Automated Testing Guidlines: https://github.com/enderphan94/solidity-pentest/wiki/SMART-CONTRACT-AUTOMATED-TESTING-GUIDELINES
-
Deploy the contract onto ropsten testnet
-
Use
truffle console --network ropsten -
Use
web3.eth.getStorageAt("0x79Bbc5f4d3970B529E74134084dB1326Df5De5f6", 0, x => console.log(x))to query the storage/values.
More about it: https://enderspub.kubertu.com/understand-solidity-storage-in-depth
For deployer: (Example)
Initialize the Private function with a private array of:
["0x7465737400000000000000000000000000000000000000000000000000000000","0x7465737400000000000000000000000000000000000000000000000000000000","0x7465737400000000000000000000000000000000000000000000000000000000"]
//To avoid Re-entrancy in using call.value
function withdraw() external{
uint256 amount = balanceOf[msg.sender];
balanceOf[msg.sender] = 0; // typical safeguard for re-entrancy
(bool success, ) = msg.sender.call.value(amount)("");
require(success, "Transfer failed.");
}
If msg.sender is a smart contract, it has an opportunity on line 19 to call withdraw() again before line 20 happens. In that second call, balanceOf[msg.sender] is still the original amount, so it will be transferred again. This can be repeated as many times as necessary to drain the smart contract.
NB: you can use https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/ReentrancyGuard.sol
ref: https://diligence.consensys.net/blog/2019/09/stop-using-soliditys-transfer-now/
This value is like a rocket: 0x8000000000000000000000000000000000000000000000000000000000000000