Finds matching solidity function signatures for a given 4 byte signature hash and arguments.

Related tags

Security tools power-clash
Overview

Power Clash

Finds matching solidity function signatures for a given 4 byte signature hash and arguments. Useful for finding collisions or 0x00000000 gas saving methods (though there are better techniques for saving gas on calldata)

Build

cargo build

then ./power-clash -h

or docker build . -t power-clash

then docker run --rm power-clash -h

Usage

Example:

$ docker run --rm power-clash -a address,address,bytes -s fa461e33 -p Test
Attempting to find Test*****(address,address,bytes) match for 0xfa461e33 in 19770609664 max permutations
FOUND match in 53.342570899s
TestBrMSja(address,address,bytes) should match 0xfa461e33

USAGE:
    power-clash [OPTIONS] --arg-signature 
   
     --prefix 
    
     

OPTIONS:
    -a, --arg-signature 
     
      
            Arguments string from the target function signature. Ex: addres,address,bytes

    -c, --char-set 
      
       
            Character set to use for random string [default:
            abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ]

    -h, --help
            Print help information

    -p, --prefix 
       
         Method name prefix before random string. Ex: LolSwap (for computed LolSwapAd75(address,address,bytes)) -r, --rnd-len 
        
          Length of random string [default: 6] -s, --sighash 
         
           Target 4 byte signature hash. Ex: fa461e33 [default: 00000000] -V, --version Print version information
You might also like...
Rust library for building and running BPF/eBPF modules

RedBPF A Rust eBPF toolchain. Overview The redbpf project is a collection of tools and libraries to build eBPF programs using Rust. It includes: redbp

foniod 1.5k Jan 1, 2023
telemetry aggregation and shipping, last up the ladder
telemetry aggregation and shipping, last up the ladder

cernan - telemetry aggregation and shipping, last up the ladder Cernan is a telemetry and logging aggregation server. It exposes multiple interfaces f

Postmates Inc. 311 Nov 21, 2022
Automated attack surface mapper and vulnerability scanner

Phaser Automated attack surface mapper and vulnerability scanner What is this? Phaser is a high-performance and automated attack surface mapper and vu

Sylvain Kerkour 74 Dec 16, 2022
unfuck is a utility and library for deobfuscating obfuscated Python 2.7 bytecode
unfuck is a utility and library for deobfuscating obfuscated Python 2.7 bytecode

unfuck is a utility and library for deobfuscating obfuscated Python 2.7 bytecode. It is essentially a reimplementation of the Python VM with taint tracking.

Lander Brandt 171 Dec 14, 2022
A rust program to bruteforce ZIP, PDF and some popular hashes.

Veldora A program to bruteforce zips, pdfs and some popular hashes. This is basically a rust version of bruttle, but a lot faster. Installation: git c

Aquib 30 Dec 28, 2022
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed OpenSK as a Tock OS application. We intend to bring a ful

Google 2.4k Jan 7, 2023
Secure and fast microVMs for serverless computing.
Secure and fast microVMs for serverless computing.

Our mission is to enable secure, multi-tenant, minimal-overhead execution of container and function workloads. Read more about the Firecracker Charter

firecracker-microvm 20.3k Jan 1, 2023
Detects usage of unsafe Rust in a Rust crate and its dependencies.
Detects usage of unsafe Rust in a Rust crate and its dependencies.

cargo-geiger ☢️ Looking for maintainer: https://github.com/rust-secure-code/cargo-geiger/issues/210 A program that lists statistics related to the usa

Rust Secure Code Working Group 1.1k Jan 4, 2023
Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...

LibAFL, the fuzzer library. Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust. LibAFL is written and main

Advanced Fuzzing League ++ 1.2k Jan 6, 2023
Comments
  • add option to try to match specific selector with some unknown args

    add option to try to match specific selector with some unknown args

    Hi! This looks really awesome, I was wondering if I could ask for an additional feature.

    Let's say I have a selector I see be used on-chain. I have some ideas what the name is, and I can figure out at least some of the args from the calldata around it. I'd like to be able to suggest a prefix, give the args I do know about, also pass in the selector I'm trying to match against, and try to brute force based on what additional arguments could be in it.

    Would it be hard to add something like this? I don't know much Rust, if you know what it would take, maybe I could PR (probably not) or find someone who can.

    opened by wschwab 1
Owner
null
GitHub
A new shellcode injection technique. Given as C++ header, standalone Rust program or library.

FunctionStomping Description This is a brand-new technique for shellcode injection to evade AVs and EDRs. This technique is inspired by Module Stompin

Ido Veltzman 608 Jan 4, 2023
Kepler is a vulnerability database and lookup store and API currently utilising National Vulnerability Database and NPM Advisories as data sources

Kepler — Kepler is a vulnerability database and lookup store and API currently utilising National Vulnerability Database and NPM Advisories as data so

Exein.io 101 Nov 12, 2022
Steals browser passwords and cookies and sends to webhook.

Browser-Stealer Steals browser passwords and cookies and sends to webhook. Donating Educational Purposes Only This code is made so you can learn from

RadonCoding 3 Sep 27, 2021
Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode

Xori - Custom disassembly framework Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and pro

ENDGAME 712 Nov 28, 2022
🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️

Recon Find, locate, and query files for ops and security experts Key Features • How To Use • Download • Contributing • License Key Features Query with

Rusty Ferris Club 11 Dec 16, 2022
Semi-automatic OSINT framework and package manager

sn0int sn0int (pronounced /snoɪnt/) is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunter

null 1.4k Dec 31, 2022
A Comprehensive Web Fuzzer and Content Discovery Tool

rustbuster A Comprehensive Web Fuzzer and Content Discovery Tool Introduction Check the blog post: Introducing Rustbuster — A Comprehensive Web Fuzzer

Francesco Soncina 467 Dec 26, 2022
A simple menu to keep all your most used one-liners and scripts in one place

Dama Desktop Agnostic Menu Aggregate This program aims to be a hackable, easy to use menu that can be paired to lightweight window managers in order t

null 47 Jul 23, 2022
link is a command and control framework written in rust

link link is a command and control framework written in rust. Currently in alpha. Table of Contents Introduction Features Feedback Build Process Ackno

null 427 Dec 24, 2022
A simple scanner that loops through ips and checks if a minecraft server is running on port 25565

scanolotl Scanolotl is a simple scanner that loops through ips and checks if a minecraft server is running on port 25565. Scanolotl can also preform a

JustFr33z 3 Jul 28, 2022