add solutions

HalbornCTF_Solidity_Ethereum/README.md

@@ -1,17 +1,7 @@
 ## Solidity EVM CTF
 
-There are 3 contracts in the `src`folder:
-- HalbornLoans.sol
-- HalbornNFT.sol
-- HalbornToken.sol
+```
+forge test -vv
+```
 
-There are several vulnerabilities that were found in live projects. 
-
-**We do not want a report that is full of low/informational issues such as missing zero address checks or floating pragmas.
-We are looking for engineers who can fully understand the purpose of these contracts and can find all critical/high issues in them.**
-
-Most Halborn engineers use Foundry for manual testing. We would really value any critical/high finding that also have a Foundry test attached as a Proof of Concept to reproduce the issue. The Foundry project was already created.
-
-https://github.com/foundry-rs/foundry
-
-**Hint**: The CTF contracts (among all) contain at least 5 different critical issues.
+The src/exploit directory contains the upgradable exploit contracts

HalbornCTF_Solidity_Ethereum/lib/forge-std/.gitattributes

@@ -0,0 +1 @@
+src/Vm.sol linguist-generated

HalbornCTF_Solidity_Ethereum/lib/forge-std/.github/workflows/ci.yml

@@ -0,0 +1,134 @@
+name: CI
+
+on:
+  workflow_dispatch:
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Install Foundry
+        uses: onbjerg/foundry-toolchain@v1
+        with:
+          version: nightly
+
+      - name: Print forge version
+        run: forge --version
+
+      # Backwards compatibility checks:
+      # - the oldest and newest version of each supported minor version
+      # - versions with specific issues
+      - name: Check compatibility with latest
+        if: always()
+        run: |
+          output=$(forge build --skip test)
+
+          if echo "$output" | grep -q "Warning"; then
+            echo "$output"
+            exit 1
+          fi
+
+      - name: Check compatibility with 0.8.0
+        if: always()
+        run: |
+          output=$(forge build --skip test --use solc:0.8.0)
+
+          if echo "$output" | grep -q "Warning"; then
+            echo "$output"
+            exit 1
+          fi
+
+      - name: Check compatibility with 0.7.6
+        if: always()
+        run: |
+          output=$(forge build --skip test --use solc:0.7.6)
+
+          if echo "$output" | grep -q "Warning"; then
+            echo "$output"
+            exit 1
+          fi
+
+      - name: Check compatibility with 0.7.0
+        if: always()
+        run: |
+          output=$(forge build --skip test --use solc:0.7.0)
+
+          if echo "$output" | grep -q "Warning"; then
+            echo "$output"
+            exit 1
+          fi
+
+      - name: Check compatibility with 0.6.12
+        if: always()
+        run: |
+          output=$(forge build --skip test --use solc:0.6.12)
+
+          if echo "$output" | grep -q "Warning"; then
+            echo "$output"
+            exit 1
+          fi
+
+      - name: Check compatibility with 0.6.2
+        if: always()
+        run: |
+          output=$(forge build --skip test --use solc:0.6.2)
+
+          if echo "$output" | grep -q "Warning"; then
+            echo "$output"
+            exit 1
+          fi
+
+      # via-ir compilation time checks.
+      - name: Measure compilation time of Test with 0.8.17 --via-ir
+        if: always()
+        run: forge build --skip test --contracts test/compilation/CompilationTest.sol --use solc:0.8.17 --via-ir
+
+      - name: Measure compilation time of TestBase with 0.8.17 --via-ir
+        if: always()
+        run: forge build --skip test --contracts test/compilation/CompilationTestBase.sol --use solc:0.8.17 --via-ir
+
+      - name: Measure compilation time of Script with 0.8.17 --via-ir
+        if: always()
+        run: forge build --skip test --contracts test/compilation/CompilationScript.sol --use solc:0.8.17 --via-ir
+
+      - name: Measure compilation time of ScriptBase with 0.8.17 --via-ir
+        if: always()
+        run: forge build --skip test --contracts test/compilation/CompilationScriptBase.sol --use solc:0.8.17 --via-ir
+
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Install Foundry
+        uses: onbjerg/foundry-toolchain@v1
+        with:
+          version: nightly
+
+      - name: Print forge version
+        run: forge --version
+
+      - name: Run tests
+        run: forge test -vvv
+
+  fmt:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Install Foundry
+        uses: onbjerg/foundry-toolchain@v1
+        with:
+          version: nightly
+
+      - name: Print forge version
+        run: forge --version
+
+      - name: Check formatting
+        run: forge fmt --check

HalbornCTF_Solidity_Ethereum/lib/forge-std/.github/workflows/sync.yml

@@ -0,0 +1,29 @@
+name: Sync Release Branch
+
+on:
+  release:
+    types:
+      - created
+
+jobs:
+  sync-release-branch:
+    runs-on: ubuntu-latest
+    if: startsWith(github.event.release.tag_name, 'v1')
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          ref: v1
+
+      - name: Configure Git
+        run: |
+          git config user.name github-actions[bot]
+          git config user.email 41898282+github-actions[bot]@users.noreply.github.com
+
+      - name: Sync Release Branch
+        run: |
+          git fetch --tags
+          git checkout v1
+          git reset --hard ${GITHUB_REF}
+          git push --force

HalbornCTF_Solidity_Ethereum/lib/forge-std/.gitignore

@@ -0,0 +1,4 @@
+cache/
+out/
+.vscode
+.idea

HalbornCTF_Solidity_Ethereum/lib/forge-std/.gitmodules

@@ -0,0 +1,3 @@
+[submodule "lib/ds-test"]
+	path = lib/ds-test
+	url = https://github.com/dapphub/ds-test