ThorChain Chaosnet Exploit: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
(Created page with "{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/thorchainchaosnetexploit.php}} thumb|ThorChainThorChain is a new form of decentralized exchange. The ThorChain funds were stored in smart contract hot wallets, a small portion of which had recently been upgraded. The new contract unfortunately had a mistake which allowed the hacker to override the contract and steal funds from multiple protocols. This is a global/internatio...")
 
No edit summary
Line 1: Line 1:
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/thorchainchaosnetexploit.php}}
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/thorchainchaosnetexploit.php}}
{{Unattributed Sources}}


[[File:Thorchain.jpg|thumb|ThorChain]]ThorChain is a new form of decentralized exchange. The ThorChain funds were stored in smart contract hot wallets, a small portion of which had recently been upgraded. The new contract unfortunately had a mistake which allowed the hacker to override the contract and steal funds from multiple protocols.
[[File:Thorchain.jpg|thumb|ThorChain]]ThorChain is a new form of decentralized exchange. The ThorChain funds were stored in smart contract hot wallets, a small portion of which had recently been upgraded. The new contract unfortunately had a mistake which allowed the hacker to override the contract and steal funds from multiple protocols.


This is a global/international case not involving a specific country.
This is a global/international case not involving a specific country.
<ref name="thearchitect-2549" /><ref name="thearchitect-2550" /><ref name="slowmisthacked-678" /><ref name="rektnews-2551" /><ref name="etherscan-2552" /><ref name="etherscan-2553" /><ref name="etherscan-2554" /><ref name="gitlab-2555" /><ref name="cointelegraph-2556" /><ref name="thorchaintwitter-2557" /><ref name="thorchaintwitter-2558" /><ref name="chrisblectwitter-2559" /><ref name="reddit-2560" /><ref name="decrypt-2561" /><ref name="thorchaintwitter-2562" /><ref name="linkedin-2563" /><ref name="bscdotnews-2564" /><ref name="newsdotbitcoin-2565" /><ref name="bscdotnews-2566" /><ref name="thorchainmedium-2671" /><ref name="gitlab-2672" /><ref name="youtube-5674" />


== About ThorChain ==
== About ThorChain ==
Line 114: Line 116:


== References ==
== References ==
[https://thearchitect.notion.site/THORChain-Incident-07-15-7d205f91924e44a5b6499b6df5f6c210 Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.] (Jul 14)
<references><ref name="thearchitect-2549">[https://thearchitect.notion.site/THORChain-Incident-07-15-7d205f91924e44a5b6499b6df5f6c210 Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.] (Jul 15, 2021)</ref>


[https://thearchitect.notion.site/15b488c1a1494c92aa408c90c6c23863?v=364e87ba6f4f40729543786788ceeaa8 Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.] (Jul 14)
<ref name="thearchitect-2550">[https://thearchitect.notion.site/15b488c1a1494c92aa408c90c6c23863?v=364e87ba6f4f40729543786788ceeaa8 Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.] (Jul 15, 2021)</ref>


[https://hacked.slowmist.io/en/?c=ETH%20DApp SlowMist Hacked - SlowMist Zone] (May 17)
<ref name="slowmisthacked-678">[https://hacked.slowmist.io/en/?c=ETH%20DApp SlowMist Hacked - SlowMist Zone] (May 18, 2021)</ref>


[https://www.rekt.news/thorchain-rekt/ Rekt - THORChain - REKT] (Jul 29)
<ref name="rektnews-2551">[https://www.rekt.news/thorchain-rekt/ Rekt - THORChain - REKT] (Jul 30, 2021)</ref>


[https://etherscan.io/address/0x3a196410a0f5facd08fd7880a4b8551cd085c031 Address 0x3a196410a0f5facd08fd7880a4b8551cd085c031 | Etherscan] (Aug 15)
<ref name="etherscan-2552">[https://etherscan.io/address/0x3a196410a0f5facd08fd7880a4b8551cd085c031 Address 0x3a196410a0f5facd08fd7880a4b8551cd085c031 | Etherscan] (Aug 16, 2021)</ref>


[https://etherscan.io/address/0x4a33862042d004d3fc45e284e1aafa05b48e3c9c THORChain Exploiter - Contract | 0x4a33862042d004d3fc45e284e1aafa05b48e3c9c] (Aug 15)
<ref name="etherscan-2553">[https://etherscan.io/address/0x4a33862042d004d3fc45e284e1aafa05b48e3c9c THORChain Exploiter - Contract | 0x4a33862042d004d3fc45e284e1aafa05b48e3c9c] (Aug 16, 2021)</ref>


[https://etherscan.io/address/0x4b713980d60b4994e0aa298a66805ec0d35ebc5a Address 0x4b713980d60b4994e0aa298a66805ec0d35ebc5a | Etherscan] (Aug 15)
<ref name="etherscan-2554">[https://etherscan.io/address/0x4b713980d60b4994e0aa298a66805ec0d35ebc5a Address 0x4b713980d60b4994e0aa298a66805ec0d35ebc5a | Etherscan] (Aug 16, 2021)</ref>


[https://gitlab.com/thorchain/thornode/-/blob/develop/bifrost/pkg/chainclients/ethereum/ethereum_block_scanner.go#L921 bifrost/pkg/chainclients/ethereum/ethereum_block_scanner.go · develop · THORChain / THORNode · GitLab] (Aug 15)
<ref name="gitlab-2555">[https://gitlab.com/thorchain/thornode/-/blob/develop/bifrost/pkg/chainclients/ethereum/ethereum_block_scanner.go#L921 bifrost/pkg/chainclients/ethereum/ethereum_block_scanner.go · develop · THORChain / THORNode · GitLab] (Aug 16, 2021)</ref>


[https://cointelegraph.com/news/thorchain-loses-7-6m-in-chaosnet-exploit-offers-hacker-a-bounty-to-return-funds THORChain loses up to $7.6M in ‘Chaosnet’ exploit, offers hacker a bounty to return funds] (Aug 15)
<ref name="cointelegraph-2556">[https://cointelegraph.com/news/thorchain-loses-7-6m-in-chaosnet-exploit-offers-hacker-a-bounty-to-return-funds THORChain loses up to $7.6M in ‘Chaosnet’ exploit, offers hacker a bounty to return funds] (Aug 16, 2021)</ref>


[https://twitter.com/THORChain/status/1415813696857591813 @THORChain Twitter] (Aug 15)
<ref name="thorchaintwitter-2557">[https://twitter.com/THORChain/status/1415813696857591813 @THORChain Twitter] (Aug 16, 2021)</ref>


[https://twitter.com/THORChain/status/1415846494767251457 @THORChain Twitter] (Aug 15)
<ref name="thorchaintwitter-2558">[https://twitter.com/THORChain/status/1415846494767251457 @THORChain Twitter] (Aug 16, 2021)</ref>


[https://twitter.com/ChrisBlec/status/1415766783454240768 @ChrisBlec Twitter] (Aug 15)
<ref name="chrisblectwitter-2559">[https://twitter.com/ChrisBlec/status/1415766783454240768 @ChrisBlec Twitter] (Aug 16, 2021)</ref>


[https://www.reddit.com/r/CryptoCurrency/comments/owks4h/thorchain_was_hacked_twice_last_month_once_on/ Thorchain was hacked TWICE last month. Once on July 15th for 7 million dollars, and the other time on July 22nd for 8 million dollars. You would think that would cause a dump, right? Nope, this is crypto, fundamentals don't matter! It's up over] (Aug 15)
<ref name="reddit-2560">[https://www.reddit.com/r/CryptoCurrency/comments/owks4h/thorchain_was_hacked_twice_last_month_once_on/ Thorchain was hacked TWICE last month. Once on July 15th for 7 million dollars, and the other time on July 22nd for 8 million dollars. You would think that would cause a dump, right? Nope, this is crypto, fundamentals don't matter! It's up over] (Aug 16, 2021)</ref>


[https://decrypt.co/76117/thorchains-rune-token-slides-following-multi-million-exploit Thorchain’s RUNE Token Slides 15% Following Multi-Million Dollar Exploit - Decrypt] (Aug 15)
<ref name="decrypt-2561">[https://decrypt.co/76117/thorchains-rune-token-slides-following-multi-million-exploit Thorchain’s RUNE Token Slides 15% Following Multi-Million Dollar Exploit - Decrypt] (Aug 16, 2021)</ref>


[https://twitter.com/THORChain/status/1415899792648019970 @THORChain Twitter] (Aug 15)
<ref name="thorchaintwitter-2562">[https://twitter.com/THORChain/status/1415899792648019970 @THORChain Twitter] (Aug 16, 2021)</ref>


[https://www.linkedin.com/pulse/thorchain-suffers-78-million-dollar-attack-how-14-billion-rob-mowry THORChain Suffers a $7.8 million Dollar Attack. How a $1.4 billion Blockchain Behemoth Steadies the Ship.] (Aug 15)
<ref name="linkedin-2563">[https://www.linkedin.com/pulse/thorchain-suffers-78-million-dollar-attack-how-14-billion-rob-mowry THORChain Suffers a $7.8 million Dollar Attack. How a $1.4 billion Blockchain Behemoth Steadies the Ship.] (Aug 16, 2021)</ref>


[https://www.bsc.news/post/thorchains-chaosnet-initially-reports-a-25-million-hack-but-revised-it-to-4-9-million-upon-investigation ThorChain’s "Chaosnet" Initially Reports a $25 Million Hack but Revised it to $4.9 Million Upon Investigation] (Aug 15)
<ref name="bscdotnews-2564">[https://www.bsc.news/post/thorchains-chaosnet-initially-reports-a-25-million-hack-but-revised-it-to-4-9-million-upon-investigation ThorChain’s "Chaosnet" Initially Reports a $25 Million Hack but Revised it to $4.9 Million Upon Investigation] (Aug 16, 2021)</ref>


[https://news.bitcoin.com/thorchain-trolled-by-hacker-after-two-successful-seven-figure-exploits/ Thorchain Trolled by Hacker After Two Successful Seven-Figure Exploits – News Bitcoin News] (Aug 15)
<ref name="newsdotbitcoin-2565">[https://news.bitcoin.com/thorchain-trolled-by-hacker-after-two-successful-seven-figure-exploits/ Thorchain Trolled by Hacker After Two Successful Seven-Figure Exploits – News Bitcoin News] (Aug 16, 2021)</ref>


[https://www.bsc.news/post/dive-into-de-fi-thorchain Dive Into DeFi: THORChain's Road to Asgardex] (Aug 15)
<ref name="bscdotnews-2566">[https://www.bsc.news/post/dive-into-de-fi-thorchain Dive Into DeFi: THORChain's Road to Asgardex] (Aug 16, 2021)</ref>


[https://medium.com/thorchain/post-mortem-eth-router-exploits-1-2-and-premature-return-to-trading-incident-2908928c5fb Post Mortem Eth Router Exploits 1 2 And Premature Return To Trading Incident] (Aug 26)
<ref name="thorchainmedium-2671">[https://medium.com/thorchain/post-mortem-eth-router-exploits-1-2-and-premature-return-to-trading-incident-2908928c5fb Post Mortem Eth Router Exploits 1 2 And Premature Return To Trading Incident] (Aug 27, 2021)</ref>


[https://gitlab.com/thorchain/thornode/-/merge_requests/1692 fix #923: chainclients: ethereum: block scanner: match logs address (not tx to) to smart contract addresses (!1692) · Merge requests · THORChain / THORNode · GitLab] (Aug 26)
<ref name="gitlab-2672">[https://gitlab.com/thorchain/thornode/-/merge_requests/1692 fix #923: chainclients: ethereum: block scanner: match logs address (not tx to) to smart contract addresses (!1692) · Merge requests · THORChain / THORNode · GitLab] (Aug 27, 2021)</ref>


[https://www.youtube.com/watch?v=g6i94c_nMNY THORChain Hacks - What you want to know! - YouTube] (Jan 16)
<ref name="youtube-5674">[https://www.youtube.com/watch?v=g6i94c_nMNY THORChain Hacks - What you want to know! - YouTube] (Jan 16, 2022)</ref></references>

Revision as of 21:52, 22 February 2023

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

ThorChain

ThorChain is a new form of decentralized exchange. The ThorChain funds were stored in smart contract hot wallets, a small portion of which had recently been upgraded. The new contract unfortunately had a mistake which allowed the hacker to override the contract and steal funds from multiple protocols.

This is a global/international case not involving a specific country. [1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22]

About ThorChain

"Creating a secure cross-chain bridge is one of the most important milestones for the industry right now, and the race is on to be the first to provide it." "Founded in 2018, THORChain is a cross-chain exchange that facilitates transactions between the Binance, Ethereum, and Bitcoin blockchains, aiding in a difficult problem of inter-blockchain swaps without being compelled to pay sizable fees each time. This represents a tremendous pain point and the efforts of THORChain have been well-received, pushing up a token from a low of $0.00851264, two years ago, to a high of $20.89 two months ago." "THORChain entered into its guarded “Chaosnet” launch during April, facilitating cross-chain swaps across the Bitcoin, Ethereum, Litecoin, Bitcoin Cash and Binance Chain networks."

"THORChain don't have assets synthetically tied to a price using an oracle, rather arbitrage trading bots and individuals, seeking to squeeze a profit from the price differences of an individual cryptocurrency on different blockchains, keep the liquidity pool's volume high in the midst of regularly large price swings. Passive liquidity providers earn a steady stream of rewards, often representing an APR of 10%+, even after technical considerations like "impermenant loss" that chips away at total return if the tokens, when removed from the liquidity pool, that aren't at 100% at the same radio value as when you first staked them."

"The THORChain state machine and the BNB Bifrost Code was audited as part of Single Chain Chaosnet, but the updated MCCN state machine and its new MCCN Bifrosts were not."

"Even the old gods cannot escape the exploits. As the cross-chain attacks continue, THORChain becomes the latest victim. $5 million lost." "Estimates as to the scale of the damage vary, with THORChain revising the initial estimate that 13,000 Ether (ETH) (worth $25.1 million) had been stolen, bringing the total down to 4,000 ETH (roughly $7.6 million) as a ballpark for damages. A subsequent community-provided rundown of stolen assets suggests the figure is closer to $6 million." "The final sum was confirmed to be approximately $4.9 million."

"According to ThorChain’s preliminary incident report, the bug was located within the ETH Bifrost (bridge) code." "The code contains an over-ride loop, designed only for use in vaultTransferEvent transactions, which the hacker was able to manipulate. The hacker was able to wrap the router with their own contract, allowing them to access this over-ride."

"The attacker deployed a contract that sat in front of the Router, which was able to call the deposit() function of the Router. The ability for the Router to be wrapped was recently made available to support ecosystem development. The full scope of this was not assessed thoroughly at the time. The attack contract simply diverted the msg.value back to themselves, calling with a value of 0 into the Router. The Bifrost read the msg.value instead of the emitted deposit event. This is necessary to support Router upgrades, but should not have been for deposit events."

"Pool prices of various ETH-based assets were manipulated. Ether hit ~$350. YFI hit ~$259,640. Rune on Thorchain @ $4.66, on Binance RUNEUSDT @ $5.373 (7:44pm UTC). [The a]ttacker sent ETH from his `0x3a19` address to his smart contract. His smart contract returned his ETH to his `0x3a19` address. ETH pool LPs see an excess of ETH but are missing RUNE." "The 2,500 ETH was used in a looped fashion, triggering the exploit again each time this ETH was refunded. Because the pools use RUNE to exchange value between each other, when the asset's price went up and ETH's price went down."

"Targeted token LPs are missing the token, but should be excess in RUNE. Network solvency shows to be negative around 13,000 ETH but the hacker retains around 2,500 ETH, 57,975.33 SUSHI, 8.7365 YFI, 171,912.96 DODO, 514.519 ALCX, 1,167,216.739 KYL, and 13.30 AAVE."

"Many users are shocked and alarmed by this exploitation." "The price of RUNE, the native token of decentralized finance (DeFi) liquidity protocol Thorchain, dropped by about 15% [the ]day following [the] attack."

"THORChain has been scrambling to defend its position amid growing concern among token holders."

“When a centralised exchange is hacked, users don’t find out months later until their withdrawals are blocked or delayed. When THORChain suffers insolvency, everyone immediately knows. Which do you prefer?”

"ShapeShift CEO Erik Voorhees was one of them, but he lamented on his loss while remaining upbeat."

“Lost a bunch on my RUNE position today. Worth it. We’re in this for the long-term. Cross-chain decentralized trading with no intermediaries is worth a great many stumbles. Expect chaos during chaosnet.”

”The fix is to make the over-ride only happen if it specifically is a vaultTransferEvent” "THORChain has since tweeted that its preliminary roadmap to recovery is underway, announcing that after the vulnerability is patched and the network is restarted."

"Once 67% had updated, the network restarted and began processing txIns . What wasn’t planned was that ETH LPs began withdrawing asymmetrically to ETH take advantage of the fact that they were getting a claim on 13k ETH, when there was only 700 ETH. The correct response to this was to ask Nodes to shut down their Bifrosts to stop the withdrawals (the system was rapidly becoming insolvent), OR, have in place a mimir to halt withdrawals. This mimir setting hadn’t been built because of the system’s philosophy to never block withdrawals."

"In the heat of the moment the on-duty mimir admin incorrectly inferred that the response was to enable trading to correct the ETH price to stop the abuse from ETH LPs. This was as per the brief, but it was premature, since the ETH price hadn’t yet been updated from the store migration. The end result was that trading being re-enabled caused arbitrage agents to buy cheap ETH, instead of selling expensive ETH. By buying the cheap ETH, the remaining ETH in the system was taken and the network went insolvent." "Nodes were asked again to halt."

"In the THORChain community Telegram channel, administrators have indicated the project has the funds needed to cover users’ stolen assets but articulated a preference for the hacker to return the stolen funds in exchange for a bug bounty." "The team further explained that Thorchain’s treasury is likely the only entity that will bear the burden after the attack since its funds will be used to donate approximately $5 million worth of digital assets to Ethereum liquidity providers."

“While the treasury has the funds to cover the stolen amount, we request the attacker get in contact with the team to discuss return of funds and a bounty commensurate with the discovery,” a Telegram post stated, adding that user funds “will be available when the issue has been patched & the network resumes.”

"Ether will be donated to liquidity provider pools to reimburse impacted users. From there, the team plans to engage security firms to have its contracts audited."

This is a global/international case not involving a specific country.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - ThorChain Chaosnet Exploit
Date Event Description
July 15th, 2021 12:00:00 AM Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.

Total Amount Lost

The total amount lost has been estimated at $7,600,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Prevention Policies

The primary issue with ThorChain is having almost all balances of tokens in a hot wallet. While all measures employed will reduce the possibility of future failures, there is no way to prove with certainty that a hot wallet or smart contract is completely secure.

A more secure model would place the majority of funds in a multi-sig requiring the signatures of multiple known node operators, who know how to properly secure the keys offline. Funds could be released as needed for immediate liquidity, with a smaller balance at risk in the insured smart contract hot wallet.

References

  1. Notion – The all-in-one workspace for your notes, tasks, wikis, and databases. (Jul 15, 2021)
  2. Notion – The all-in-one workspace for your notes, tasks, wikis, and databases. (Jul 15, 2021)
  3. SlowMist Hacked - SlowMist Zone (May 18, 2021)
  4. Rekt - THORChain - REKT (Jul 30, 2021)
  5. Address 0x3a196410a0f5facd08fd7880a4b8551cd085c031 | Etherscan (Aug 16, 2021)
  6. THORChain Exploiter - Contract | 0x4a33862042d004d3fc45e284e1aafa05b48e3c9c (Aug 16, 2021)
  7. Address 0x4b713980d60b4994e0aa298a66805ec0d35ebc5a | Etherscan (Aug 16, 2021)
  8. bifrost/pkg/chainclients/ethereum/ethereum_block_scanner.go · develop · THORChain / THORNode · GitLab (Aug 16, 2021)
  9. THORChain loses up to $7.6M in ‘Chaosnet’ exploit, offers hacker a bounty to return funds (Aug 16, 2021)
  10. @THORChain Twitter (Aug 16, 2021)
  11. @THORChain Twitter (Aug 16, 2021)
  12. @ChrisBlec Twitter (Aug 16, 2021)
  13. Thorchain was hacked TWICE last month. Once on July 15th for 7 million dollars, and the other time on July 22nd for 8 million dollars. You would think that would cause a dump, right? Nope, this is crypto, fundamentals don't matter! It's up over (Aug 16, 2021)
  14. Thorchain’s RUNE Token Slides 15% Following Multi-Million Dollar Exploit - Decrypt (Aug 16, 2021)
  15. @THORChain Twitter (Aug 16, 2021)
  16. THORChain Suffers a $7.8 million Dollar Attack. How a $1.4 billion Blockchain Behemoth Steadies the Ship. (Aug 16, 2021)
  17. ThorChain’s "Chaosnet" Initially Reports a $25 Million Hack but Revised it to $4.9 Million Upon Investigation (Aug 16, 2021)
  18. Thorchain Trolled by Hacker After Two Successful Seven-Figure Exploits – News Bitcoin News (Aug 16, 2021)
  19. Dive Into DeFi: THORChain's Road to Asgardex (Aug 16, 2021)
  20. Post Mortem Eth Router Exploits 1 2 And Premature Return To Trading Incident (Aug 27, 2021)
  21. fix #923: chainclients: ethereum: block scanner: match logs address (not tx to) to smart contract addresses (!1692) · Merge requests · THORChain / THORNode · GitLab (Aug 27, 2021)
  22. THORChain Hacks - What you want to know! - YouTube (Jan 16, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=ThorChain_Chaosnet_Exploit&oldid=2627"