Before you start, listen to This.
So as you understand from the video, your mission is to perform the biggest money heist in a bank we own!
The bank has issued a new fundraiser for a new coin called DAO. The fundraiser currently holds 1337 Ethereum, and you hold only one Ethereum. When you'll empty the bank, you'll get the flag! We've attached the smart-contract source code for your impression.
The vulnerable piece of code is:
As it is quite evident, the code is vulnerable because the balance zeroing is done after the Ether transfer is performed. When Ether is sent to some address, it may be a contract address and its fallback function will be triggered. In this function it is possible to recursively call the
withdrawBalance() method again provided that there is enough gas.
So our attack contract looks like:
The attack will withdraw the donate amount twice and transfer the coins to the attacker address.
We deploy the new contract:
Then, we attack:
After that, we check the balance and get the flag: