Ethernaut hacking challenges: level 2 Fallout walkthrough
Published
Table of contents
Challenge objective
- Gain ownership of the contract
Walkthrough
Similar to the previous challenge, we need to get ownership of the contract. In this case, the only method that actually assigns a new owner to the contract is this:
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;
import '@openzeppelin/contracts/math/SafeMath.sol';
contract Fallout {
using SafeMath for uint256;
mapping (address => uint) allocations;
address payable public owner;
/* constructor */
function Fal1out() public payable {
owner = msg.sender;
allocations[owner] = msg.value;
}
//......
}
The method has a comment that mentions that it's the contructor. Constructor methods run only right after the contract is deployed and they're commonly used to initialize the contract's state, like assigning an owner in this case. Constructors are declared using the constructor
keyword or a function with the same name as the contract, in this case Fallout.
If you pay attention closely, you'll notice that there is a typo in the function name, as it's named Fal1out instead of Fallout. These means the function is actually not a constructor so we can call it anytime.
So in order to clear this level, we just need to run await contract.Fal1out()
and the ownership will be transfered to us.
Takeways
The main takeaways from this level are to learn about constructors, what they are, how they are declared, and how they're not 😉
TAGS