Ethernaut Level 7— Force
The Ethernaut is a Web3/Solidity based wargame inspired on overthewire.org. Here’s the solution to the Level 7 Force.
The description
Some contracts will simply not take your money ¯\_(ツ)_/¯The goal of this level is to make the balance of the contract greater than zero.
There are also some simple tips, but they’re not needed. The contract itself is empty. As it doesn’t have a payable receive
nor fallback
function, regular ether transfer will fail.
There is one method to bypass it though. Any contract can call selfdestruct
on itself. When self-destructing, a contracts sends it’s entire balance to an address supplied as an argument. The self-destruct “payment” does not call any payable functions, and therefore will always succced.
The following attacker contract will solve the challenge:
Above contract is very simple. It only contains a hardcoded address of an instance of the challenge. When the attack
function is called, the contract will self destruct forcing it’s balance to the victim.
When running the attack it’s important to remember to transfer some ether the the ForceAttack
contract, so it has funds to force on the victim. In Remix I’ll deploy and call attack
using the following script:
After these transactions go through, the victim’s balance should be non-zero. I can submit and solve the challenge.
The key takeaway here is that one should never rely on checking smart contract’s balance ( address(this).balance
), as it can be forcibly increased outside of it’s logic and state management.