Open in app

Sign in

Write

Sign in

Taylor Christian Newsome
2 min readFeb 5, 2024

ETH Zero Day

Security Vulnerability in Ethereum Smart Contract (0xb55EE890426341FE45EE6dc788D2D93d25B59063)

Introduction:
This report outlines a potential security vulnerability found in the Ethereum smart contract with the address 0xb55EE890426341FE45EE6dc788D2D93d25B59063. The vulnerability, if exploited, could allow unauthorized withdrawal of funds from the contract.

Description of the Vulnerability:

Contract Address: 0xb55EE890426341FE45EE6dc788D2D93d25B59063
Platform: Ethereum Mainnet
Issue: The contract appears to allow transactions where an individual can specify a sender address that does not match the address initiating the transaction. This can potentially be exploited to withdraw funds from accounts other than the initiator’s.
Steps to Reproduce:

Navigate to the contract on Etherscan: [Etherscan Link](https://etherscan.io/writecontract/index?m=light&v=21.10.1.1&a=0xb55EE890426341FE45EE6dc788D2D93d25B59063&n=mainnet#collapse3)
Connect a Web3 wallet.
In the contract’s “Write” section, locate the relevant function (e.g., withdraw).
Fill in the sender field with the address from which funds will be withdrawn (the target address).
Fill in the recipient field with the address to receive the withdrawn funds (the attacker’s address).
Specify the amount to be withdrawn.
Execute the transaction and pay the required gas fees.

Proof on chain: https://etherscan.io/tx/0x404ad35b650a8dace100a082df9ac5bbcfad99fd2dd346cdfdef1000b3fb62d9

Impact:

Pay the gas,
If this vulnerability is exploited, an attacker could potentially drain funds from any address that has a balance in this contract. This poses a significant risk to the funds of all users interacting with this contract.

Recommendation:
Immediate action is recommended to investigate and address this vulnerability. It may involve pausing the contract (if such functionality exists) and deploying a fixed version of the contract. Users should be notified of the risk and advised to refrain from further interactions with the contract until the issue is resolved.

Conclusion:
This report is intended to responsibly disclose a potential security vulnerability. The goal is to prevent malicious exploitation and safeguard the assets and interests of the users interacting with this contract.

[Video Proof of Concept](https://www.youtube.com/watch?v=1ugYvLJ7Sdk)

,
“estimateUsed”: “custom”,
“estimateSuggested”: “medium”,
“estimatedBaseFee”: “967256080”,
“contractMethodName”: “Remove Owner”,
“r”: “0x6ea1c1ce48acb95b4971ccd17a9a084a7242820ab5c803b46c79db44c8e5ac60”,
“s”: “0x3ce5ca6b63de789737b8423f633e8dab4b5af99d916e4238dad67fc20bca7eec”,
“v”: “0x1”,
“rawTx”: “0x02f88601078080828ce994de0b295669a9fd93d5f28d9ec85e40f4cb697bae80a4173825d90000000000000000000000005abfec25f74cd88437631a7731906932776356f9c001a06ea1c1ce48acb95b4971ccd17a9a084a7242820ab5c803b46c79db44c8e5ac60a03ce5ca6b63de789737b8423f633e8dab4b5af99d916e4238dad67fc20bca7eec”,
“hash”: “0xb1e1cf2094174ac8ce35baff1f294f3d6675521301bddfd6e4159d1d2c71e951”,
“submittedTime”: 1702891349893,
“firstRetryBlockNumber”: “0x11f0c35”,
“warning”: {
“error”: “already known”,
“message”: “There was an error when resubmitting this transaction.”
}
}
]

Twitter.com/ClumsyLulz
Taylor.ChristianNewsome@OWASP.org

Taylor Christian Newsome

Written by Taylor Christian Newsome

134 Followers

https://www.linkedin.com/in/clumsy/ https://sleepthegod.github.io

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams