Ethernaut — Level 9— King
I am back after a small break. Lets dive into the challenge. This challenge kind of mimics a popular Ponzi scheme based game called “King of the Ether” wherein, in order to become the new king you need to pay a slightly greater amount then the previous king. It kind of guarantees that you will receive a higher amount than what you have paid. but the task at hand is to hack the contract and don't allow other users to become the king.
Click here to access the source code
There are three variables, a constructor and a fallback function defined in the contract. The fallback function is called whenever we send some ether to the contract. To bypass the require statement we need to send the amount of ether greater than previous value like 1 ETH and stop the king variable from being set to msg.sender. This can be done by writing our own malicious contract and somehow stop the transfer from happening in the fallback function.
We need to pass the contract address of the Ethernaut challenge as argument to constructor and send probably 1 ETH as value and we see that the current value of the _king variable is set to our contract address. When we submit the instance, the king.transfer(msg.value); triggers the fallback function and we basically revert the transaction here. So preventing anyone from sending us ETH and trying to become the new King.
Thanks for Reading !