Reentrancy → drain vault contract

§ Context

Assumed environment: Solidity contract pre-0.8 (or with explicit unchecked arithmetic / external call before state update). No nonReentrant modifier. Attacker can deploy a contract that interacts with the target.

§ Steps

1. 01
   Vault balance drainedExfiltration

   T1041— Exfiltration Over C2 Channel
2. 02
   Initial deposit to be eligibleInitial Access

   T1078— Valid Accounts
3. 03
   Deploy attacker contractInitial Access

   T1078— Valid Accounts
4. 04
   Static audit (Slither / Mythril)Reconnaissance

   W-RECON-FINGERPRINT— Tech Stack Fingerprinting
5. 05
   withdraw() → fallback re-entersImpact

   W3-REENTRANCY— Reentrancy Attack
6. 06
   Spot call-before-effect patternImpact

   W3-REENTRANCY— Reentrancy Attack

§ References

• T1041Exfiltration Over C2 Channel
• T1078Valid Accounts

§ Frequently asked

What is the "Reentrancy → drain vault contract" attack path?

Vulnerable withdraw() sends ETH before updating balance. Attacker contract re-enters via fallback() until the vault is empty — the canonical DAO-2016 pattern. It chains 6 steps drawn from real-world offensive-security techniques.

What starting position does this attack require?

The first step is Vault balance drained (T1041) — a exfiltration primitive. Assumed environment: Solidity contract pre-0.

What is the final impact of this kill-chain?

The final step lands on Spot call-before-effect pattern (W3-REENTRANCY), which falls under Impact. From here, an operator typically pivots into post-exploitation or maintains persistence.

How can defenders detect or prevent this attack?

Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

§ Related dossiers

• Shared techniques3

  Vesting beneficiary replace → silently drain stream

  Bug in a custom vesting contract allows anyone to call setBeneficiary on existing schedules. Replace beneficiary with attacker address; legitimate token stream now flows to attacker until released funds are noticed.

• Shared techniques3

  Padding oracle → forge admin session cookie

  App encrypts session cookies with AES-CBC and reveals padding-validity via a 500/200 differential. Decrypt the cookie, forge an admin cookie, log in without credentials.

• Shared techniques3

  Cross-chain bridge validator-set bypass → mint wrapped tokens

  Bridge's signature-set check is off-by-one (Nomad-class) or accepts a zero address (Ronin-class). Mint wrapped tokens on the destination chain without locking on the source.

• Shared techniques2

  Origin IP bypass → direct attack on backend

  Find the real origin IP behind the CDN via CT logs / DNS history / SSL fingerprinting. Connect directly to origin, bypassing WAF + caching + rate-limit; run noisy attacks (SQLi / RCE) that the edge would have blocked.

• Shared techniques2

  Apple Pay Express Transit relay → high-value contactless fraud

  Specific configuration (Express Transit + Visa) allowed contactless transactions over £1k without unlock or per-tx auth. Two devices relayed the wallet from victim's pocket to a real terminal.

• Shared techniques2

  Mass SMS phish → Okta-style portal → SaaS sprawl (0ktapus)

  Wide SMS phishing campaign targeting employees of ~130 organisations with a single phishlet that captures Okta credentials + push approval. Mass automated logins to Twilio, MailChimp, DoorDash et al.