首先给出 porosity 的 GitHub 地址: here
本文也是根据这个网址进行学习。
可以使用自己写的合约,也可以在etherscan 上面找一些合约, 给出例子如下:
//vulnerable.sol
pragma solidity ^0.4.4;
contract SendBalance {
mapping ( address => uint ) userBalances;
function SendBalance(){
}
function getBalance (address u) constant returns ( uint ){
return userBalances [u];
}
function addToBalance () payable{
userBalances[msg.sender] += msg.value ;
}
function withdrawBalance (){
if (!(msg.sender.call.gas(0x1111).value (
userBalances [msg . sender])())) { throw ; }
userBalances [msg.sender ] = 0;
}
}
下载之后,在终端进入porosity/porosity/porosity目录
然后输入:make //编译
你会看到生成了porosity(exec)
a. 在porosity下创建文件夹 solidity-example (自己取得名字随意创),并将合约放在该目录下面。
b. 创建decompile.sh
#!/bin/bash
solc --abi -o output vulnerable.sol
solc --bin -o output vulnerable.sol
solc --bin-runtime -o output vulnerable.sol
abi=$(< output/SendBalance.abi)
echo "This is abi variable: "
echo $abi
bin=$(< output/SendBalance.bin)
echo ""
echo "This is bin variable: "
echo $bin
binRuntime=$(< output/SendBalance.bin-runtime)
echo ""
echo "This is binruntime variable: "
echo $binRuntime
echo ""
echo "Firstly listing functions: "
#注意路径,指向的是前面编译之后生成的porosity文件
../porosity/porosity/porosity --code $bin --abi $abi --list --verbose 0
echo "Now performing decompilation: "
../porosity/porosity/porosity --code $bin --abi $abi --decompile --verbose 0
c. 授权decompile.sh (只有第一次需要)
输入:chmod 777 decompile.sh
d.运行decompile.sh
输入:./decompile.sh
e. 结果,类似于
Porosity v0.1 (https://www.comae.io)
Matt Suiche, Comae Technologies <support@comae.io>
The Ethereum bytecode commandline decompiler.
Decompiles the given Ethereum input bytecode and outputs the Solidity code.
Attempting to parse ABI definition...
Success.
[+] Hash: 0x0A19B14A (trade) (1 references)
[+] Hash: 0x0B927666 (order) (1 references)
[+] Hash: 0x19774D43 (orderFills) (1 references)
[+] Hash: 0x278B8C0E (cancelOrder) (1 references)
[+] Hash: 0x2E1A7D4D (withdraw) (1 references)
[+] Hash: 0x338B5DEA (depositToken) (1 references)
[+] Hash: 0x46BE96C3 (amountFilled) (1 references)
[+] Hash: 0x508493BC (tokens) (1 references)
[+] Hash: 0x54D03B5C (changeFeeMake) (1 references)
[+] Hash: 0x57786394 (feeMake) (1 references)
[+] Hash: 0x5E1D7AE4 (changeFeeRebate) (1 references)
[+] Hash: 0x65E17C9D (feeAccount) (1 references)
[+] Hash: 0x6C86888B (testTrade) (1 references)
[+] Hash: 0x71FFCB16 (changeFeeAccount) (1 references)
[+] Hash: 0x731C2F81 (feeRebate) (1 references)
[+] Hash: 0x8823A9C0 (changeFeeTake) (1 references)
[+] Hash: 0x8F283970 (changeAdmin) (1 references)
[+] Hash: 0x9E281A98 (withdrawToken) (1 references)
[+] Hash: 0xBB5F4629 (orders) (1 references)
[+] Hash: 0xC281309E (feeTake) (1 references)
[+] Hash: 0xD0E30DB0 (deposit) (1 references)
[+] Hash: 0xE8F6BC2E (changeAccountLevelsAddr) (1 references)
[+] Hash: 0xF3412942 (accountLevelsAddr) (1 references)
[+] Hash: 0xF7888AEC (balanceOf) (1 references)
[+] Hash: 0xF851A440 (admin) (1 references)
[+] Hash: 0xFB6E155F (availableVolume) (1 references)