Merge branch 'SunWeb3Sec:main' into cleanup-agave-2

.github/workflows/PRAutoTest.yml

@@ -0,0 +1,32 @@
+name: PRAutoTest
+on:
+  pull_request:
+    paths:
+      - 'src/test/*_exp.sol'
+env:
+  FOUNDRY_PROFILE: ci
+jobs:
+  check:
+    strategy:
+      fail-fast: true
+    name: Foundry project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          submodules: recursive
+          fetch-depth: 0  # Required to fetch all branches
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+        with:
+          version: nightly
+      - name: Run Forge tests
+        run: |
+          shopt -s nullglob
+          changed_files=$(git diff --name-only ${{ github.base_ref }} HEAD)
+          for file in $changed_files; do
+            if [[ $file == src/test/*_exp.sol ]]; then
+              forge test --contracts "$file" -vvv
+            fi
+          done
+        id: test

CONTRIBUTING.md

@@ -0,0 +1,149 @@
+# Contributing Guidelines
+
+Thank you for your interest in contributing to our project! This guide will walk you through the process of adding a new entry to README using the provided script.
+
+## Prerequisites
+
+- Python 3.x installed on your system
+- Basic knowledge of using the command line
+- toml package installed,use `pip install toml`,this allows the script to read the networks available 
+
+## Steps to Contribute
+
+1. Clone the repository to your local machine.
+
+2. Navigate to the project directory in your terminal.
+
+3. Run the `add_new_entry.py` script by executing the following command:
+   ```
+   python add_new_entry.py
+   ```
+
+4. The script will prompt you to enter the following information:
+
+   - **File Name**: Enter the name of the Exploit POC file in the format `Example_exp.sol`.
+
+   - **Timestamp String**: 
+     - Go to the Etherscan explorer (or the equivalent explorer for the relevant chain) and locate the transaction details page for the hack or POC.
+     - Copy the timestamp from the transaction details page, without including the time zone information, without any quotes.
+     - Paste the timestamp in the format: `Mar-21-2024 02:51:33 PM`.
+
+   - **Lost Amount**: Enter the amount lost in the hack or POC.
+
+   - **Additional Details**: Provide any additional relevant details about the hack or POC.
+
+   - **Link Reference**: Enter the link to the reference material or source of information.
+
+   - Additional data: additional data will be asked to record if you want a boilerplate exploit file autogenerated also for you
+
+5. After entering all the required information, the script will automatically update the `README.md` file with the new entry and update the table of contents.
+
+6. Review the changes made to the `README.md` file to ensure the information is accurate and properly formatted.
+
+7. Commit the changes and push them to your forked repository.
+
+8. Create a pull request from your forked repository to the main repository, providing a clear description of the changes you made.
+
+9. Wait for the maintainers to review your pull request. They may provide feedback or request further changes.
+
+10. Once your pull request is approved, it will be merged into the main repository.
+
+## Important Notes
+
+- Make sure to follow the formatting guidelines and provide accurate information when adding a new entry.
+- If you encounter any issues or have questions, please open an issue on the repository or reach out to the maintainers.
+
+Thank you for your contribution to our project! Your efforts are greatly appreciated.
+
+
+## Example Guide
+
+1. **Install Dependencies**: Make sure you have Python and the required packages (`toml` and `forge-std`) installed.
+
+2. **Run the Python Script**: Execute the Python script by running `python script.py` in your terminal or command prompt.
+
+3. **Select Network**: When prompted, choose the network you want to use for the exploit. The script will display a list of available networks, and you can select one by entering the corresponding number. If the network you want is not listed, you can add a new network by providing its name and RPC URL.
+
+4. **Enter Required Information**: After selecting the network, the script will prompt you to enter the following information:
+
+   - File name (e.g., `Example_exp.sol`)
+   - Timestamp string (e.g., `Mar-21-2024 02:51:33 PM`)
+   - Lost amount
+   - Additional details
+   - Link reference
+   - Attacker's address
+   - Attack contract address
+   - Vulnerable contract address
+   - Attack transaction hash
+   - Post-mortem URL
+   - Twitter guy URL
+   - Hacking god URL
+
+5. **Create POC File**: The script will ask if you want to create a new Solidity file for the proof-of-concept (POC). If you choose "yes", it will generate a new file in the `src/test/` directory with the provided information and a template for the exploit code.
+
+6. **Update README.md**: The script will update the `README.md` file with a new entry containing the provided information.
+
+7. **Implement Exploit Code**: Open the generated Solidity file (e.g., `Example_exp.sol`) and implement the exploit code in the `//implement exploit code here` section.
+
+8. **Run the Exploit**: In your terminal or command prompt, navigate to the project directory and run the following command to test the exploit:
+
+   ```sh
+   forge test --contracts ./src/test/Example_exp.sol -vvv
+   ```
+
+   Replace `Example_exp.sol` with the actual file name of the generated Solidity file.
+
+## Example Output
+
+With the example data filled in for the `mainnet` network, the tool will add this to the readme allong with the exploit to past defi incidents,like how it already is done before:
+
+```markdown
+### 20240321 Example - Lost 100 ETH
+
+### Lost: 100 ETH
+
+```sh
+forge test --contracts ./src/test/Example_exp.sol -vvv
+```
+#### Contract
+[Example_exp.sol](src/test/Example_exp.sol)
+### Link reference
+
+https://example.com/incident-report
+
+---
+
+The generated Solidity file (`Example_exp.sol`) might look like this:
+
+```js
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity ^0.8.15;
+import "forge-std/Test.sol";
+
+// @KeyInfo - Total Lost : 100 ETH
+// Attacker : https://etherscan.io/address/0xcafebabe
+// Attack Contract : https://etherscan.io/address/attackcontractaddrhere
+// Vulnerable Contract : https://etherscan.io/address/vulcontractaddrhere
+// Attack Tx : https://etherscan.io/tx/0x123456789
+// @Info
+// Vulnerable Contract Code : https://etherscan.io/address/vulcontractaddrhere#code
+// @Analysis
+// Post-mortem : postmortemurlhere
+// Twitter Guy : twitterguyhere
+// Hacking God : hackinggodhere
+
+contract ExploitExample is Test {
+    uint256 blocknumToForkFrom = 1234567;
+
+    function setUp() public {
+        vm.createSelectFork("mainnet", blocknumToForkFrom);
+    }
+
+    function testExploit() public {
+        // Implement exploit code here
+
+        // Log balances after exploit
+        emit log_named_decimal_uint(" Attacker ETH Balance After exploit", address(this).balance, 18);
+    }
+}
+```

README.md

@@ -2,7 +2,7 @@
 
 **Reproduce DeFi hack incidents using Foundry.**
 
-372 incidents included.
+373 incidents included.
 
 Let's make Web3 secure! Join [Discord](https://discord.gg/Fjyngakf3h)
 
@@ -17,6 +17,7 @@ Notion: [101 root cause analysis of past DeFi hacked incidents](https://web3sec.
 - Follow the [instructions](https://book.getfoundry.sh/getting-started/installation.html) to install [Foundry](https://github.com/foundry-rs/foundry).
 
 - Clone and install dependencies:`git submodule update --init --recursive`
+- [Contributing Guidelines](https://github.com/SunWeb3Sec/DeFiHackLabs/blob/main/CONTRIBUTING.md)
 
 ## [Web3 Cybersecurity Academy](https://github.com/SunWeb3Sec/DeFiHackLabs/tree/main/academy)
 
@@ -33,6 +34,7 @@ All articles are also published on [Substack](https://defihacklabs.substack.com/
 - Lesson 7: Hack Analysis: Nomad Bridge, August 2022 ( [English](https://github.com/SunWeb3Sec/DeFiHackLabs/tree/main/academy/onchain_debug/07_Analysis_nomad_bridge/en/) | [中文](https://github.com/SunWeb3Sec/DeFiHackLabs/tree/main/academy/onchain_debug/07_Analysis_nomad_bridge/) )
 
 ## List of Past DeFi Incidents
+[20240321 SSS](#20240321-sss---token-balance-doubles-on-transfer-to-self)
 
 [20240314 MO](#20240314-mo---business-logic-flaw)
 
@@ -812,6 +814,22 @@ All articles are also published on [Substack](https://defihacklabs.substack.com/
 
 ### List of DeFi Hacks & POCs
 
+### 20240321 SSS - Token Balance Doubles on Transfer to self
+
+### Lost: 4.8M
+
+
+```sh
+forge test --contracts ./src/test/SSS_exp.sol -vvv
+```
+#### Contract
+[SSS_exp.sol](src/test/SSS_exp.sol)
+### Link reference
+
+https://twitter.com/dot_pengun/status/1770989208125272481
+
+---
+
 ### 20240314 MO - business logic flaw
 
 ### Lost: ~413k USDT