Ethernaut Walkthrough — Level 2: Fallout

Published on Dec 06, 2021

This level of Ethernaut is actually really simple, but shows us how easy some of the early hacks in the Ethereum ecosystem were executed.

In earlier versions of the language the constructor would be a function with the same name of the contract. If for example you had a contract named Fallout then your constructor method might have been named function Fallout(). In the constructor Solidity developers will often set the owner to be the creator of the contract, the msg.sender. That way the owner will be the person who created the contract.

There's a known hack (dating back to 2016) where Ribixi renamed its contract from DynamicPyramid to Rubixi while forgetting to also rename the constructor method. This allowed attackers to become owners of the contract simply by calling the old constructor function.

How to pass level 2: Fallout

Simply call the method contract.Fal1out(); from the console. After that, you can collect all funds from the contract by calling await contract.collectAllocations();

await contract.collectAllocations();

Security lessons learned

Luckily for us, more recent version of Solidity require us to use the constructor keyword when writing constructors. But we should still be careful, especially when writing functions that can change ownership of a contract.

Continue from here

Here's my solution for level 3

No comments? But that’s like a Gin & Tonic without the ice?

I’ve removed the comments but you can shoot me a message on LinkedIn to keep the conversation going.