search

Lotteries

hashtag
Guess the number

hashtag
Code Audit

pragma solidity ^0.4.21;

contract GuessTheNumberChallenge {
    uint8 answer = 42;

    function GuessTheNumberChallenge() public payable {
        require(msg.value == 1 ether);
    }

    function isComplete() public view returns (bool) {
        return address(this).balance == 0;
    }

    function guess(uint8 n) public payable {
        require(msg.value == 1 ether);

        if (n == answer) {
            msg.sender.transfer(2 ether);
        }
    }
}

The answer is just 42.

hashtag
Solution

In Capture The Ether interface, click "Begin Challenge" and get the instance address. In Remix, deploy the GuessTheNumberChallenge contract at the instance address:

To interact with the deployed instance, feed in the instance address and click "At Address":

GuessTheNumber At Address

Call guess() with 42 as input and send over 1 ether:

GuessTheNumber call guess

Verify that the challenge is solved by calling the isComplete() getter:

GuessTheNumber isComplete

hashtag
Guess the secret number

hashtag
Code Audit

Since guess() takes uint8 as input, we know that the range is 0 ~ 255. This is a small enough range for bruteforce attack.

hashtag
Solution

Write a contract to bruteforce the hash:

The result is 170:

bruteForce

In Capture The Ether interface, click "Begin Challenge" and get the instance address. In Remix, deploy the GuessTheSecretNumberChallenge contract at the instance address:

To interact with the deployed instance, feed in the instance address and click "At Address":

GuessTheSecretNumber At Address

Call guess() with 170 as input and send over 1 ether:

GuessTheSecretNumber call guess

Verify that the challenge is solved by calling the getter isComplete().

hashtag
Guess the random number

hashtag
Code Audit

The "random" number answer is computed from block.number. The truth is that answer is not random at all. Since uint8 answer is declared as a state variable, it is stored in blockchain storage and we can view it on Etherscan.

hashtag
Solution

In Capture The Ether interface, click on the instance address and we are brought to https://ropsten.etherscan.io. Click "Internal Txns" and go into the only transaction. Click "State". Theoretically you can view the content of answer here, but this page does not give me any data.

Instead, I choose to use some web3.py magic to read the storage. To read data from blockchain, we must have access to a node on that blockchain. An easier way to do this is using Infura.

Register an account at Infuraarrow-up-right and use web3.py to query the contract storage:

Compile the following challenge contract in Remix:

To interact with the deployed instance, feed in the instance address and click "At Address":

GuessTheRandomNumber At Address

Call guess() with input 106 and send over 1 ether. Verify that the challenge is solved by calling the getter isComplete().

hashtag
Predict the block hash

hashtag
Code Audit

The essence is:

where:

Seems like we must find out block.number, but do we?

Quote from Solidity docarrow-up-right:

The block hashes are not available for all blocks for scalability reasons. You can only access the hashes of the most recent 256 blocks, all other values will be zero.

Here "zero" means the zero address address(0). In our case, since lockInGuess() takes bytes32, we should lock in 0x0000000000000000000000000000000000000000000000000000000000000000 as our guess. After calling lockInGuess(0x0000000000000000000000000000000000000000000000000000000000000000), we just have to wait 256 block time and then call settle().

hashtag
Solution

Write an exploit contract and deploy it in Remix:

Call lockInGuess(0x0000000000000000000000000000000000000000000000000000000000000000) and then call pwn() after an hour.

PreviousCapture the EtherNextMath

Last updated