EOS资料汇总

Posted by szh on 2019-11-24

EOS 是坨屎

EOS 自己的文档
一个 BLOG
一些教程

有关 EOS 的漏洞也在这里整理一下

合约漏洞
数值溢出:算术运算未进行边界检查
http://blogs.360.cn/post/eos-asset-multiplication-integer-overflow-vulnerability.html

充值假通知:合约未校验 transfer 的 to 是否为_self,攻击者自己向自己转账触发合约,使合约误认为攻击者向合约转账
https://mp.weixin.qq.com/s/8hg-Ykj0RmqQ69gWbVwsyg

假 EOS 攻击:合约在接受转账时未校验发币合约,应在 apply 方法中检查 transfer action 的 code==N(eosio.token)
https://wx.zsxq.com/dweb2/index/group/225441212851?from=mweb&type=detail
https://blog.peckshield.com/2018/11/02/eos/

随机数:随机数算法中有可控/可预测的部分
https://mp.weixin.qq.com/s/iq2Rq4fff3aH9zsxW45AnQ
https://blog.peckshield.com/2018/11/22/eos/

EOS 特性导致漏洞

hard_fail 假充值:发出 defer 转账交易,转账交易状态为 hard_fail,交易所未对状态进行校验
https://mp.weixin.qq.com/s/fKINfZLW65LYaD4qO-21nA

假帐号:A 注册账号 a 未得到确认,A 利用账号 a 向交易所获取 EOS,B 抢注账号 a
https://mp.weixin.qq.com/s/d6CRzor2cUT4EsWKK8oZUQ

回滚攻击:
手法 1:在事务中探测执行结果(如收款金额、账号余额、表记录、随机数计算结果等),当结果满足一定条件时调用 eosio_assert ,使得当前事务失败回滚
https://blog.peckshield.com/2018/11/22/eos/
手法 2:利用超级节点黑名单账号发起事务,欺骗普通节点做出响应,但此事务不会被打包。
https://mp.weixin.qq.com/s/WyZ4j3O68qfN5IOvjx3MOg

交易排挤攻击(拥塞+随机数):攻击者首先使用账号 A 发起正常的转账交易,然后使用另一个合约帐号检测中奖行为。如果不中奖,则发起大量的 defer 交易,将项目方的开奖交易“挤”到下一个区块中,此次攻击源于项目方的随机数算法使用了时间种子,使攻击者提升了中奖几率,导致攻击成功。
https://mp.weixin.qq.com/s/1-SvoY-kNhH2YllNZdKyOA https://blog.peckshield.com/2019/01/15/eos_CVE-2019-6199/

拥塞+随机数攻击 2
this attacker rented large amounts of CPU from REX. Then, she created thousands of transactions to increase the price of CPU. As a result, most transactions signed by others were blocked because of lacks of CPU resource. Because of that, the EOSPlay’s random number generator was hacked resulting of about 30,000 EOS financial loss.
https://blog.peckshield.com/2019/09/16/EOSPlay/

P2P Sybil Attack 利用多个 nodeos 节点占满超级节点 P2P 服务最大连接
https://github.com/slowmist/papers/blob/master/EOSIO-P2P-Sybil-Attack/zh.md
EOS 实现

EOS Node Remote Code Execution Vulnerability — EOS WASM Contract Function Table Array Out of Bounds
http://blogs.360.cn/post/eos-node-remote-code-execution-vulnerability.html

其他
https://mp.weixin.qq.com/s?__biz=MzU1NDc3NDI5MQ==&mid=2247484619&idx=1&sn=1b3c2817487b52e5c68c06fbade72bb8&chksm=fbdf3eb7cca8b7a17daefa6ca01700a2df9afc0c0b697693f93d8194d4c6077b0ba0ab1b0a45&scene=0&xtrack=1#rd
All roads lead to Rome: Many ways to double spend your cryptocurrency
https://arxiv.org/pdf/1811.06751.pdf

https://blog.csdn.net/ITleaks/article/details/84839563
https://www.jianshu.com/p/825cbee0f81c
https://mp.weixin.qq.com/s?__biz=MzA4MDY1NjYyMQ==&mid=2247484308&idx=1&sn=bd2af667501eec4da1c758f6b05d3a0f&chksm=9fa1a216a8d62b005f18204970120f89cdb418b0612646545154944dc37741bb390d1a54807e&scene=21#wechat_redirect