teether/list_exploit_all.py at master · Rotaba/teether · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
import sys
# import consecutive_call_exploit
import combined_call_exploit
import time
# base_name = "_R.contract.code"
base_dir = "../../teETHER_eval/cfg/"

# with open('filename') as f:
#     lines = f.readlines()
md5sums = [line.rstrip('\n') for line in open((sys.argv[1]))]

for numb in md5sums:

    cont_map = '../../teETHER_eval/contract_mapping'
    cfg_dir = '../../teETHER_eval/cfg/'
    # read the mapping file

    proj_path = cfg_dir + numb + '.project.json'
    # # if md5_path.endswith('.json'):
    # with open(md5_path, 'rb') as f:
    #     jd = json.load(f)
    # print ('sucsessful JSON import! md5_path %s' % md5_path)
    # return Project.from_json(jd)

    #md5 to addr
    import csv
    # from ethanalyze.project import Project
    with open(cont_map, 'rb') as csvfile:
        contreader = csv.reader(csvfile, delimiter=' ', quotechar='|')
        for row in contreader:
            if (row[0] == numb):
                addr = row[1][2:]
                # if md5_path.endswith('.json'):
                # with open(md5_path, 'rb') as f:
                #     jd = json.load(f)
                print ('sucsessful addr found %s' % addr)
                # break
    #     print "didn't find the md5 in mapping"
    # print "ERROR; couldn't do md5ToAddr"

    if proj_path != None:
        # addr = combined_call_exploit.addr_to_project(numb)
        # sys.argv[1:] = arg.split()
        reload(combined_call_exploit)
        # Wait for seconds
        # time.sleep(2)
        # queried_addr = base_dir + addr
        # print("\n================Run exploit on %s\n" % hex(base_addr))
        # print("\n ----------[ %s ]-----------" % hex(queried_addr)[:-1])
        # do_RPC 0x3cc7c038f7eea1b70014b788b821d675b13b8760 +1
        combined_call_exploit.main(str(proj_path), ('0x3cc7c038f7eea1b70014b788b821d675b13b8760'), '+1')

# elif(True):
#     base_name = "_R.contract.code"
#     base_dir = "../teether-test-01-call-JSON/"
#     for numb in range(int(sys.argv[1]), int(sys.argv[2]) + 1):
#         # sys.argv[1:] = arg.split()
#         reload(combined_call_exploit)
#         # Wait for seconds
#         # time.sleep(2)
#         queried_addr = base_dir + hex(numb)[-1].upper()+ base_name
#         # print("\n================Run exploit on %s\n" % hex(base_addr))
#         # print("\n ----------[ %s ]-----------" % hex(queried_addr)[:-1])
#         # do_RPC 0x3cc7c038f7eea1b70014b788b821d675b13b8760 +1
#         combined_call_exploit.main(str(queried_addr), ('0x3cc7c038f7eea1b70014b788b821d675b13b8760'), '+1')
#
# else:
#     base_name = "_R.contract.code" #.project.json"
#     # base_explopit = "_R.contract.code.exploit.json"
#     base_dir = "../teether-test-01-call-JSON/"
#
#     for numb in range(int(sys.argv[1]), int(sys.argv[2]) + 1):
#     # sys.argv[1:] = arg.split()
#         reload(replay_exploit)
#         queried_project = base_dir + hex(numb)[-1].upper() + base_name
#         replay_exploit_neu.__main__(str(queried_project + ".project.json"), str(queried_project + ".exploit.json"),
#                                 ('0x3cc7c038f7eea1b70014b788b821d675b13b8760'), '+1')

    # Wait for 2 seconds
    # time.sleep(5)

    # print("================Finished running on %s\n" % base_addr)