EthernautDAO CTF 6 — Hackable Contract Solution

CTF 6: Hackable

  • lastXDigits equal to 45
  • mod equal to 100
  • done equal to false

Study the contracts

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract hackable {
uint256 public lastXDigits;
uint256 public mod;
bool public done;
address public winner;
constructor(uint256 digits, uint256 m) {
lastXDigits = digits;
mod = m;
done = false;
}
function cantCallMe() public {
require(done == false, "Already done");
uint256 res = block.number % mod;
require(res == lastXDigits, "Can't call me !");
winner = msg.sender;
done = true;
}
}
  • lastXDigits equal to 45
  • mod equal to 100

Solution code

  • Create an Alchemy or Infura account to be able to fork the Goerli blockchain
  • Choose a good block from which we can create a fork. Any block after the creation of the contract will be good
  • Run a foundry test that will use the fork to execute the test
function testFindTheGoodBlock() public {
address player = users[0];
// Random block number just to test the solution
uint256 solutionBlockNumber = 948574245;
// warp the blockchain to the blocknumber that will solve the challenge
vm.roll(solutionBlockNumber);
// Assert that the solution is correct
assertEq(solutionBlockNumber % hackableContract.mod(), hackableContract.lastXDigits());
// Solve the challenge
vm.prank(player);
hackableContract.cantCallMe();
// assert it has been solved
assertEq(hackableContract.winner(), player);
assertEq(hackableContract.done(), true);
}

Further reading

Disclaimer

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
StErMi

StErMi

802 Followers

#web3 dev + auditor | @SpearbitDAO security researcher, @yAcademyDAO resident auditor, @developer_dao #459, @TheSecureum bootcamp-0, @code4rena warden