Challenge #4 - Side Entrance
A very simple pool allows anyone to deposit ETH and withdraw it at any point in time.
It already has a balance of 1000 ETH and is offering free flash loans using deposited ETH to promote their system.
Starting with a balance of 1 ETH, pass the challenge by withdrawing all ETH from the pool.
This question also provides loans, but it transfers money to us by calling our execute function, which provides us with an idea to write an attack contract. The contract provides three functions deposit, withdraw and flashLoan. If you observe carefully, it is not difficult to find , the final judgment of the flashLoan function is:
As long as the balance of the pool after lending is the same or greater than before, in the deposit function:
We will send the money to the contract and increase our value in the balances mapping, which means we can deposit the borrowed money into the contract, and finally get all the money in the pool through the withdraw function.
Here we choose to write a new contract
attack.sol:
Construct the execute function in the contract. When the loan pool sends us money, we deposit the money in the pool through the deposit function, and finally withdraw the money and send it to ourselves.
side-entrance.challenge.js:
Note: Don't forget the receive money function!
test:
