How to Solve the First Task of the Ethernaut Game by@kamilpolak

How to Solve the First Task of the Ethernaut Game

image
Kamil Polak HackerNoon profile picture

Kamil Polak

I am a huge enthusiast of cryptocurrency and blockchain technology.

In this article, I will walk you through how to solve the first task of the Ethernaut game.

The aim of the task is to :

  • claim ownership of the contract

  • reduce the balance of the contract to 0

Let's start with the analysis of the contract that we need to hack.

  function contribute() public payable {
    require(msg.value < 0.001 ether);
    contributions[msg.sender] += msg.value;
    if(contributions[msg.sender] > contributions[owner]) {
      owner = msg.sender;
    }
  }

Looking at the constructor we can see that contribution of the owner was set to 1000 ethers. This means that if we want to take ownership of the contract we need to call the contribute function until we reach a balance higher than 1000 ethers.

Considering that we cannot send more than 0.001 ether in one call it will take a lot of time.

 constructor() public {
    owner = msg.sender;
    contributions[msg.sender] = 1000 * (1 ether);
  }

Another way to take ownership of the contract is to use the receive fallback function. The fallback function is executed if none of the other functions match the function identifier or no data was provided with the function call.

Note that only one unnamed function can be assigned to a contract and it is executed whenever the contract receives plain ether without any data. To receive ether and add it to the total balance of the contract, the fallback function must be marked payable.

  receive() external payable {
    require(msg.value > 0 && contributions[msg.sender] > 0);
    owner = msg.sender;
  }

As you can see, to take ownership we need to meet to conditions: msg.value > 0 && contributions[msg.sender] > 0

After that, we can call withdraw function to claim all funds.

function withdraw() public onlyOwner {
    owner.transfer(address(this).balance);
  }

Before let's check who is the owner of the contract.

image

As you can see the owner's address is different from than player's address.

Now we can send some amount of ether to the contract. Note, you cannot send more than 0.001 ether.

image

To send the transaction you need to confirm your operation in MetaMask and pay some small gas. Once the transaction will be executed you should see confirmation as above.

We can also verify that we contributed to the contract.

image

Without going into details the length:3 is the confirmation. So now we need to fulfill the second condition of the fallback function. To do that we need to call the function and send some value.

image

Since this is a fallback function we used the specific function sendTransaction

After that, we can check the contract owner. As you can see now the ownership was assigned to the player's address. So we claimed the ownership!

image

Now we can withdraw ethers. Before we will check the current balance.

image

Let's call the withdraw function to get all ethers.

image

When you check the contract balance you will see that it is 0. So we achieved the second goal.

image

First published here.

Comments

Signup or Login to Join the Discussion

Tags

Related Stories