Summary of Hacking Ethereum Smart Contracts - Damn Vulnerable Defi (Unstoppable)

00:00:00 - 00:25:00

This video demonstrates how to exploit a vulnerable Ethereum smart contract by transferring funds into it, which will update the balance before the value. The author demonstrates how to disable the flash loan function, which will prevent the contract from working.

• 00:00:00 This video takes viewers through the first challenge in the "Damn Vulnerable" d5 game, a denial of service attack on a flash loan smart contract. The attack code is available on github.
• 00:05:00 The author walks through deploying a vulnerable smart contract onto the Ethereum test network, demonstrating how to set up a metamask account and import accounts into the project. They then deploy the contract "A Damn Valuable Token" which creates tokens and mints them to the creator of the contract.
• 00:10:00 This YouTube video demonstrates how to hack Ethereum smart contracts by mistake. The first step is to import private keys and set up environment variables. Next, the deployer and user addresses are imported, and the first contract, a "damn valuable token" contract, is deployed. The contract's functions are read and executed without costing etherium, and interacting with the contract is demonstrated.
• 00:15:00 The video demonstrates how to hack Ethereum smart contracts, including how to deposit tokens into the contract and execute a flash loan.
• 00:20:00 The video demonstrates how an attacker can exploit a vulnerable smart contract to stop the flash loan from working. The attacker will need to look at the code for the "Unstoppable Lender" smart contract to find where the code might fail, and then attempt to exploit that vulnerability.
• 00:25:00 The author demonstrates how to exploit a vulnerable Ethereum smart contract by transferring funds into it. The transfer will update the balance before the value, but the pull balance will remain the same, so the author can disable the flash loan function.