces/IPancakeCallee.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-3.0 2 | pragma solidity ^0.8.20; 3 | 4 | interface IPancakeCallee { 5 | function pancakeCall( 6 | address sender, 7 | uint256 amount0, 8 | uint256 amount1, 9 | bytes calldata data 10 | ) external; 11 | } 12 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/src/PancakeSwap/interfaces/IPancakeMigrator.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-3.0 2 | pragma solidity ^0.8.20; 3 | 4 | interface IPancakeMigrator { 5 | function migrate( 6 | address token, 7 | uint256 amountTokenMin, 8 | uint256 amountETHMin, 9 | address to, 10 | uint256 deadline 11 | ) external; 12 | } 13 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/src/PancakeSwap/interfaces/IWETH.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-3.0 2 | pragma solidity ^0.8.20; 3 | 4 | interface IWETH { 5 | function deposit() external payable; 6 | 7 | function transfer(address to, uint256 value) external returns (bool); 8 | 9 | function withdraw(uint256) external; 10 | } 11 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/src/PancakeSwap/libraries/SafeMath.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-3.0 2 | pragma solidity ^0.8.20; 3 | 4 | // a library for performing overflow-safe math, courtesy of DappHub (https://github.com/dapphub/ds-math) 5 | 6 | library SafeMath { 7 | function add(uint256 x, uint256 y) internal pure returns (uint256 z) { 8 | require((z = x + y) >= x, "ds-math-add-overflow"); 9 | } 10 | 11 | function sub(uint256 x, uint256 y) internal pure returns (uint256 z) { 12 | require((z = x - y) <= x, "ds-math-sub-underflow"); 13 | } 14 | 15 | function mul(uint256 x, uint256 y) internal pure returns (uint256 z) { 16 | require(y == 0 || (z = x * y) / y == x, "ds-math-mul-overflow"); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/src/PancakeSwap/libraries/UQ112x112.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-3.0 2 | pragma solidity ^0.8.20; 3 | 4 | // a library for handling binary fixed point numbers (https://en.wikipedia.org/wiki/Q_(number_format)) 5 | 6 | // range: [0, 2**112 - 1] 7 | // resolution: 1 / 2**112 8 | 9 | library UQ112x112 { 10 | uint224 constant Q112 = 2**112; 11 | 12 | // encode a uint112 as a UQ112x112 13 | function encode(uint112 y) internal pure returns (uint224 z) { 14 | z = uint224(y) * Q112; // never overflows 15 | } 16 | 17 | // divide a UQ112x112 by a uint112, returning a UQ112x112 18 | function uqdiv(uint224 x, uint112 y) internal pure returns (uint224 z) { 19 | z = x / uint224(y); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/src/USDC.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.20; 3 | 4 | import "./ERC20.sol"; 5 | 6 | contract USDC is ERC20, Ownable { 7 | constructor() ERC20("USDC", "USDC") { 8 | _mint(msg.sender, 10000000 * 1e18); 9 | } 10 | } -------------------------------------------------------------------------------- /challenges/ketai/challenge/project/src/USDT.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.20; 3 | 4 | import "./ERC20.sol"; 5 | 6 | contract USDT is ERC20, Ownable { 7 | constructor() ERC20("USDT", "USDT") { 8 | _mint(msg.sender, 10000000 * 1e18); 9 | } 10 | } -------------------------------------------------------------------------------- /challenges/ketai/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/lockless-swap/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: lockless-swap 5 | annotations: 6 | type: PWN 7 | name: Lockless Swap 8 | description: "No one likes locking (pun intended) in Pancakeswap, so we removed it. " 9 | author: "shouc" 10 | tags: "pwn" 11 | flag: "blaz{p4N(akE3waP!!!_r3En7r4ncy=%}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | # TIP: disable the healthcheck during development 19 | enabled: false 20 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | 17 | networks: 18 | ctf_network: 19 | name: paradigmctf 20 | external: true -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/README.md: -------------------------------------------------------------------------------- 1 | # Lockless Swap 2 | 3 | No one likes locking (pun intended) in Pancakeswap, so we removed it. -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge(player)); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.20; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge immutable challenge; 8 | 9 | constructor(Challenge chal) payable { 10 | challenge = Challenge(chal); 11 | } 12 | 13 | function exploit() external { 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/lockless-swap/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/maze/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/maze/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: maze 5 | annotations: 6 | type: PWN 7 | name: Maze 8 | description: "Eat the fruit." 9 | author: "publicqi" 10 | tags: "EVM" 11 | flag: "blaz{ju5t_4_q1tcode_2_esc4pe}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | enabled: false 19 | -------------------------------------------------------------------------------- /challenges/maze/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/maze/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() 13 | -------------------------------------------------------------------------------- /challenges/maze/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | networks: 17 | ctf_network: 18 | name: paradigmctf 19 | external: true -------------------------------------------------------------------------------- /challenges/maze/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/maze/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | evm_version = "shanghai" 7 | fs_permissions = [{ access = 'read-write', path = '/'}] 8 | 9 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 10 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge()); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/maze/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge private immutable CHALLENGE; 8 | 9 | constructor(Challenge challenge) { 10 | CHALLENGE = challenge; 11 | } 12 | 13 | function exploit() external { 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/maze/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/missing/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/missing/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: missing 5 | annotations: 6 | type: PWN 7 | name: Missing 8 | description: "Tony is dizzy by Web3's various projects and technologies. He needs to clear his veins. Let's see what he will do." 9 | author: 0xAWM 10 | tags: "pwn" 11 | flag: "blaz{TH!S.Na1ve~}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | # TIP: disable the healthcheck during development 19 | enabled: false 20 | -------------------------------------------------------------------------------- /challenges/missing/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/missing/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None, hardfork="cancun"), 10 | } 11 | 12 | Challenge().run() 13 | -------------------------------------------------------------------------------- /challenges/missing/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | 17 | networks: 18 | ctf_network: 19 | name: paradigmctf 20 | external: true -------------------------------------------------------------------------------- /challenges/missing/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/missing/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/missing/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge(player)); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/missing/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kctf.dev/v1 2 | kind: Challenge 3 | metadata: 4 | name: rock-paper-scissor 5 | annotations: 6 | type: PWN 7 | name: Rock, Paper or Scissor 8 | description: "Remember your childhood game? Trying to beat this the GPT-1234578 enhanced smart contract." 9 | author: "tonyke-bot" 10 | tags: "pwn" 11 | flag: "blaz{r3t_t0_rsp!}" 12 | spec: 13 | deployed: true 14 | powDifficultySeconds: 0 15 | network: 16 | public: true 17 | healthcheck: 18 | # TIP: disable the healthcheck during development 19 | enabled: false 20 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | 17 | networks: 18 | ctf_network: 19 | name: paradigmctf 20 | external: true -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/script/Deploy.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFDeployer.sol"; 5 | 6 | import "src/Challenge.sol"; 7 | 8 | contract Deploy is CTFDeployer { 9 | function deploy(address system, address player) internal override returns (address challenge) { 10 | vm.startBroadcast(system); 11 | 12 | challenge = address(new Challenge(player)); 13 | 14 | vm.stopBroadcast(); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.20; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge immutable challenge; 8 | 9 | constructor(Challenge chal) payable { 10 | challenge = Challenge(chal); 11 | } 12 | 13 | function exploit() external {} 14 | } 15 | -------------------------------------------------------------------------------- /challenges/rock-paper-scissor/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /challenges/tornado-crash/.challengeignore: -------------------------------------------------------------------------------- 1 | project/cache/* 2 | project/out/* 3 | project/broadcast/* 4 | 5 | solve.py 6 | project/script/Solve.s.sol 7 | project/script/exploit/* -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/Dockerfile.local: -------------------------------------------------------------------------------- 1 | FROM ghcr.io/foundry-rs/foundry:nightly-890bc7a03fd575fbfaf02a8870241f34760e65f1 AS foundry 2 | 3 | COPY project /project 4 | 5 | # artifacts must be the same path 6 | RUN true && \ 7 | cd /project && \ 8 | forge build --out /artifacts/out --cache-path /artifacts/cache && \ 9 | true 10 | 11 | FROM ghcr.io/fuzzland/blaz-ctf-2023-server:latest 12 | 13 | COPY --chown=user:user . /home/user/challenge/ 14 | COPY --from=foundry --chown=user:user /artifacts /artifacts -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/challenge.py: -------------------------------------------------------------------------------- 1 | from typing import Dict 2 | 3 | from ctf_launchers.pwn_launcher import PwnChallengeLauncher 4 | from ctf_server.types import LaunchAnvilInstanceArgs 5 | 6 | class Challenge(PwnChallengeLauncher): 7 | def get_anvil_instances(self) -> Dict[str, LaunchAnvilInstanceArgs]: 8 | return { 9 | "main": self.get_anvil_instance(fork_url=None), 10 | } 11 | 12 | Challenge().run() 13 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/docker-compose.yml: -------------------------------------------------------------------------------- 1 | name: paradigm-ctf-challenge 2 | services: 3 | launcher: 4 | container_name: challenge 5 | image: challenge 6 | build: 7 | context: . 8 | dockerfile: Dockerfile.local 9 | command: socat TCP-LISTEN:1337,reuseaddr,fork exec:"python3 -u challenge/challenge.py" 10 | expose: 11 | - 1337 12 | ports: 13 | - "1337:1337" 14 | networks: 15 | - ctf_network 16 | 17 | networks: 18 | ctf_network: 19 | name: paradigmctf 20 | external: true -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/.gitignore: -------------------------------------------------------------------------------- 1 | broadcast/ 2 | cache/ 3 | out/ -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/foundry.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | src = "src" 3 | out = "out" 4 | libs = ["lib"] 5 | 6 | fs_permissions = [{ access = 'read-write', path = '/'}] 7 | 8 | # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options 9 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/.gitignore: -------------------------------------------------------------------------------- 1 | cache/ 2 | out/ 3 | .vscode 4 | .idea 5 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/ds-test"] 2 | path = lib/ds-test 3 | url = https://github.com/dapphub/ds-test 4 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/lib/ds-test/.gitignore: -------------------------------------------------------------------------------- 1 | /.dapple 2 | /build 3 | /out 4 | /cache/ 5 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/lib/ds-test/Makefile: -------------------------------------------------------------------------------- 1 | all:; dapp build 2 | 3 | test: 4 | -dapp --use solc:0.4.23 build 5 | -dapp --use solc:0.4.26 build 6 | -dapp --use solc:0.5.17 build 7 | -dapp --use solc:0.6.12 build 8 | -dapp --use solc:0.7.5 build 9 | 10 | demo: 11 | DAPP_SRC=demo dapp --use solc:0.7.5 build 12 | -hevm dapp-test --verbose 3 13 | 14 | .PHONY: test demo 15 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/lib/ds-test/default.nix: -------------------------------------------------------------------------------- 1 | { solidityPackage, dappsys }: solidityPackage { 2 | name = "ds-test"; 3 | src = ./src; 4 | } 5 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/lib/ds-test/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ds-test", 3 | "version": "1.0.0", 4 | "description": "Assertions, equality checks and other test helpers ", 5 | "bugs": "https://github.com/dapphub/ds-test/issues", 6 | "license": "GPL-3.0", 7 | "author": "Contributors to ds-test", 8 | "files": [ 9 | "src/*" 10 | ], 11 | "repository": { 12 | "type": "git", 13 | "url": "https://github.com/dapphub/ds-test.git" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "forge-std", 3 | "version": "1.7.1", 4 | "description": "Forge Standard Library is a collection of helpful contracts and libraries for use with Forge and Foundry.", 5 | "homepage": "https://book.getfoundry.sh/forge/forge-std", 6 | "bugs": "https://github.com/foundry-rs/forge-std/issues", 7 | "license": "(Apache-2.0 OR MIT)", 8 | "author": "Contributors to Forge Standard Library", 9 | "files": [ 10 | "src/**/*" 11 | ], 12 | "repository": { 13 | "type": "git", 14 | "url": "https://github.com/foundry-rs/forge-std.git" 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/src/interfaces/IERC165.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2; 3 | 4 | interface IERC165 { 5 | /// @notice Query if a contract implements an interface 6 | /// @param interfaceID The interface identifier, as specified in ERC-165 7 | /// @dev Interface identification is specified in ERC-165. This function 8 | /// uses less than 30,000 gas. 9 | /// @return `true` if the contract implements `interfaceID` and 10 | /// `interfaceID` is not 0xffffffff, `false` otherwise 11 | function supportsInterface(bytes4 interfaceID) external view returns (bool); 12 | } 13 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/test/Vm.t.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.8.0 <0.9.0; 3 | 4 | import {Test} from "../src/Test.sol"; 5 | import {Vm, VmSafe} from "../src/Vm.sol"; 6 | 7 | contract VmTest is Test { 8 | // This test ensures that functions are never accidentally removed from a Vm interface, or 9 | // inadvertently moved between Vm and VmSafe. This test must be updated each time a function is 10 | // added to or removed from Vm or VmSafe. 11 | function test_interfaceId() public { 12 | assertEq(type(VmSafe).interfaceId, bytes4(0x329f5e71), "VmSafe"); 13 | assertEq(type(Vm).interfaceId, bytes4(0x82ccbb14), "Vm"); 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/test/compilation/CompilationScript.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScript is Script {} 11 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/test/compilation/CompilationScriptBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Script.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationScriptBase is ScriptBase {} 11 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/test/compilation/CompilationTest.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTest is Test {} 11 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/lib/forge-std/test/compilation/CompilationTestBase.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | pragma experimental ABIEncoderV2; 5 | 6 | import "../../src/Test.sol"; 7 | 8 | // The purpose of this contract is to benchmark compilation time to avoid accidentally introducing 9 | // a change that results in very long compilation times with via-ir. See https://github.com/foundry-rs/forge-std/issues/207 10 | contract CompilationTestBase is TestBase {} 11 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/remappings.txt: -------------------------------------------------------------------------------- 1 | forge-std/=lib/forge-std/src/ 2 | ds-test/=lib/forge-std/lib/ds-test/src/ 3 | forge-ctf/=lib/forge-ctf/src/ 4 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/script/Solve.s.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.0; 3 | 4 | import "forge-ctf/CTFSolver.sol"; 5 | 6 | import "script/exploit/Exploit.sol"; 7 | 8 | contract Solve is CTFSolver { 9 | function solve(address challengeAddress, address) internal override { 10 | Challenge challenge = Challenge(challengeAddress); 11 | Exploit exploit = new Exploit(challenge); 12 | exploit.exploit(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/script/exploit/Exploit.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity ^0.8.20; 3 | 4 | import "src/Challenge.sol"; 5 | 6 | contract Exploit { 7 | Challenge immutable challenge; 8 | 9 | constructor(Challenge chal) payable { 10 | challenge = Challenge(chal); 11 | } 12 | 13 | function exploit() external {} 14 | } 15 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/project/src/Challenge.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: MIT 2 | pragma solidity ^0.8.20; 3 | 4 | contract Challenge { 5 | address public immutable miximus; 6 | 7 | constructor(address m) { 8 | miximus = m; 9 | } 10 | 11 | function isSolved() external view returns (bool) { 12 | return address(miximus).balance == 0; 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /challenges/tornado-crash/challenge/solve.py: -------------------------------------------------------------------------------- 1 | from ctf_solvers.pwn_solver import PwnChallengeSolver 2 | 3 | PwnChallengeSolver().start() 4 | -------------------------------------------------------------------------------- /infrastructure/.gitignore: -------------------------------------------------------------------------------- 1 | # venv 2 | /venv 3 | /include 4 | **/__pycache__ -------------------------------------------------------------------------------- /infrastructure/forge-ctf/src/CTFSolver.sol: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: UNLICENSED 2 | pragma solidity >=0.6.2 <0.9.0; 3 | 4 | import "forge-std/Script.sol"; 5 | 6 | abstract contract CTFSolver is Script { 7 | function run() external { 8 | uint256 playerPrivateKey = vm.envOr("PLAYER", uint256(0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80)); 9 | address challenge = vm.envAddress("CHALLENGE"); 10 | 11 | vm.startBroadcast(playerPrivateKey); 12 | 13 | solve(challenge, vm.addr(playerPrivateKey)); 14 | 15 | vm.stopBroadcast(); 16 | } 17 | 18 | function solve(address challenge, address player) virtual internal; 19 | } -------------------------------------------------------------------------------- /infrastructure/kctf-challenge/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM gcr.io/kctf-docker/challenge@sha256:0f7d757bcda470c3bbc063606335b915e03795d72ba1d8fdb6f0f9ff3757364f 2 | 3 | VOLUME [ "/paradigm" ] 4 | 5 | COPY kctf_persist_env kctf_restore_env /usr/bin/ 6 | 7 | COPY nsjail.cfg / 8 | -------------------------------------------------------------------------------- /infrastructure/kctf-challenge/kctf_persist_env: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cat /dev/null > /paradigm/environ 4 | 5 | env | while IFS= read -r line; do 6 | value=${line#*=} 7 | name=${line%%=*} 8 | 9 | if [[ "$name" == PERSIST_* ]]; then 10 | printf 'export %s=%q\n' "$(echo "$name" | sed 's/^PERSIST_//g')" "$value" >> /paradigm/environ 11 | fi 12 | done 13 | -------------------------------------------------------------------------------- /infrastructure/kctf-challenge/kctf_restore_env: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if [ -f /environ ]; then 4 | source /environ 5 | fi 6 | 7 | exec $@ 8 | -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/.dockerignore: -------------------------------------------------------------------------------- 1 | **/__pycache__ 2 | *.pyc 3 | -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/.gitignore: -------------------------------------------------------------------------------- 1 | build/ 2 | *.egg-info 3 | **/__pycache__/ -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/ctf_launchers/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/infrastructure/paradigmctf.py/ctf_launchers/__init__.py -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/ctf_server/__init__.py: -------------------------------------------------------------------------------- 1 | from ctf_server.anvil_proxy import app as anvil_proxy 2 | from ctf_server.http_proxy import app as http_proxy 3 | from ctf_server.easy_ticket import app as easy_ticket 4 | from ctf_server.orchestrator import app as orchestrator -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/ctf_server/backends/__init__.py: -------------------------------------------------------------------------------- 1 | from .backend import Backend 2 | from .kubernetes_backend import KubernetesBackend 3 | from .docker_backend import DockerBackend 4 | -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/ctf_server/databases/__init__.py: -------------------------------------------------------------------------------- 1 | from .database import Database 2 | from .sqlitedb import SQLiteDatabase 3 | from .redisdb import RedisDatabase 4 | -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/ctf_solvers/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/infrastructure/paradigmctf.py/ctf_solvers/__init__.py -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/foundry/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/infrastructure/paradigmctf.py/foundry/__init__.py -------------------------------------------------------------------------------- /infrastructure/paradigmctf.py/setup.py: -------------------------------------------------------------------------------- 1 | from setuptools import find_packages, setup 2 | 3 | setup( 4 | name="paradigmctf.py", 5 | version="1.0.0", 6 | description="Packages used for Paradigm CTF", 7 | packages=find_packages(), 8 | python_requires=">=3.7, <4", 9 | install_requires=[ 10 | "web3==6.11.3", 11 | "kubernetes==28.1.0", 12 | "redis==5.0.1", 13 | "fastapi==0.104.1", 14 | "docker==6.1.3", 15 | "pwntools==4.11.0", 16 | ], 17 | py_modules=["foundry", "ctf_server", "ctf_launchers", "ctf_solvers"], 18 | ) 19 | -------------------------------------------------------------------------------- /solutions/be-billionaire-today.md: -------------------------------------------------------------------------------- 1 | The challenge added three accounts to BLAST L2's owner multisig. Private key of those accounts are well-known. 2 | 3 | Simply upgrade the BLAST deposit contract and you can drain the fund. 4 | -------------------------------------------------------------------------------- /solutions/cup-of-tea/README.md: -------------------------------------------------------------------------------- 1 | 2 | ```bash 3 | python3 ./solution.py 4 | ``` -------------------------------------------------------------------------------- /solutions/eazy-nft.md: -------------------------------------------------------------------------------- 1 | ## Solution 2 | 3 | Just mint 20 times to solve the challenge. 4 | -------------------------------------------------------------------------------- /solutions/hello-world.md: -------------------------------------------------------------------------------- 1 | Check the input data of the given transaction on Ethereum Mainnet. The flag is there. -------------------------------------------------------------------------------- /solutions/ketai/README.md: -------------------------------------------------------------------------------- 1 | Every buy / sell, there is additional token minted to the contract. To drain fund from contract, you can conduct a sandwich attack when calling `distributeReward`. -------------------------------------------------------------------------------- /solutions/lockless-swap/README.md: -------------------------------------------------------------------------------- 1 | The challenge uses a PancakePair without reentrancy guard. You can swap and reenter to mint to drain fund. -------------------------------------------------------------------------------- /solutions/maze/README.md: -------------------------------------------------------------------------------- 1 | Leverage this vulnerability: https://soliditylang.org/blog/2023/11/08/verbatim-invalid-deduplication-bug/ -------------------------------------------------------------------------------- /solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 1.png -------------------------------------------------------------------------------- /solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 2.png -------------------------------------------------------------------------------- /solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 3.png -------------------------------------------------------------------------------- /solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled 4.png -------------------------------------------------------------------------------- /solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fuzzland/blazctf-2023/935b686081e771aaf56e1a09c2b8bc4b425f4696/solutions/missing/Missing WriteUp 12a8fb151cdb4a74820bd3903b986b70/Untitled.png -------------------------------------------------------------------------------- /solutions/rock-paper-scissor.md: -------------------------------------------------------------------------------- 1 | In this challenge you need to calculate the opponent's move by hashing the (msg.sender, last block hash) and make counter move. 2 | 3 | We can use `cast block` to get the hash of the last and put below line into `chisel`: 4 | ```solidity 5 | uint256(keccak256(abi.encodePacked(msg.sender, ))) % 3; 6 | ``` 7 | --------------------------------------------------------------------------------