I'm only new to auditing but I was able to get it to work for me, instead of withdrawing at increments of 1 wei at a time I withdrew funds at increments of 1000000000000000 wei a time, I think this worked because if you're withdrawing 1 wei at a time you would have to go through over a 1000000000000000000 transactions which would be too expensive to process. If anyone wants further help on this problem please see the comment below this which will link to a tweet that has the contract that worked.
@AerosDaDinoHoodie2 жыл бұрын
I think I figured out the issue. The Ethernaut level code is written in solidity version ^0.6.0, but it uses syntax from ^0.8.0. This exact code snippet particularly: > (bool result,) = msg.sender.call{value:_amount}(""); That is how you would write it in 0.8x. In a 0.6x version it would look like this: > (bool result,) = msg.sender.call.value(_amount)(""); So the code doesn't match the compiler version, and my guess is that it means a proper withdraw() cannot occur.
@classyboy2000 Жыл бұрын
So what do you do about this? I am seeing an issue where I have to select one compiler version in Remix but the two contracts have different versions specified in the pragma (^0.8.0 and 0.6.12). Also when I switch the remix compiler version to 0.6.12 I see this error indicating that remix doesn't now how/from-where to import SafeMath: Error: not found openzeppelin-contracts-06/math/SafeMath.sol
@aryanmalik5537 Жыл бұрын
@@classyboy2000 Make sure that in 0.6.12, the importing statement gonna be same as in the code provided But in 0.8.0, the importing statement will change to -> import "@openzeppelin/contracts/utils/math/SafeMath.sol";
@benr2466 Жыл бұрын
I just tried continuously withdrawing the msg.value that the fallback receives, couldn’t get it to 0 tho
@rookie_2 жыл бұрын
Also, at the end of the attack, do you ever pull (or send) the values into the calling instance account, or are they left in the attacking smart contract?
@haruxe51402 жыл бұрын
You can optionally create a built-in function for withdrawing funds, or have it sent back to the msg.sender.
@steverobinson8771 Жыл бұрын
Just include a selfdestruct(your_address) function. Call it as the last operation, such that the attack contract gets wiped and sends all funds it has back to 'your_address'
@creativedirector31982 жыл бұрын
I couldn't get what "_amount;" means too, probably it does nothing. Have you found out opposite?
@Corpus.Callosum2 жыл бұрын
at some point i made the attack working but somehow target contract was drained to 0.001 not 0, that's why still could not pass the level. :)
@revwrapz82792 жыл бұрын
did you ever manage to crack this, ive been here all day, cant work out if its a solidity compiler issues or what, i did how ever notice that the contract im trying to call isnt the same address i enter when deploying the contract, not sure if this is also an issue, ive tried i dont know how many lines of code including making sure i had 0 errors, everything works but i cannot get that contract to give me its funds :(
@d-squared702 жыл бұрын
No worries, frustration is part of the journey ;) Check Evgenily response below, might help a bit
@theblockchainbuddy Жыл бұрын
Probably receive() is needed here since the contract is payng back to the attacker so that's what's gonna be called..
@thurendous Жыл бұрын
1 wei should be the problem? It is too little to be done.
@scottpayne6599 Жыл бұрын
I think you just had your units wrong. contract balance is 0.001 ether(1000000000000000 wei). So if you try to withdraw one wei at a time there are too many transactions. So you run out of gas. everywhere you have 1 wei in the contract change to 1000000000000000 wei and it should work.
@joaovictorrabelo47512 жыл бұрын
When lvl 11 sir?
@d-squared702 жыл бұрын
Coming soon. :)
@evgeniys72472 жыл бұрын
Hey! Great videos, keep up the good work! I managed to attack, I think you have a problem in the Attack () function in the donate line. I commented on it and donated directly - something like reentrancy_contract.donate(attacker_contract.address, {"from": attacker_account, "value": 100}) Also, this attack must be carried out several times. On a local stand, for 1 wei in the attack, I returned 98 wei, for each block. Well, respectively, for 2 -> 196, etc.
@evgeniys72472 жыл бұрын
On rinkeby, it was also possible to carry out an attack, but there, for one attack of 1 wei, you can only carry out 1 wei (not 98 as on local), but you can always attack 100 and so on. If you are interested, you can watch through rinkeby etherscan Reentracy contract address - 0x84933729dD8ead2ef8326A3f243A06C4c720252a Attack contract address - 0x68C15bB0d224F3aA41aCed56D2b62B5E0017c1aF
@d-squared702 жыл бұрын
Thank you for the clear feedback and guidance here. :)