Introduction

• It's time for some hands-on experience! In this lab, you'll leverage your Reentrancy knowledge to steal funds from the Vulnerable Contract. Within the lab environment, you'll update the Attacker Contract (i.e., Attacker.sol) to exploit a Reentrancy vulnerability within the Vulnerable Contract (i.e., Vulnerable.sol).
• As explained in the Lab Workflow section, the Challenge Verification Engine will verify your solution.
• For you to pass the lab, you must complete the Lab Challenges.

Prerequisites

• Reentrancy Fundamentals: Attack Theory

Lab Sample

Lab Sample

Tip:

Click on the image to zoom in

---

Lab Challenges

1. Attacker.sol should be able to steal all ETH from Vulnerable.sol
   1. Within the lab environment, go to the terminal and execute cvs.
   2. You are now viewing the solution's call stack. Use this information to reverse engineer the solution. When reviewing the output, you'll notice that Attacker.attack() is invoked. As discussed in the Lab Workflow section, Attacker.attack() is automatically invoked during the challenge verification process. In other words, you don't need to call Attacker.attack() within your solution.

   Think about how you can leverage Attacker.receive() to perform unexpected actions during the ETH transfer process.
2. Attacker.sol should not cause a revert operation
   1. Review Seeding Phase - 1 within the Process Diagram.
   2. Review Transfer Phase - 3a within the Process Diagram. What can occur if you withdraw too much ETH?

Lab Workflow

1. Use the Lab Options section to start the lab.
2. Optional: If you previously worked in the lab, you'll need to: i) close any open tabs; ii) navigate to the lab's terminal and execute revert.
3. Review the Vulnerable.sol and Attacker.sol contracts. While doing the review, start to think about how you can update Attacker.sol to solve the Lab Challenges.
4. Add your exploit code to Attacker.sol.
   Warning:

   Within Attacker.sol, please make your changes between the following code comments:

   • // COMMENT GROUP A: START
   • // COMMENT GROUP A: END

   If you change other code, the lab might not work.

5. When you're ready to verify your solution, go to the lab environment's terminal and execute the cv command. (This is short for Challenges Verify.)
6. Behind the scenes, the cv command invokes Attacker.attack().
7. cv prints a call stack and verifies that the Lab Challenges have been completed.

Lab Options

Pros

• Access the lab directly through your web browser.
• There are no dependencies to install.

Cons

• Executes on GitHub's servers. This has a financial cost if the free tier is exhausted. Luckily, it's easy to set a spending limit of 0 so you won't be charged (instructions below).

Prerequisites

• Sign up for a Github account.
• IMPORTANT: Github will charge for Codespace usage once the free tier is exhausted. If you don't want to be charged, navigate to this link and ensure the Codespaces spending limit is set to 0. Blockbash (and its contributors) are not responsible for any unexpected charges.

Warning:

You must complete the Prerequisites (mentioned above) before starting the lab.

Next Steps

1. Click
2. Complete the steps within the Lab Workflow section.

Tip:

If you have a question (or problem), please review the Need Help section.

Pros

• If you're already a Visual Studio Code user, your preexisting setup should be applied. This includes keybindings, extensions, etc.
• As the lab isn't being executed within the browser, you'll have a more "native" experience.
• Depending on your computer, the experience might be faster than the Codespace environment.

Cons

• Requires dependencies to be installed (see below).

Prerequisites

• Install Visual Studio Code.
• Install the Dev Containers Extension.
• Install Docker (other container runtimes are not officially supported).

Warning:

You must complete the Prerequisites (mentioned above) before starting the lab.

Next Steps

1. Click
2. Complete the steps within the Lab Workflow section.

Tip:

If you have a question (or problem), please review the Need Help section.

Need Help?

1. Review the hints within the Lab Challenges section.
2. If the hints don't help, leverage this link for further assistance.

Disclosures

Warning:

• Content should be used for educational purposes only. You should not leverage this content for nefarious purposes. Blockbash's authors are not liable for misuse of this content.
• Everyone makes mistakes, including the authors of Blockbash. All content and recommendations should be verified via another source. Blockbash's authors are not liable for any mistakes. If you've found an error, please create a Github Issue.