Ethernaut Level 0 Hello Ethernaut [Foundry-Hardhat]
The Ethernaut-Solutions repository contains the solutions using Foundry and Hardhat.
Ethernaut is a Web3/Solidity-based wargame inspired by overthewire, to be played in the Ethereum Virtual Machine. Each level is a smart contract that needs to be ‘hacked’.
This will be the first article in a series of blog posts where I go through each level showing how to compromise the contracts and complete the challenges. From Level 1, I will be writing my exploits in Foundry as well as Hardhat. Follow whichever tool suits you. You can find the solutions in the repository Ethernaut-Solutions.
All the Ethernaut level contracts are in /src. All the exploits are in /test the folder. In /test folderthere are Hardhat tests using Typescript and contracts (if required). In /test/foundry there are exploits using Foundry. In Foundry, everything is written in Solidity.
Make sure you have Metamask installed and connected to one of the following test networks
Goerli
Sepolia
Polygon Mumbai
Get some test ETH/MATIC from the following faucets, awesome-list-testnet-faucets
Go to Ethernaut. Click on level 0. Read the instructions.
When you click on ‘Get New Instance’, Ethernaut deploys an instance of the shown contract level on the network that is connected. You can interact with instances of the contracts using the dev console in Chrome.
help() shows help menu
-
For the sake of brevity steps, 1 to 8 are skipped. They are pretty straightforward. Continue till instruction #8.
- Call info the function of the deployed instance
await contract.info()
Response:- ‘You will find what you need in info1().’
-
Call info1 function
await contract.info1()
Response:- ‘Try info2(), but with “hello” as a parameter.’
-
Call info2function passing ‘hello’ as an argument
await contract.info2('hello')
Response:- ‘The property infoNum holds the number of the next info method to call.’
You can get the contract ABI by typing contract.abi. Examine the contract ABI. You can see there is a view function named infoNum. This is the getter function for the state variable ‘infoNum’.
-
Call infoNum function
await contract.infoNum()
Response:- Expand the returned object. You can see the number 42 on the 0th index of the ‘words’ array. This is the number we should append with ‘info’
-
Call info42 function
await contract.info42()
Response:- ‘theMethodName is the name of the next method.’
-
Call theMethodName function
await contract.theMethodName()
Response:- ‘The method name is method7123949.’
-
Call method7123949 function
await contract.method7123949()
Response:- ‘If you know the password, submit it to authenticate().’
In the contract ABI, there is a view function named password. This is the getter function for the state variable ‘password’. ‘password’ was passed to the constructor of the instance during the deployment.
-
Call password function
await contract.password()
Response:- You will get the password.
-
Call authenticate function by passing the received password as an argument This will send the transaction using Metamask. Wait for the transaction to be included in the block.
await authenticate(password) // replace password with actual password
Response:- After the transaction is successful, you will get the transaction receipt in the console
function authenticate(string memory passkey) public {
if(keccak256(abi.encodePacked(passkey)) == keccak256(abi.encodePacked(password))) {
cleared = true;
}
}
This sets the value of cleared to true.
In the contract ABI, there is a view function named getCleared. This is the getter function for the state variable cleared. You can check if the level is cleared by calling getCleared the function.
-
Call getCleared function
await contract.getCleared()
Response:- true (if the level is cleared else false) If false, check the previous commands in the console for mistakes.
Now, you can submit the instance using the ‘Submit Instance’ button. Send the transaction with Metamask. Wait for the confirmation.
Submit the instance.
Level passed!!! 😄
The Ethernaut-Solutions repository contains the solutions using the and Hardhat.
Top comments (0)