Zeegaths · April 3, 2024 17:07
diff --git a/gistfile1.txt b/gistfile1.txt
 // SPDX-License-Identifier: MIT
 pragma solidity 0.8.19;

 contract VIP_Bank {
    address public manager;
    mapping(address => uint) public balances;
    mapping(address => bool) public VIP;
    uint public maxETH = 0.5 ether;

    constructor() {
        manager = msg.sender;
    }

    modifier onlyManager() {
        require(msg.sender == manager, "you are not manager");
        _;
    }

    modifier onlyVIP() {
        require(VIP[msg.sender] == true, "you are not our VIP customer");
        _;
    }

    function addVIP(address addr) public onlyManager {
        VIP[addr] = true;
    }

    function deposit() public payable onlyVIP {
        require(
            msg.value <= 0.05 ether,
            "Cannot deposit more than 0.05 ETH per transaction"
        );
        balances[msg.sender] += msg.value;
    }

    function withdraw(uint _amount) public onlyVIP {
        require(
            address(this).balance <= maxETH,
            "Cannot withdraw more than 0.5 ETH per transaction"
        );
        require(balances[msg.sender] >= _amount, "Not enough ether");
        balances[msg.sender] -= _amount;
        (bool success, ) = payable(msg.sender).call{value: _amount}("");
        require(success, "Withdraw Failed!");
    }

    function contractBalance() public view returns (uint) {
        return address(this).balance;
    }
 }

 contract Attack {
    VIP_Bank public vipBank;

    constructor(address _vipBankAddress) {
        vipBank = VIP_Bank(_vipBankAddress);
    }

    function attackDeposit() public payable {
        vipBank.deposit{value: msg.value}(); * 11
    }
 }
	// SPDX-License-Identifier: MIT
	pragma solidity 0.8.19;

	contract VIP_Bank {
	address public manager;
	mapping(address => uint) public balances;
	mapping(address => bool) public VIP;
	uint public maxETH = 0.5 ether;

	constructor() {
	manager = msg.sender;
	}

	modifier onlyManager() {
	require(msg.sender == manager, "you are not manager");
	_;
	}

	modifier onlyVIP() {
	require(VIP[msg.sender] == true, "you are not our VIP customer");
	_;
	}

	function addVIP(address addr) public onlyManager {
	VIP[addr] = true;
	}

	function deposit() public payable onlyVIP {
	require(
	msg.value <= 0.05 ether,
	"Cannot deposit more than 0.05 ETH per transaction"
	);
	balances[msg.sender] += msg.value;
	}

	function withdraw(uint _amount) public onlyVIP {
	require(
	address(this).balance <= maxETH,
	"Cannot withdraw more than 0.5 ETH per transaction"
	);
	require(balances[msg.sender] >= _amount, "Not enough ether");
	balances[msg.sender] -= _amount;
	(bool success, ) = payable(msg.sender).call{value: _amount}("");
	require(success, "Withdraw Failed!");
	}

	function contractBalance() public view returns (uint) {
	return address(this).balance;
	}
	}

	contract Attack {
	VIP_Bank public vipBank;

	constructor(address _vipBankAddress) {
	vipBank = VIP_Bank(_vipBankAddress);
	}

	function attackDeposit() public payable {
	vipBank.deposit{value: msg.value}(); * 11
	}
	}