Skip to content

Latest commit

 

History

History
38 lines (24 loc) · 2.54 KB

README.md

File metadata and controls

38 lines (24 loc) · 2.54 KB

Ethereum-Solidity-Reverse

Writing challenges and reversing solidity smart contracts for learning.

What is this ?

A practice arena for Solidity byte-code reverse engineering. I started this to learn Solidity because I believe programming solidity code and then looking at it's assembly is the best way to get acquainted with it. Here, are few challenges along with the source code. This is not a Solidity project or Production code.

What are the Goals of the Challenges?

It's same as Capture the Flag, where you need to reverse and get a flag string denoted by FLAG{..} or otherwise mentioned in the challenge.

How to Proceed Now ?

Click on directories with name of challenges, Inside any directory, there would be a README.md containing question, possibly a bytecode and possibly abi file. That's all is initially needed to kick off disassembling or decompilation. If stuck (please take this as last resort), then you can open the Source-Code and peek through it and Test it yourself. Mostly, the source code would be enough as a spoiler to the challenge but in near future I will try to level up challenges, so direct flags are not present.

How can I validate flag ?

I reiterate again that this repo I created for just learning myself but thought sharing to others. There is no flag validation system, for few challenges flag are self-explanatory, for others you can peek source code and figure out and the rest one's I will be planning to create a Solution directory within challenge-* folder.

What do I need in order to start ?

https://remix.ethereum.org

https://etherscan.io/opcode-tool

http://solidity.readthedocs.io/en/develop/installing-solidity.html

https://ethereumbuilders.gitbooks.io/guide/content/en/solidity_tutorials.html

https://github.com/comaeio/porosity

https://github.com/b-mueller/mythril

https://fravoll.github.io/solidity-patterns/

Are Challenges given number(s) based on difficulty ?

Not necessarily. I am learning solidity programming and also figuring out ways to make challenges interesting. But, you can start with any of the ones you want. At the end of the day, we are all here to learn.

Anything else I need to know ?

Most codes are intentionally vulnerable, hence I (and you too) can reverse it and figure out secrets (i.e Flag). You can try the challenge source-code on browser based IDE's like remix.ethereum.org.

Is that it ?

The Repository is UNDER CONSTRUCTION , I will time to time add stuff as I learn and I look forward for other challenges from you folks so I & rest all folks can learn too about this subject.