Gabung/ Daftar

Beosin: Kontrak AurumNodePool diserang karena fungsi changeRewardPerNode tidak diverifikasi

23/11/2022 16:54

Menurut pemantauan risiko keamanan Beosin EagleEye, peringatan dini dan pemantauan platform pemblokiran dari perusahaan audit keamanan blockchain Beosin, pada 23 November 2022, kontrak AurumNodePool diserang oleh kerentanan. Analisis Beosin menemukan bahwa karena fungsi changeRewardPerNode dari kontrak yang rentan tidak diverifikasi, penyerang dapat memanggil fungsi ini untuk menetapkan nilai apa pun. Penyerang pertama memanggil fungsi changeRewardPerNode untuk menetapkan nilai hadiah harian ke jumlah yang sangat besar, dan kemudian memanggil fungsi claimNodeReward untuk mengekstrak hadiah node, dan perhitungan hadiah node tergantung pada nilai rewardPerDay yang ditetapkan oleh penyerang, menghasilkan hadiah simpul yang dihitung sangat tinggi. Sebelum transaksi ini, penyerang menyetor 1000 AUR ke dalam kontrak melalui transaksi (0xb3bc6ca257387eae1cea3b997eb489c1a9c208d09ec4d117198029277468e25d), yang membuat catatan node penyerang, yang memungkinkan penyerang mengekstrak hadiah node. Pada akhirnya, penyerang memperoleh sekitar 50 BNB (sekitar $14.538,04) melalui kerentanan ini.

Bullish

Kasar

Pembaruan Langsung

4 jam yang lalu
El Salvador doubles down on Bitcoin, defies IMF concerns
Bullish
Kasar
4 jam yang lalu
سعر BNB يواجه انخفاضًا محتملاً بنسبة 12% وسط اتجاه هبوطي قوي
Bullish
Kasar
4 jam yang lalu
Nvidia Under Fire: DOJ and SEC Unite in Class-Action Lawsuit
Bullish
Kasar
4 jam yang lalu
XRP Price Prediction From One of The Most Popular Traders in the World
Bullish
Kasar
4 jam yang lalu
تركيا – معدل التضخم ينخفض بأقل من المتوقع
Bullish
Kasar
4 jam yang lalu
CryptoPunk NFT Sells for $56M – But Was It Just a Marketing Stunt?
Bullish
Kasar
5 jam yang lalu
暗号資産トレーダー、1.4億ドルオプション満期＝短期波乱に備える
Bullish
Kasar
5 jam yang lalu
سعر سولانا (SOL) يدخل منطقة "ممنوعة" ويشير إلى مستويات أقل من 130 دولارًا
Bullish
Kasar
5 jam yang lalu
This Is Why Toncoin (TON) May Drop By 17% in the Near Term
Bullish
Kasar
5 jam yang lalu
HBO Claims It Has Unmasked Bitcoin Creator Satoshi Nakamoto
Bullish
Kasar

Lagi

Berita Tren

Lagi

Beosin: Kontrak AurumNodePool diserang karena fungsi changeRewardPerNode tidak diverifikasi

Pembaruan Langsung

Berita Tren

Comparison of multiple safe withdrawal methods: After purchasing virtual currency, which one is best for you?

What you need to know when buying cryptocurrencies: How to buy Bitcoin and Ethereum on trading platforms

Heavy news breaks out from China and the United States! Chinese AI engineers are secretly using banned Nvidia chips

#FreePavel Gains Support as Tech Titans Musk and Buterin Rally Behind Telegram CEO Pavel Durov: Is Free Speech in Peril?

Telegram Founder Arrested in France: Does Success Have a Dark Side, Like FTX's SBF and Binance's CZ?

TA announced the suspension of the November US presidential election! Trump and Harris's chances of winning are in a "stalemate"

French Websites Under Siege After Telegram CEO Durov's Arrest Amidst France’s Weak Rebuttal to Mounting Backlash

How a Crypto Trader Make 400% Profit with Telegram's Memecoin $DOGS While Pavel Durov’s Arrest Wiped Out $2.7 Billion of Toncoin

$5M Crypto Ponzi Scheme Lands China’s Former Second Wealthiest Tycoon Yang Bin a 6-Year Jail Sentence

Russia to Use National Payment System for Crypto Swaps on 1 Sept — What You Need to Know

Beosin: Kontrak AurumNodePool diserang karena fungsi changeRewardPerNode tidak diverifikasi

Pembaruan Langsung

Berita Tren

Comparison of multiple safe withdrawal methods: After purchasing virtual currency, which one is best for you?

What you need to know when buying cryptocurrencies: How to buy Bitcoin and Ethereum on trading platforms

Heavy news breaks out from China and the United States! Chinese AI engineers are secretly using banned Nvidia chips

#FreePavel Gains Support as Tech Titans Musk and Buterin Rally Behind Telegram CEO Pavel Durov: Is Free Speech in Peril?

​​Telegram Founder Arrested in France: Does Success Have a Dark Side, Like FTX's SBF and Binance's CZ?

TA announced the suspension of the November US presidential election! Trump and Harris's chances of winning are in a "stalemate"

French Websites Under Siege After Telegram CEO Durov's Arrest Amidst France’s Weak Rebuttal to Mounting Backlash

How a Crypto Trader Make 400% Profit with Telegram's Memecoin $DOGS While Pavel Durov’s Arrest Wiped Out $2.7 Billion of Toncoin

$5M Crypto Ponzi Scheme Lands China’s Former Second Wealthiest Tycoon Yang Bin a 6-Year Jail Sentence

Russia to Use National Payment System for Crypto Swaps on 1 Sept — What You Need to Know

Telegram Founder Arrested in France: Does Success Have a Dark Side, Like FTX's SBF and Binance's CZ?