In today’s episode of the Advent of Cyber we’re looking into smart contracts, which while not a completely unfamiliar concept to me is something I’m not too knowledgeable of, so I’m really looking for the tasks today. Let’s just hope that we’re going to be doing something else than merely checking Etherscan.
What flag is found after attacking the provided EtherStore Contract?
First we’ll download the task files, and after a brief introduction to smart contracts we’re told to access https://remix.ethereum.org to complete the following task.
The .zip file we downloaded contains two files: Attack.sol and EtherStore.sol, both Solidity contracts, but the actual code is irrelevant to this task. First we want to upload both files to Remix by selecting file explorer → default_workspace → Load a local file into current workspace. Once the files are uploaded we need to compile them by selecting 0.8.10+commit.fc410830 from the compiler menu and then compile the files.
Next step is deploying the smart contracts, which we can easily do by selecting Deploy & run transactions. We’ll first deploy the EtherStore.sol contract, and look at the Deployed Contracts section to find a way to interact with it and be able to run the deposit. Add 10 ETH to the Value section above, deploy and then run the deposit function in the Deployed Contracts section to do the deposit.
Switching to another account, the “attacker”, and selecting the Attack.sol as the contract to be used, copy the EtherStore contract address and paste that to the address box by the Deploy button. After deploying the contract we can see one more deployed contract, and this one contains the attack functionality.
Let’s try the attack next by setting the Value to 1 ETH and executing the attack function. After a little while we can see that 11 ETH was deposited to our account, and the flag for the task gets printed to the console.
While the concept of the blockchain is simple, smart contracts most definitely as not, and this is basically where the danger lies: complexity. Can’t say that I completely understand what’s going on here, but it’s definitely interesting to be able to play around with these smart contracts in a “real” environment, and see the possibilities they open up to malicious actors with the right skill set.