- 博客(38)
- 资源 (65)
- 收藏
- 关注
RSS订阅
原创 DogeKing合约,分红DOGE,SHIB
现在我来分析一下这个DodeKing的源码。主要两个合约BABYTOKEN,BABYTOKENDividendTrackerBABYTOKEN我们来分析下它的构造函数 name_ 合约代币名称,symbol_合约代币符号,totalSupply_合约代币总量,addrs数组存放四个地址,地址1:要奖励的代币合约地址,地址2:swap路由,地址3:market钱包,地址4:分发分红合约地址,feeSettings数组存放3个参数,参数1:分红比,
2022-02-14 16:16:12
3508
18
原创 区块链+公链+区块浏览器+钱包APP
钱包APP先看截图区块浏览器浏览器地址http://120.53.106.253/#/EOS公链搭建一 .准备1. eosio账户公钥写死在代码中, 在代码根目录 CMakeList.txt里面,找到 EOSIO_ROOT_KEY,改为自己创建的公钥。并把新的密钥对 要在 config.ini文件中保存,见文件中 “signature-provider = 。。。”。 2.编译,安装,参加本人另一篇EOS编译文章...
2020-12-31 15:53:54
7124
1
原创 Bypass Contract Size Check
VulnerabilityIf an address is a contract then the size of code stored at the address will be greater than 0 right?Let's see how we can create a contract with code size returned byextcodesizeequal to 0.// SPDX-License-Identifier: MITpragma solidit..
2022-02-12 11:45:00
297
原创 Signature Replay
Signing messages off-chain and having a contract that requires that signature before executing a function is a useful technique.For example this technique is used to:reduce number of transaction on chain gas-less transaction, calledmeta transactionV.
2022-02-12 00:15:00
330
原创 Block Timestamp Manipulation
Vulnerabilityblock.timestampcan be manipulated by miners with the following constraintsit cannot be stamped with an earlier time than its parent it cannot be too far in the future// SPDX-License-Identifier: MITpragma solidity ^0.8.10;/*Roulette.
2022-02-11 20:15:00
512
原创 Honeypot
A honeypot is a trap to catch hackers.VulnerabilityCombining two exploits, reentrancy and hiding malicious code, we can build a contractthat will catch malicious users.// SPDX-License-Identifier: MITpragma solidity ^0.8.10;/*Bank is a contract
2022-02-11 16:45:00
1484
原创 Front Running
VulnerabilityTransactions take some time before they are mined. An attacker can watch the transaction pool and send a transaction, have it included in a block before the original transaction. This mechanism can be abused to re-order transactions to the a
2022-02-11 10:15:00
336
原创 Hiding Malicious Code with External Contract
VulnerabilityIn Solidity any address can be casted into specific contract, even if the contract at the address is not the one being casted.This can be exploited to hide malicious code. Let's see how.// SPDX-License-Identifier: MITpragma solidity ^0
2022-02-11 00:15:00
232
原创 Phishing with tx.origin
What's the difference betweenmsg.senderandtx.origin?If contract A calls B, and B calls C, in Cmsg.senderis B andtx.originis A.VulnerabilityA malicious contract can deceive the owner of a contract into calling a function that only the owner sho...
2022-02-10 11:15:00
188
原创 Denial of Service
VulnerabilityThere are many ways to attack a smart contract to make it unusable.One exploit we introduce here is denial of service by making the function to send Ether fail.// SPDX-License-Identifier: MITpragma solidity ^0.8.10;/*The goal of Kin
2022-02-10 00:30:00
265
原创 Source of Randomness
Vulnerabilityblockhashandblock.timestampare not reliable sources for randomness.// SPDX-License-Identifier: MITpragma solidity ^0.8.10;/*NOTE: cannot use blockhash in Remix so use ganache-clinpm i -g ganache-cliganache-cliIn remix switch en...
2022-02-09 14:45:00
192
原创 Delegatecall
Vulnerabilitydelegatecallis tricky to use and wrong usage or incorrect understanding can lead to devastating results.You must keep 2 things in mind when usingdelegatecalldelegatecallpreserves context (storage, caller, etc...) storage layout must ...
2022-02-09 12:00:00
425
原创 Self Destruct
Contracts can be deleted from the blockchain by callingselfdestruct.selfdestructsends all remaining Ether stored in the contract to a designated address.VulnerabilityA malicious contract can useselfdestructto force sending Ether to any contract....
2022-02-09 10:00:00
463
1
原创 Arithmetic Overflow and Underflow
VulnerabilitySolidity < 0.8Integers in Solidity overflow / underflow without any errorsSolidity >= 0.8Default behaviour of Solidity 0.8 for overflow / underflow is to throw an error.// SPDX-License-Identifier: MITpragma solidity ^0.7.6;
2022-02-08 19:00:00
426
原创 Accessing Private Data
VulnerabilityAll data on a smart contract can be read.Let's see how we can readprivatedata. In the process you will learn how Solidity stores state variables.// SPDX-License-Identifier: MITpragma solidity ^0.8.10;/*Note: cannot use web3 on JVM..
2022-02-08 15:02:04
293
原创 去中心化交易系统开发
准备Uniswap合约源码https://download.youkuaiyun.com/download/yanning1314/12890659核心合约周边合约前端代码在Uniswap的核心代码中,主要包含3个合约:工厂合约,配对合约,ERC20合约.其中配对合约继承了ERC20合约,我们可以把它们看作一个合约.工厂合约通过create2方法部署配对合约,所以在部署合约时只需要部署工厂合约.周边合约中包括一些示例代码,例如价格预言机,闪电交换,其中最重要的是路由合约.在周边合约的代码库中,包含两个路由合
2020-09-29 08:45:38
1945
1
原创 Map与List的遍历速度比较
Map<String, Object> map = new HashMap<String, Object>(); List<String> list = new ArrayList<>(); for (int i = 0; i < 9999999; i++) { map.put(String.valueOf(i...
2018-12-27 15:00:33
11009
1
原创 JDK8 日期转换工具
package com.common.util;import java.time.Instant;import java.time.LocalDate;import java.time.LocalDateTime;import java.time.LocalTime;import java.time.Period;import java.time.ZoneId;import ja...
2018-11-21 18:01:05
1270
原创 jmmert聚合测试报告
springboot项目测试,单机测试服务器配置聚合测试报告聚合报告:Aggregate ReportLabel:请求名,request。#Samples:发出请求数量。模拟用户Average:平均响应时间(单位:)。默认是单个Request的平均响应时间。Median:50%用户的响应时间。90%Line:90%用户的响应时间。95%Line:95%用...
2018-11-21 17:56:24
304
原创 mybatis中特殊SQL的几种配置方法
1.in条件for循环 select booking_no, max(booking_general_seq) max_seq from interface_booking_t where booking_no in #{item} group by booking_no 2.insert并且返回主键 SELECT MLISP_DOC
2016-04-29 09:37:40
2393
原创 java 定时器
public static void executeTask(){ Timer timer = new Timer(); Calendar calendar = Calendar.getInstance(); int year = calendar.get(Calendar.YEAR); int month = calendar.get(Calendar.MONTH); int
2014-09-09 16:48:19
486
原创 java下载excel
public void doExport_asRunLog(){ try { String date = getParameter("date");// JSONArray ja = as.getAsRunLogByDateList(date);// String[] title = {"actual_on_air_date","hard_start_flag","actua
2014-05-19 10:06:56
8792
原创 一个公用的dao类和util
daoimport java.io.Serializable;import java.lang.reflect.Field;import java.sql.CallableStatement;import java.sql.Connection;import java.sql.PreparedStatement;import java.sql.ResultSet;import java
2014-05-05 14:16:33
1788
原创 一个公用的struts2基础action类
import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.apache.struts2.interceptor.ServletRequestAware;import o
2014-05-05 14:15:58
666
原创 java上传文件
package com.yanning.action;import java.io.File;import java.io.FileInputStream;import java.io.FileOutputStream;import java.io.InputStream;import java.io.OutputStream;public class Test { public
2014-03-31 16:18:22
882
原创 java 其他文件转成pdf java生成pdf
java生成pdf需要用到的包pd4ml.jar下载地址:http://download.youkuaiyun.com/detail/yanning1314/7124741package com.cular.util;import java.awt.Dimension;import java.awt.Insets;import java.io.ByteArrayOutputStream;im
2014-03-31 15:03:08
20898
3
转载 日期处理bean
import java.text.ParsePosition;import java.text.SimpleDateFormat;import java.util.Calendar;import java.util.Date;import java.util.GregorianCalendar;import java.util.regex.Pattern;import
2013-07-11 17:33:46
715
原创 java修改读取properties配置文件中的内容
java修改properties配置文件中的内容 /** * 修改properties配置文件中data_time的值 * @param bigtime 开始时间 * @param endtime 结束时间 * @throws IOException */ public static void getProperties(String bigtime,String e
2013-03-07 16:28:25
3387
原创 java对日期时间的增减
import java.text.ParseException;import java.text.SimpleDateFormat;import java.util.Calendar;import java.util.Date;public class Util { static SimpleDateFormat sdf = new SimpleDateFormat("YYYY-mm-
2013-01-25 13:57:19
5804
原创 java代码模拟页面上传文件至服务器(支持https上传)
先下载httpclient.jar,包括code.jar。下载地址:http://download.youkuaiyun.com/detail/yanning1314/4853021https上传需要下载 commons-io-2.2.jar 下载地址:http://download.youkuaiyun.com/detail/yanning1314/4856933import java.io
2012-12-06 14:05:44
1474
原创 java多个pdf合成一个pdf
先下载pdfbox-app-1.7.1.jar包。下载地址:http://download.youkuaiyun.com/detail/yanning1314/4852276import java.io.File;import java.io.IOException;import org.apache.pdfbox.util.PDFMergerUtility;public class t
2012-12-06 10:18:28
16049
3
原创 读取写入文件内容
读取文件内容private String getEmailBody(String lang, String mobile, String refnumber){ ClassLoader cl; String str = ""; InputStream is = null; BufferedReade
2012-12-05 17:54:18
743
原创 java jdom解析和创建xml
先下载jdom.jar包 http://download.youkuaiyun.com/detail/yanning1314/4850186创建xml保存到本地import java.io.FileOutputStream; import java.io.IOException; import java.util.ArrayList;import java.util.List
2012-12-05 17:25:51
738
原创 java连接数据库
配置文件 DBManager.properties#sql server 2000数据库连接driverName=com.microsoft.jdbc.sqlserver.SQLServerDriverdbURL=jdbc\:microsoft\:sqlserver\://10.10.10.80\:1433; DatabaseName\=IST;SelectMethod\=Curs
2012-12-05 17:13:34
677
一个简单的struts2+spring+hibernate实例
2011-03-30
struts2+spring+hibernate实例
2011-03-30
ext3.2中文文档 ext3.2中文文档 ext3.2中文文档
2011-03-30
jquery仿物品栏拖拽
2013-08-20
java配置文件动态配置excel导出动态数据并发送email
2013-04-09
Extjs4 tree report
2014-06-09
空空如也
TA创建的收藏夹 TA关注的收藏夹
TA关注的人