The Ethernaut is a Web3/Solidity based wargame inspired on overthewire.org. Here’s the solution to the Level 10— Reentrancy.
The goal of this level is for you to steal all the funds from the contract.Things that might help:-Untrusted contracts can execute code where you least expect it.
-Sometimes the best way to attack a contract is with another contract
-See the Help page above, section "Beyond the console"
The name of the challenge basically gives away the solution. The contract’s withdraw method is a classic example of a reentrancy vulnerability:
The vulnerability exists, because everytime a contract transfers ether to another contract, it gives away the control to recipient for a moment to call the
fallback function. An attacker can use that moment to call
withdraw again. If recipient’s balance is not updated before actually transferring the funds, the
withdraw will be called in a loop, until it drains all the ether from victim’s account.
Example of an attacker contract can be found below:
After compiling above contract, it can be deployed and called using the usual script:
That’s all. Above contract will drain all the ether from the victim. After that I can submit the challenge.