EthTx Community Edition

Community version of EthTx transaction decoder

Local environment

For local instance, you need few things:

Depending on your distribution, install: docker, docker-compose, python3-pip, pipenv
mongoDB - to set it up for the first time, execute this command: make populate-db. This will init db with seed provided in repository. After this, if mongo is not running you can raise it with make run-database
pipenv - to create virtual env run command pipenv install, this should create venv for this project with all python dependencies.

After this, if you want to run any command inside this env, use pipenv run or pipenv shell.

To run flask server localy, use make run-local command, this will setup new server on host 0.0.0.0 port 5000

.env file

For proper functioning, .env file is required containing all database and 3rd party providers configuration. .env.sample file is provided in repository with default values and should be good to use if nothing else was changed.

Parameters [CHAIN_ID]_NODE_URL should hold valid urls to ethereum nodes; Parameter ETHERSCAN_KEY should be equal to Etherscan API key assigned to user.

For docker container, values should be placed in .env_docker file since urls for database are differrent than normal instance

API

The EthTx APIs are provided as a community service and without warranty, so please use what you need and no more. We support GET requests.

Decode transaction

Returns decoded EthTx transaction, based on chain_id and transaction hash tx_hash
- URL
```
/api/transactions/CHAIN_ID/TX_HASH
```
- Method GET
- Authorization
  - Required: header: x-api-key=[string] OR query parameter: api_key=[string]
- URL Params
  - Required: chain_id=[string],tx_hash=[string]
- Example
```
curl --location --request GET 'http://0.0.0.0:5000/api/transactions/dsad/asd' \
--header 'x-api-key: 05a2212d-9985-48d2-b54f-0fbc5ba28766'
```
Get Raw Semantic

Returns raw semantic based on chain_id and sender/receiver address
- URL
```
/api/semantics/CHAIN_ID/ADDRESS
```
- Method GET
- Authorization
  - Required: header: x-api-key=[string] OR query parameter: api_key=[string]
- URL Params
  - Required:chain_id=[string],address=[string]
- Example
```
curl --location --request GET 'http://0.0.0.0:5000/api/semantics/dsad/asd' \
--header 'x-api-key: 05a2212d-9985-48d2-b54f-0fbc5ba28766'
```

Ethereum transaction decoder (community version).

Related tags

Overview

EthTx Community Edition

Local environment

.env file

API

Owner

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Python sandbox runners for executing code in isolation aka snekbox.

StarUML cracker - StarUML cracker With Python

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

💣 Bomb Crypto Bot 💣

Tinyman exploit finder - Tinyman exploit finder for python

A proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228)

cve-2021-21985 exploit

Zero-attacker is an multipurpose hacking tool with over 12 tools

Password database With special stuff

Burp Extensions

IDA Python Script for anti ollvm

Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

Apk Framework Detector

logmap: Log4j2 jndi injection fuzz tool

Search Shodan for Minecraft server IPs to grief

MongoDB-Injection - This challenge-script is custom-made for web-server running MongoDB which is vulnerable to No-SQL injection

Buff A simple BOF library I wrote under an hour to help me automate with BOF attack

The backend part of the simple password manager project made for the creative challenge.