If you want to get into smart contract hacking, a very lucrative business, you must be aware of the following vulnerabilities:
1. Reentrancy Attacks
2. Integer Overflow and Underflow
3. Unchecked Call Return Values
4. Lack of Input Validation
5. Race Conditions
(thread)
1. Reentrancy Attacks
2. Integer Overflow and Underflow
3. Unchecked Call Return Values
4. Lack of Input Validation
5. Race Conditions
(thread)
1. Reentrancy Attacks
An attacker is able to repeatedly call a contract function in a way that causes it to run out of gas.
An attacker is able to repeatedly call a contract function in a way that causes it to run out of gas.
2. Integer Overflow and Underflow
Arithmetic operations on integers result in values outside the expected range.
Arithmetic operations on integers result in values outside the expected range.
3. Unchecked Call Return Values
A contract function does not properly check the return value of a call to another contract, potentially leading to unintended behavior.
A contract function does not properly check the return value of a call to another contract, potentially leading to unintended behavior.
4. Lack of Input Validation
A contract does not properly validate user-supplied input, potentially allowing attackers to supply malicious input that can exploit vulnerabilities in the contract.
A contract does not properly validate user-supplied input, potentially allowing attackers to supply malicious input that can exploit vulnerabilities in the contract.
5. Race Conditions
A contract has multiple concurrent functions that are not properly synchronized, potentially leading to unpredictable behavior.
A contract has multiple concurrent functions that are not properly synchronized, potentially leading to unpredictable behavior.
6. Bonus
33 more smart contract vulnerabilities via @hackenclub: hacken.io
#infosec #cybersecurity #pentesting #cybersecuritytips #ethicalhacking #hacking
Like, RT, and follow me @cristivlad25 for more.
33 more smart contract vulnerabilities via @hackenclub: hacken.io
#infosec #cybersecurity #pentesting #cybersecuritytips #ethicalhacking #hacking
Like, RT, and follow me @cristivlad25 for more.
Loading suggestions...