Smart contracts
Day 8 THM-Advent of cyber 4
This task had a lot of theory given about a smart contract vulnerability before we actually go hands-on with the practical application of the basic vulnerability.
Although it’s quite hard to understand if you aren’t familiar with blockchain and smart contracts, I recommend you to read it briefly to get a rough idea of what’s the scene on the stage.
Let’s jump to the walkthrough of the challenges.
we will use Remix IDE, which offers a safe and controlled environment to test and deploy contracts as if they were on a public blockchain.
Let’s now download the files and open this IDE in our browser.
When you first open Remix, you want to draw your attention to the left side; there will be a file explorer, search, Solidity compiler, and deployment navigation button, respectively, from top to bottom. We will spend most of our time in the deploy & run transactions menu as it allows us to select from an environment, account, and contract and interact with contracts we have compiled.
Go ahead and open the two files you downloaded in the local_workspace.
after that, navigate to both the files and compile both the files under solidity compiler.
After this , go to deploy and run transactions, and select a contract.
The etherstore.sol will be the first one we are gonna deploy. After deploying change the value to 1 and click on deposit under deployed contracts.
Now it’s time to deploy our attack. Go to attack file and then deploy and run transactions
You’ll see attack under deployed contracts now, all you have to do is change the value to 1 and click on ‘attack’
This is the vulnerability described in the room earlier.
This room was little overwhelming but we finally got an idea on how smart contracts work and how can we exploit a basic vulnerability.