Day4 2024.09.02
题目:
Claim ownership of the contract below to complete this level.
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract Telephone {
address public owner;
constructor() {
owner = msg.sender;
}
function changeOwner(address _owner) public {
if (tx.origin != msg.sender) {
owner = _owner;
}
}
}解題:
- 只要破解
function changeOwner(address _owner) public {
if (tx.origin != msg.sender) {
owner = _owner;
}
}就可以變成 owner
msg.sender:目前函數呼叫的直接傳送者。 tx.origin:交易的原始發起者。
2.只要不是原始發起者就可以變成 owner (天底下因該不會有這件事...)
- 不過他感覺是要讓我們看 tx.origin 的變化,寫了攻擊合約 TelephoneAttack.sol
發現利用 攻擊合約呼叫的 tx.origin其實沒變... 💀
Attacks smart contract: TelephoneAttack.sol
POC: Telephone.t.sol