Ethernaut Walkthrough - Part 1
Lazy loaded imageEthernaut Walkthrough - Part 1
type
status
date
slug
summary
tags
category
icon
password
Importance
Tweet
Hello I am YesYouKen, this is my first time writing a walkthrough and I am just going to write as things come. Enjoy! And, I hope this helps!
Each level gets its own section and I will talk about how I get to the answer but if you want to go to the hint or the answer they are at the end of each section.

Levels

1. Hello Ethernaut

This one is easy. Just got to go through everything.
Take a longer look at the contract object to see if anything shouts password
Solution on how to get the password
contract.password()

2. Fallback

Our goal is to call contract.withdraw to get all the balance in the smart contract account
  1. Notice the onlyOwner modifier
      • it prevents anyone other than the owner from calling contract.withdraw
  1. There are two lines in the smart contract that allows us to change the owner of the smart contract with the following line owner = msg.sender;
      • in contribute and receive
  1. Notice that receive looks a little different from other function. Did some research and found out that receive() external payable is a fallback function that is called "if Ether are sent to the contract and no calldata are provided"
There are two possible solutions
Solution A
Solution B

3. Fallout

Once again, same goal become the owner of the contract.

Solution

  1. Notice that there is only one function that allows change of owner which is Fallout
  1. Tries to call contract.Fallout but realised it is undefined.
  1. then notice the typo it is actually Fal1out , the second l is actually a 1
  1. Just execute the following in the browser console and you will become the owner

Takeaways

  • Turns out that it has to be a typo else the challenge will not work, the challenge simulates a typo where the constructors is misnamed and became a public function instead.
  • Seems like a bad idea to even define constructors by the contract name, note to myself, maybe just use the constructor keyword?

4. Coin Flip

We need to rack up some consecutive wins by making the right guesses.
I faced a few hiccups here.
  1. I tried to be fancy here and did a for-loop only to realised that the challenge prevents that with the following
it will error out with execution reverted example transaction
Solution

Takeaways

  • external is like public but cannot be called internally
 

Next -
Ethernaut Walkthrough - Part 2
Ethernaut Walkthrough - Part 2

 
The Lambdas that forms me Hello World! - Starting My MetaNest
Loading...