SlideShare a Scribd company logo

Explain Ethereum smart contract hacking like i am a five

Download as PPTX, PDF
Zoltan Balazs
Zoltan Balazs

Ethereum allows for smart contracts which are programs stored on the blockchain that execute automatically based on predefined rules. Smart contracts are vulnerable to hacking through bugs and exploits like integer overflows. Major hacks have occurred on smart contracts, like The DAO hack which stole $50 million worth of ether. Writing secure smart contracts is challenging as seen through continued hacks, showing the technology is still immature.

Internet
1 of 46
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
EXPLAIN ETHEREUM SMART CONTRACT HACKING LIKE I AM FIVE Zoltan Balazs 2018 October
Whoami? Zombie Browser Toolkit https://github.com/Z6543/ZombieBrowserPack HWFW Bypass tool Similar stuff was used in PacketRedirect in Danderspritz FlewAvenue by EQGRP https://github.com/MRGEffitas/hwfwbypass Malware Analysis Sandbox Tester tool https://github.com/MRGEffitas/Sandbox_tester Played with crappy IoT devices – my RCE exploit code running on ~600 000 IP cameras via Persirai https://jumpespjump.blogspot.hu/2015/09/how-i-hacked-my-ip-camera-and-found.html https://jumpespjump.blogspot.hu/2015/08/how-to-secure-your-home-against.html Invented the idea of encrypted exploit delivery via Diffie-Hellman key exchange, to bypass exploit detection appliances Implemented by Angler and Nuclear exploit kit developers https://www.mrg-effitas.com/generic-bypass-of-next-gen-intrusion-threat-breach-detection-systems/ 2
Questions Hands up if you know something about blockchain Hands up if you have ever tried to explain Bitcoin to your parents/colleagues/kids Hands up if it ended: “it is complicated” Hands up if you have ever interacted with a Smart Contract
Why am I talking about this? ITSEC folks laugh about Blockchain a lot They believe it is not happening not important not working Bad news: it is happening! Trust me, this is an important topic I will calculate losses in Lamborghinis – 200K USD
So who am I to talk about this topic? I don’t give advice on investing/ selling/ HODLing cryptocurrencies
Main idea of cryptocurrencies Let’s go with metaphors on this topic Math is hard (at least for me it is true) Let’s form a group where we solve mathematical challenges MINING Everyone can easily check if someone solved the hard math challenge When someone solves a math challenge, they receive moneZ (my imaginary cryptocurrency)
Transactions If Bunny wants to send moneZ to Piggie, everyone will know and has to know about all details of the transaction In fact, everyone knows how much moneZ everyone has because it is public knowledge Sidenote: ETHEREUM different
Blockchain The last not yet processed moneZ are collected in a transaction together The bundle of transactions is included as additional parts to the math challenge to be solved blocks Including the transactions in the math challenges will cost moneZ for the initiator transaction fee A long paper trail is created where every blocks are recorded blockchain
How can newcomers get moneZ - Bitcoin, etc.? They can start to solve new math challenges Before that they should get a copy of the long paper trail - blockchain By solving math challenges and including the transactions, they get the transaction fee Or they can ask someone to send them moneZ In exchange they can give something - real money, Alpaca socks
What is a wallet The wallet holds all the moneZ you previously received Whenever you send moneZ from your wallet to someone else's wallet, you sign the transaction with your signature, which is impossible to counterfeit Transactions are irreversible and final* Everyone will know you transferred the money, you can’t draw back
Why is this interesting? You don’t have to be in the same room to do the math challenges You can do all the stuff through the Internet You don’t even have to know who the others are (pseudo-anonimity)
Explain Ethereum smart contract hacking like i am a five
Smart Contracts Assume you have a basic understanding of cryptocurrencies in general Let’s take a deep dive into Smart Contracts Bitcoin is also capable of doing Smart Contracts Ethereum YAC (Yet Another Cryptocurrency) was designed for Smart Contracts
Smart Contracts You want to sign and get a countersign of the contract carve the contract into stone contracts carved into the stone cannot be modified In the smart contract world, the stone is the blockchain it is powered by the time and energy spent on solved math challenges Code is universal
What is gas? Smart contract is code which can be executed by anyone who solves the math challenges for moneZ - mines the cryptocurrencies Similarly to moneZ transaction fees, you have to pay moneZ to get the smart contract code executed by everyone The more complex the smart contract code is, the more moneZ you have to pay This is called gas in Ethereum
Are we there yet?
Ethereum Virtual Machine Bytecode: it is not a machine code, thus you need a VM to execute it Solidity: compile JavaScript-like code into EVM bytecode Source code can be published - creates trust Solidity source code compiles into the same bytecode (reproducible) At least with the same parameters and same compiler version
JavaScript developers today Solidity (smart contract language) looks similar to JavaScript You need web3.js based frontend - this is JS Many smart contract coders have JavaScript background JavaScript: You must move fast and break things With Ethereum Smart Contracts, this approach is not “profitable” … Solidity: Deploy once, be hacked anytime
Explain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a five
Since August 2018 the latest Metamask has been showing the hex data to be sent Kittie ID in hex Identifier for the Bid function (MethodID) – keccak256(“bid(uint256)”)[:4] 59 zeroes because the world needs 2ˆ256 Kitties
Code can be hacked Smart contracts are code
Explain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a five
The DAO: Recursive call + race condition June 18th, 2016 Attacker transfers Ether worth $250 million from DAO That is 1250 Lamborghinis Reentrancy at the splitDAO function
The DAO hack You can interrupt the bank teller while he is giving you money The bank teller only updates your balance at the end
The DAO hack … // INSECURE --- this is not DAO code, but similar so it is easy to understand function withdrawBalance() public { // 1st line uint amountToWithdraw = userBalances[msg.sender]; // 2nd line require(msg.sender.call.value(amountToWithdraw)()); // 3rd line. At this point, the caller's code is executed, and can call withdrawBalance again userBalances[msg.sender] = 0; // 4th line }
Explain Ethereum smart contract hacking like i am a five
The solution? Rewrite the past and pretend it didn’t happen Attacker got away with his ETH Classic worth $67.4 million – 337 Lambos
Explain Ethereum smart contract hacking like i am a five
Multi-signature wallets “Captain planet, the world’s first multi-factor authentication” © dnet
Shared vulnerable library + reinit - 2017 July 20 $31M stolen – 155 Lambos A lot more was in danger, but good guys were faster Lot of shared libraries exists in the blockchain Save gas Contracts now share the same vulnerabilities Parity multi-signature wallets
Teh code NON LIBRARY CODE function() payable { // someone called a function we don’t have? if (msg.value > 0) // some ether is sent ... else if (msg.data.length > 0) //ether is not sent, but some data is _walletLibrary.delegatecall(msg.data); //let’s check if we can execute this code via shared library } ● If the method name is not defined on this contract… ● And there’s no ether being sent in the transaction… ● And there is some data in the message payload… for whatever method that calls DELEGATECALL, it will call the same method on the contract you're delegating to, but using the context of the current contract
Teh library codez function initWallet(address[] _owners, uint _required, uint _daylimit) { //the shared library has initWallet and it is public ! initDaylimit(_daylimit); initMultiowned(_owners, _required); } initWallet is not in the non-library code, but is called in the shared library
So some random guys don’t know how to code Smart Contracts …
Fixing the Parity bug Parity fixed previous bug and introduced a new one Library contract was not initialized properly. That allowed anyone to turn the library contract into a multi-sig wallet
The next Parity hack November 2017 - $300M lost – 1500 Lambos @devops199 “accidentally” called initWallet() method to own the library @devops199 “accidentally” called kill() method to self-destruct it It was planned to be fixed – forking EIP-999. Community voted no
Intro to integer underflow Underflow If there are (unsigned integer 8) 3 people on the bus, and four of them took of the bus, how many people are still on the bus? 255
Intro to integer overflow Overflow If there are (unsigned integer 8) 255 people on the bus, and the bus is totally full, and one guy hops on the bus, how many people are on the bus?
Proof of Weak Hands https://medium.com/@optimumregret/the-surreal-madness- of-ethereums-pyramid-schemes-da705fe7d92e USD 2M lost unsigned integer underflow withdrawal Use Safemath! https://etherscan.io/tx/0x233107922bed72a4ea7c75a83ecf58dae4 b744384e2b3feacd28903a17b864e0
Conclusion Blockchain, Ethereum, Smart Contracts are here to hack Writing secure Smart Contracts is hard Ethereum is still in beta Hacking Smart Contracts is possible, fun, but probably illegal Hacking your own smart contract is probably not illegal Hacking in test blockchain is not illegal
Where to learn to code? cryptozombies.io
Where to learn to hack?
References Nick Szabo: The idea of smart contracts 1997 https://perma.cc/V6AZ-7V8W https://www.reddit.com/r/explainlikeimfive/comments/12knie/eli5_bitcoins/?st=IZW0ENOG&sh=d566a3ee https://medium.freecodecamp.org/smart-contracts-for-dummies-a1ba1e0b9575 https://www.reddit.com/r/explainlikeimfive/comments/4lz9t4/eli5_ethereum/ http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/ https://github.com/b-mueller/smashing-smart-contracts/blob/master/smashing-smart-contracts-1of1.pdf https://medium.freecodecamp.org/a-hacker-stole-31m-of-ether-how-it-happened-and-what-it-means-for-ethereum- 9e5dc29e33ce https://www.stateofthedapps.com/ Cryptozombies.io - best tutorial Latest hype and scams: https://boards.4chan.org/biz/
48 Hack the planet! zoltan.balazs@mrg-effitas.com https://hu.linkedin.com/in/zbalazs Twitter – @zh4ck www.slideshare.net/bz98 HACKERSULI !!!1! Greetz to @VitalikButerin, Satoshi Nakamoto https://JumpESPJump.blogspot.com

More Related Content

What's hot (20)

PDF
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON
 
PPTX
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Shota Shinogi
 
PDF
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON
 
PDF
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
SecuRing
 
PDF
Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)
Nate Lawson
 
PDF
44CON London 2015 - Is there an EFI monster inside your apple?
44CON
 
PDF
Threat stack aws
Jen Andre
 
PPTX
ShinoBOT Suite
Shota Shinogi
 
PDF
Embedded Rust on IoT devices
Lars Gregori
 
PDF
IoThings you don't even need to hack
Slawomir Jasek
 
PDF
Crypto products backgrounder r0
Bill Boldt
 
PPTX
Unsecuring SSH
Jeremy Brown
 
PDF
Docker app armor_usecase
Kazuki Omo
 
ODP
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
 
PDF
IoT security is a nightmare. But what is the real risk?
Zoltan Balazs
 
PDF
Shameful secrets of proprietary network protocols
Slawomir Jasek
 
PPTX
BSides Edinburgh 2017 - TR-06FAIL and other CPE Configuration Disasters
infodox
 
PPTX
Pwnstaller
Will Schroeder
 
PDF
44CON 2014 - Breaking AV Software
44CON
 
PPTX
Steelcon 2015 - 0wning the internet of trash
infodox
 
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON
 
Introduction of ShinoBOT (Black Hat USA 2013 Arsenal)
Shota Shinogi
 
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON
 
WebApps vs Blockchain dApps (SmartContracts): tools, vulns and standards
SecuRing
 
Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)
Nate Lawson
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON
 
Threat stack aws
Jen Andre
 
ShinoBOT Suite
Shota Shinogi
 
Embedded Rust on IoT devices
Lars Gregori
 
IoThings you don't even need to hack
Slawomir Jasek
 
Crypto products backgrounder r0
Bill Boldt
 
Unsecuring SSH
Jeremy Brown
 
Docker app armor_usecase
Kazuki Omo
 
Joxean Koret - Database Security Paradise [Rooted CON 2011]
RootedCON
 
IoT security is a nightmare. But what is the real risk?
Zoltan Balazs
 
Shameful secrets of proprietary network protocols
Slawomir Jasek
 
BSides Edinburgh 2017 - TR-06FAIL and other CPE Configuration Disasters
infodox
 
Pwnstaller
Will Schroeder
 
44CON 2014 - Breaking AV Software
44CON
 
Steelcon 2015 - 0wning the internet of trash
infodox
 

Similar to Explain Ethereum smart contract hacking like i am a five (20)

PPTX
Kriptovaluták, hashbányászat és okoscicák
hackersuli
 
PPTX
BlockChain for the Banker
Bohdan Szymanik
 
PDF
The JavaScript toolset for development on Ethereum
GreeceJS
 
PDF
Javascript toolset for Ethereum Smart Contract development
BugSense
 
PDF
Blockchain for Notaries
Patrice Kerremans
 
PPTX
Smart contract honeypots for profit (and fun) - bha
PolySwarm
 
PDF
Blockchain School 2019 - Security of Smart Contracts.pdf
Davide Carboni
 
PPTX
Blockchain for Developers
Shimi Bandiel
 
PDF
Dylan Butler & Oliver Hager - Building a cross platform cryptocurrency app
DevCamp Campinas
 
PPTX
Cryptocurrency_slide
aman pandey
 
PPTX
Blockchain, smart contracts - introduction
Lukasz Jarmulowicz
 
ODP
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Codemotion
 
PPTX
Dappsmedia smartcontract _write_smartcontracts_on_console_ethereum
Tomoaki Sato
 
PDF
All aboard the blockchain!
The Software House
 
PPTX
Blockchain Tokenization
Bellaj Badr
 
PDF
Ethereum in a nutshell
Daniel Chan
 
PPTX
The Blockchain and JavaScript
Portia Burton
 
PDF
BlockChain Public
Marie-Paule Odini
 
PDF
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
ShreeharshaHegde7
 
PDF
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Leokas123
 
Kriptovaluták, hashbányászat és okoscicák
hackersuli
 
BlockChain for the Banker
Bohdan Szymanik
 
The JavaScript toolset for development on Ethereum
GreeceJS
 
Javascript toolset for Ethereum Smart Contract development
BugSense
 
Blockchain for Notaries
Patrice Kerremans
 
Smart contract honeypots for profit (and fun) - bha
PolySwarm
 
Blockchain School 2019 - Security of Smart Contracts.pdf
Davide Carboni
 
Blockchain for Developers
Shimi Bandiel
 
Dylan Butler & Oliver Hager - Building a cross platform cryptocurrency app
DevCamp Campinas
 
Cryptocurrency_slide
aman pandey
 
Blockchain, smart contracts - introduction
Lukasz Jarmulowicz
 
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Codemotion
 
Dappsmedia smartcontract _write_smartcontracts_on_console_ethereum
Tomoaki Sato
 
All aboard the blockchain!
The Software House
 
Blockchain Tokenization
Bellaj Badr
 
Ethereum in a nutshell
Daniel Chan
 
The Blockchain and JavaScript
Portia Burton
 
BlockChain Public
Marie-Paule Odini
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
ShreeharshaHegde7
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Leokas123
 

More from Zoltan Balazs (19)

PPTX
[ Hackersuli ] Privacy on the blockchain
Zoltan Balazs
 
PPTX
MLSEC 2020
Zoltan Balazs
 
PDF
Web3 + scams = It's a match
Zoltan Balazs
 
PDF
MIPS-X
Zoltan Balazs
 
PPTX
Test & Tea : ITSEC testing, manual vs automated
Zoltan Balazs
 
PDF
Hacking Windows 95 #33c3
Zoltan Balazs
 
PPTX
Ransomware - what is it, how to protect against it
Zoltan Balazs
 
PDF
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
 
PPTX
Sandboxes
Zoltan Balazs
 
PPTX
Sandbox detection: leak, abuse, test - Hacktivity 2015
Zoltan Balazs
 
PDF
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
Zoltan Balazs
 
PPTX
Hacking with Remote Admin Tools (RAT)
Zoltan Balazs
 
PDF
[ENG] Hacktivity 2013 - Alice in eXploitland
Zoltan Balazs
 
PPTX
[ENG] OHM2013 - The Quest for the Client-Side Elixir Against Zombie Browsers -
Zoltan Balazs
 
PPTX
[HUN] Védtelen böngészők - Ethical Hacking
Zoltan Balazs
 
PDF
[ENG] Hacker halted 2012 - Zombie browsers, spiced with rootkit extensions
Zoltan Balazs
 
PDF
[ENG] Zombie browsers spiced with rootkit extensions - Hacktivity 2012
Zoltan Balazs
 
PPTX
[HUN] Zombi tűzróka, avagy mire képes egy rosszindulatú böngősző kiegészitő
Zoltan Balazs
 
PPT
[HUN] Hacktivity2009 - M&M’s: Mafia & Malware’s
Zoltan Balazs
 
[ Hackersuli ] Privacy on the blockchain
Zoltan Balazs
 
MLSEC 2020
Zoltan Balazs
 
Web3 + scams = It's a match
Zoltan Balazs
 
MIPS-X
Zoltan Balazs
 
Test & Tea : ITSEC testing, manual vs automated
Zoltan Balazs
 
Hacking Windows 95 #33c3
Zoltan Balazs
 
Ransomware - what is it, how to protect against it
Zoltan Balazs
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Zoltan Balazs
 
Sandboxes
Zoltan Balazs
 
Sandbox detection: leak, abuse, test - Hacktivity 2015
Zoltan Balazs
 
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
Zoltan Balazs
 
Hacking with Remote Admin Tools (RAT)
Zoltan Balazs
 
[ENG] Hacktivity 2013 - Alice in eXploitland
Zoltan Balazs
 
[ENG] OHM2013 - The Quest for the Client-Side Elixir Against Zombie Browsers -
Zoltan Balazs
 
[HUN] Védtelen böngészők - Ethical Hacking
Zoltan Balazs
 
[ENG] Hacker halted 2012 - Zombie browsers, spiced with rootkit extensions
Zoltan Balazs
 
[ENG] Zombie browsers spiced with rootkit extensions - Hacktivity 2012
Zoltan Balazs
 
[HUN] Zombi tűzróka, avagy mire képes egy rosszindulatú böngősző kiegészitő
Zoltan Balazs
 
[HUN] Hacktivity2009 - M&M’s: Mafia & Malware’s
Zoltan Balazs
 

Recently uploaded (20)

PPTX
西班牙武康大学毕业证书{UCAMOfferUCAM成绩单水印}原版制作
Taqyea
 
PPTX
ZARA-Case.pptx djdkkdjnddkdoodkdxjidjdnhdjjdjx
RonnelPineda2
 
PPT
Computer Securityyyyyyyy - Chapter 1.ppt
SolomonSB
 
PDF
Build Fast, Scale Faster: Milvus vs. Zilliz Cloud for Production-Ready AI
Zilliz
 
PDF
DevOps Design for different deployment options
henrymails
 
PPTX
Orchestrating things in Angular application
Peter Abraham
 
PPTX
英国假毕业证诺森比亚大学成绩单GPA修改UNN学生卡网上可查学历成绩单
Taqyea
 
PPTX
sajflsajfljsdfljslfjslfsdfas;fdsfksadfjlsdflkjslgfs;lfjlsajfl;sajfasfd.pptx
theknightme
 
PPTX
L1A Season 1 ENGLISH made by A hegy fixed
toszolder91
 
PDF
𝐁𝐔𝐊𝐓𝐈 𝐊𝐄𝐌𝐄𝐍𝐀𝐍𝐆𝐀𝐍 𝐊𝐈𝐏𝐄𝐑𝟒𝐃 𝐇𝐀𝐑𝐈 𝐈𝐍𝐈 𝟐𝟎𝟐𝟓
hokimamad0
 
PPTX
internet básico presentacion es una red global
70965857
 
PPTX
L1A Season 1 Guide made by A hegy Eng Grammar fixed
toszolder91
 
PDF
AI_MOD_1.pdf artificial intelligence notes
shreyarrce
 
PPTX
法国巴黎第二大学本科毕业证{Paris 2学费发票Paris 2成绩单}办理方法
Taqyea
 
PDF
Azure_DevOps introduction for CI/CD and Agile
henrymails
 
PDF
The-Hidden-Dangers-of-Skipping-Penetration-Testing.pdf.pdf
naksh4thra
 
PPTX
原版西班牙莱昂大学毕业证(León毕业证书)如何办理
Taqyea
 
PDF
Apple_Environmental_Progress_Report_2025.pdf
yiukwong
 
PPT
introduction to networking with basics coverage
RamananMuthukrishnan
 
PPTX
Lec15_Mutability Immutability-converted.pptx
khanjahanzaib1
 
西班牙武康大学毕业证书{UCAMOfferUCAM成绩单水印}原版制作
Taqyea
 
ZARA-Case.pptx djdkkdjnddkdoodkdxjidjdnhdjjdjx
RonnelPineda2
 
Computer Securityyyyyyyy - Chapter 1.ppt
SolomonSB
 
Build Fast, Scale Faster: Milvus vs. Zilliz Cloud for Production-Ready AI
Zilliz
 
DevOps Design for different deployment options
henrymails
 
Orchestrating things in Angular application
Peter Abraham
 
英国假毕业证诺森比亚大学成绩单GPA修改UNN学生卡网上可查学历成绩单
Taqyea
 
sajflsajfljsdfljslfjslfsdfas;fdsfksadfjlsdflkjslgfs;lfjlsajfl;sajfasfd.pptx
theknightme
 
L1A Season 1 ENGLISH made by A hegy fixed
toszolder91
 
𝐁𝐔𝐊𝐓𝐈 𝐊𝐄𝐌𝐄𝐍𝐀𝐍𝐆𝐀𝐍 𝐊𝐈𝐏𝐄𝐑𝟒𝐃 𝐇𝐀𝐑𝐈 𝐈𝐍𝐈 𝟐𝟎𝟐𝟓
hokimamad0
 
internet básico presentacion es una red global
70965857
 
L1A Season 1 Guide made by A hegy Eng Grammar fixed
toszolder91
 
AI_MOD_1.pdf artificial intelligence notes
shreyarrce
 
法国巴黎第二大学本科毕业证{Paris 2学费发票Paris 2成绩单}办理方法
Taqyea
 
Azure_DevOps introduction for CI/CD and Agile
henrymails
 
The-Hidden-Dangers-of-Skipping-Penetration-Testing.pdf.pdf
naksh4thra
 
原版西班牙莱昂大学毕业证(León毕业证书)如何办理
Taqyea
 
Apple_Environmental_Progress_Report_2025.pdf
yiukwong
 
introduction to networking with basics coverage
RamananMuthukrishnan
 
Lec15_Mutability Immutability-converted.pptx
khanjahanzaib1
 

Explain Ethereum smart contract hacking like i am a five

  • 1. EXPLAIN ETHEREUM SMART CONTRACT HACKING LIKE I AM FIVE Zoltan Balazs 2018 October
  • 2. Whoami? Zombie Browser Toolkit https://github.com/Z6543/ZombieBrowserPack HWFW Bypass tool Similar stuff was used in PacketRedirect in Danderspritz FlewAvenue by EQGRP https://github.com/MRGEffitas/hwfwbypass Malware Analysis Sandbox Tester tool https://github.com/MRGEffitas/Sandbox_tester Played with crappy IoT devices – my RCE exploit code running on ~600 000 IP cameras via Persirai https://jumpespjump.blogspot.hu/2015/09/how-i-hacked-my-ip-camera-and-found.html https://jumpespjump.blogspot.hu/2015/08/how-to-secure-your-home-against.html Invented the idea of encrypted exploit delivery via Diffie-Hellman key exchange, to bypass exploit detection appliances Implemented by Angler and Nuclear exploit kit developers https://www.mrg-effitas.com/generic-bypass-of-next-gen-intrusion-threat-breach-detection-systems/ 2
  • 3. Questions Hands up if you know something about blockchain Hands up if you have ever tried to explain Bitcoin to your parents/colleagues/kids Hands up if it ended: “it is complicated” Hands up if you have ever interacted with a Smart Contract
  • 4. Why am I talking about this? ITSEC folks laugh about Blockchain a lot They believe it is not happening not important not working Bad news: it is happening! Trust me, this is an important topic I will calculate losses in Lamborghinis – 200K USD
  • 5. So who am I to talk about this topic? I don’t give advice on investing/ selling/ HODLing cryptocurrencies
  • 6. Main idea of cryptocurrencies Let’s go with metaphors on this topic Math is hard (at least for me it is true) Let’s form a group where we solve mathematical challenges MINING Everyone can easily check if someone solved the hard math challenge When someone solves a math challenge, they receive moneZ (my imaginary cryptocurrency)
  • 7. Transactions If Bunny wants to send moneZ to Piggie, everyone will know and has to know about all details of the transaction In fact, everyone knows how much moneZ everyone has because it is public knowledge Sidenote: ETHEREUM different
  • 8. Blockchain The last not yet processed moneZ are collected in a transaction together The bundle of transactions is included as additional parts to the math challenge to be solved blocks Including the transactions in the math challenges will cost moneZ for the initiator transaction fee A long paper trail is created where every blocks are recorded blockchain
  • 9. How can newcomers get moneZ - Bitcoin, etc.? They can start to solve new math challenges Before that they should get a copy of the long paper trail - blockchain By solving math challenges and including the transactions, they get the transaction fee Or they can ask someone to send them moneZ In exchange they can give something - real money, Alpaca socks
  • 10. What is a wallet The wallet holds all the moneZ you previously received Whenever you send moneZ from your wallet to someone else's wallet, you sign the transaction with your signature, which is impossible to counterfeit Transactions are irreversible and final* Everyone will know you transferred the money, you can’t draw back
  • 11. Why is this interesting? You don’t have to be in the same room to do the math challenges You can do all the stuff through the Internet You don’t even have to know who the others are (pseudo-anonimity)
  • 13. Smart Contracts Assume you have a basic understanding of cryptocurrencies in general Let’s take a deep dive into Smart Contracts Bitcoin is also capable of doing Smart Contracts Ethereum YAC (Yet Another Cryptocurrency) was designed for Smart Contracts
  • 14. Smart Contracts You want to sign and get a countersign of the contract carve the contract into stone contracts carved into the stone cannot be modified In the smart contract world, the stone is the blockchain it is powered by the time and energy spent on solved math challenges Code is universal
  • 15. What is gas? Smart contract is code which can be executed by anyone who solves the math challenges for moneZ - mines the cryptocurrencies Similarly to moneZ transaction fees, you have to pay moneZ to get the smart contract code executed by everyone The more complex the smart contract code is, the more moneZ you have to pay This is called gas in Ethereum
  • 16. Are we there yet?
  • 17. Ethereum Virtual Machine Bytecode: it is not a machine code, thus you need a VM to execute it Solidity: compile JavaScript-like code into EVM bytecode Source code can be published - creates trust Solidity source code compiles into the same bytecode (reproducible) At least with the same parameters and same compiler version
  • 18. JavaScript developers today Solidity (smart contract language) looks similar to JavaScript You need web3.js based frontend - this is JS Many smart contract coders have JavaScript background JavaScript: You must move fast and break things With Ethereum Smart Contracts, this approach is not “profitable” … Solidity: Deploy once, be hacked anytime
  • 21. Since August 2018 the latest Metamask has been showing the hex data to be sent Kittie ID in hex Identifier for the Bid function (MethodID) – keccak256(“bid(uint256)”)[:4] 59 zeroes because the world needs 2ˆ256 Kitties
  • 22. Code can be hacked Smart contracts are code
  • 26. The DAO: Recursive call + race condition June 18th, 2016 Attacker transfers Ether worth $250 million from DAO That is 1250 Lamborghinis Reentrancy at the splitDAO function
  • 27. The DAO hack You can interrupt the bank teller while he is giving you money The bank teller only updates your balance at the end
  • 28. The DAO hack … // INSECURE --- this is not DAO code, but similar so it is easy to understand function withdrawBalance() public { // 1st line uint amountToWithdraw = userBalances[msg.sender]; // 2nd line require(msg.sender.call.value(amountToWithdraw)()); // 3rd line. At this point, the caller's code is executed, and can call withdrawBalance again userBalances[msg.sender] = 0; // 4th line }
  • 30. The solution? Rewrite the past and pretend it didn’t happen Attacker got away with his ETH Classic worth $67.4 million – 337 Lambos
  • 32. Multi-signature wallets “Captain planet, the world’s first multi-factor authentication” © dnet
  • 33. Shared vulnerable library + reinit - 2017 July 20 $31M stolen – 155 Lambos A lot more was in danger, but good guys were faster Lot of shared libraries exists in the blockchain Save gas Contracts now share the same vulnerabilities Parity multi-signature wallets
  • 34. Teh code NON LIBRARY CODE function() payable { // someone called a function we don’t have? if (msg.value > 0) // some ether is sent ... else if (msg.data.length > 0) //ether is not sent, but some data is _walletLibrary.delegatecall(msg.data); //let’s check if we can execute this code via shared library } ● If the method name is not defined on this contract… ● And there’s no ether being sent in the transaction… ● And there is some data in the message payload… for whatever method that calls DELEGATECALL, it will call the same method on the contract you're delegating to, but using the context of the current contract
  • 35. Teh library codez function initWallet(address[] _owners, uint _required, uint _daylimit) { //the shared library has initWallet and it is public ! initDaylimit(_daylimit); initMultiowned(_owners, _required); } initWallet is not in the non-library code, but is called in the shared library
  • 36. So some random guys don’t know how to code Smart Contracts …
  • 37. Fixing the Parity bug Parity fixed previous bug and introduced a new one Library contract was not initialized properly. That allowed anyone to turn the library contract into a multi-sig wallet
  • 38. The next Parity hack November 2017 - $300M lost – 1500 Lambos @devops199 “accidentally” called initWallet() method to own the library @devops199 “accidentally” called kill() method to self-destruct it It was planned to be fixed – forking EIP-999. Community voted no
  • 39. Intro to integer underflow Underflow If there are (unsigned integer 8) 3 people on the bus, and four of them took of the bus, how many people are still on the bus? 255
  • 40. Intro to integer overflow Overflow If there are (unsigned integer 8) 255 people on the bus, and the bus is totally full, and one guy hops on the bus, how many people are on the bus?
  • 41. Proof of Weak Hands https://medium.com/@optimumregret/the-surreal-madness- of-ethereums-pyramid-schemes-da705fe7d92e USD 2M lost unsigned integer underflow withdrawal Use Safemath! https://etherscan.io/tx/0x233107922bed72a4ea7c75a83ecf58dae4 b744384e2b3feacd28903a17b864e0
  • 42. Conclusion Blockchain, Ethereum, Smart Contracts are here to hack Writing secure Smart Contracts is hard Ethereum is still in beta Hacking Smart Contracts is possible, fun, but probably illegal Hacking your own smart contract is probably not illegal Hacking in test blockchain is not illegal
  • 43. Where to learn to code? cryptozombies.io
  • 44. Where to learn to hack?
  • 45. References Nick Szabo: The idea of smart contracts 1997 https://perma.cc/V6AZ-7V8W https://www.reddit.com/r/explainlikeimfive/comments/12knie/eli5_bitcoins/?st=IZW0ENOG&sh=d566a3ee https://medium.freecodecamp.org/smart-contracts-for-dummies-a1ba1e0b9575 https://www.reddit.com/r/explainlikeimfive/comments/4lz9t4/eli5_ethereum/ http://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/ https://github.com/b-mueller/smashing-smart-contracts/blob/master/smashing-smart-contracts-1of1.pdf https://medium.freecodecamp.org/a-hacker-stole-31m-of-ether-how-it-happened-and-what-it-means-for-ethereum- 9e5dc29e33ce https://www.stateofthedapps.com/ Cryptozombies.io - best tutorial Latest hype and scams: https://boards.4chan.org/biz/
  • 46. 48 Hack the planet! [email protected] https://hu.linkedin.com/in/zbalazs Twitter – @zh4ck www.slideshare.net/bz98 HACKERSULI !!!1! Greetz to @VitalikButerin, Satoshi Nakamoto https://JumpESPJump.blogspot.com

Editor's Notes

  • #2: TODO bevezeto
  • #5: Who thinks Smart Contracts are the future?
  • #9: We are going to … TODO nyelvtan
  • #19: TODO image
  • #22: Megvagni a videot
  • #30: It’s like the bank teller won’t change your balance until he gives you all the money you have requested. “Can I withdraw $500? Wait, before that, can I withdraw $500?” The smart contract was designed only to check you have $500 at the beginning, once, and allow themselves to be interrupted.
  • #35: 5 people would summon Captain Planet who would save the world