Name	Name	Last commit message	Last commit date
parent directory ..
AlienCodex	AlienCodex
CoinFlip	CoinFlip
Delegation	Delegation
Denial	Denial
Dex	Dex
DexTwo	DexTwo
DoubleEntryPoint	DoubleEntryPoint
Elevator	Elevator
Ethernaut	Ethernaut
Fallback	Fallback
Fallout	Fallout
Force	Force
GatekeeperOne	GatekeeperOne
GatekeeperTwo	GatekeeperTwo
GoodSamaritan	GoodSamaritan
HelloEthernaut	HelloEthernaut
King	King
MagicNumber	MagicNumber
Motorbike	Motorbike
NaughtCoin	NaughtCoin
Preservation	Preservation
Privacy	Privacy
PuzzleWallet	PuzzleWallet
Recovery	Recovery
Reentrance	Reentrance
Shop	Shop
Telephone	Telephone
Token	Token
Vault	Vault
README.md	README.md

Ethernaut with Foundry

Ethernaut: https://ethernaut.openzeppelin.com/

Note: All commands below need to be executed in the root of this repository.

Table of Contents

Common Setup
Test All Exploit
0. Hello Ethernaut
1. Fallback
2. Fallout
3. Coin Flip
4. Telephone
5. Token
6. Delegation
7. Force
8. Vault
9. King
10. Re-entrancy
11. Elevator
12. Privacy
13. Gatekeeper One
14. Gatekeeper Two
15. Naught Coin
16. Preservation
17. Recovery
18. MagicNumber
19. Alien Codex
20. Denial
21. Shop
22. Dex
23. Dex Two
24. Puzzle Wallet
25. Motorbike
26. DoubleEntryPoint
27. Good Samaritan

Common Setup

Execute the following commands:

export PRIVATE_KEY=<PRIVATE KEY>
export RPC_RINKEBY=<RPC RINKEBY>
export FOUNDRY_ETH_RPC_URL=$RPC_RINKEBY

Test All Exploit

forge test --match-path "src/Ethernaut/*"

0. Hello Ethernaut

Challenge & Exploit codes

Test

forge test --match-contract HelloEthernautExploitTest -vvvv

Exploit on chain

forge script HelloEthernautExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

1. Fallback

Challenge & Exploit codes

Test

forge test --match-contract FallbackExploitTest -vvvv

Exploit on chain

forge script FallbackExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

2. Fallout

Challenge & Exploit codes

Test

forge test --match-contract FalloutExploitTest -vvvv

Exploit on chain

forge script FalloutExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

3. Coin Flip

Challenge & Exploit codes

Test

forge test --match-contract CoinFlipExploitTest -vvvv

Exploit on chain

forge script CoinFlipExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --slow --sig "run(address)" $INSTANCE_ADDRESS

Command to work around the bug in foundry-rs/foundry#2489 :

forge script CoinFlipExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --slow --sig "run(address)" $INSTANCE_ADDRESS --fork-block-number $(python -c "print($(cast block-number)-10)")

4. Telephone

Challenge & Exploit codes

Test

forge test --match-contract TelephoneExploitTest -vvvv

Exploit on chain

forge script TelephoneExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

5. Token

Challenge & Exploit codes

Test

forge test --match-contract TokenExploitTest -vvvv

Exploit on chain

forge script TokenExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

6. Delegation

Challenge & Exploit codes

Test

forge test --match-contract DelegationExploitTest -vvvv

Exploit on chain

forge script DelegationExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

7. Force

Challenge & Exploit codes

Test

forge test --match-contract ForceExploitTest -vvvv

Exploit on chain

forge script ForceExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

8. Vault

Challenge & Exploit codes

Test

forge test --match-contract VaultExploitTest -vvvv

Exploit on chain

forge script VaultExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

cast command-only one-liner:

cast send --private-key $PRIVATE_KEY $INSTANCE_ADDRESS "unlock(bytes32)" $(cast storage  $INSTANCE_ADDRESS 1)

9. King

Challenge & Exploit codes

Test

forge test --match-contract KingExploitTest -vvvv

Exploit on chain

forge script KingExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

10. Re-entrancy

Challenge & Exploit codes

Test

forge test --match-contract ReentranceExploitTest -vvvv

Exploit on chain

forge script ReentranceExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

11. Elevator

Challenge & Exploit codes

Test

forge test --match-contract ElevatorExploitTest -vvvv

Exploit on chain

forge script ElevatorExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

12. Privacy

Challenge & Exploit codes

Test

forge test --match-contract PrivacyExploitTest -vvvv

Exploit on chain

forge script PrivacyExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

13. Gatekeeper One

Challenge & Exploit codes

Test

forge test --match-contract GatekeeperOneExploitTest -vvvv

Exploit on chain

forge script GatekeeperOneExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

14. Gatekeeper Two

Challenge & Exploit codes

Test

forge test --match-contract GatekeeperTwoExploitTest -vvvv

Exploit on chain

forge script GatekeeperTwoExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

15. Naught Coin

Challenge & Exploit codes

Test

forge test --match-contract NaughtCoinExploitTest -vvvv

Exploit on chain

forge script NaughtCoinExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

16. Preservation

Challenge & Exploit codes

Test

forge test --match-contract PreservationExploitTest -vvvv

Exploit on chain

forge script PreservationtExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

17. Recovery

Challenge & Exploit codes

Exploit on chain

cast send --private-key $PRIVATE_KEY --gas-limit 100000 $INSTANCE_ADDRESS "destroy(address)" <TOKEN ADDRESS>

The token address can be easily found in a blockchain explorer.

18. MagicNumber

Challenge & Exploit codes

Exploit written in Huff: https://github.com/minaminao/huff-ethernaut-magic-number

Test

forge test --match-contract MagicNumberExploitTest -vvvv

Exploit on chain

forge script MagicNumberExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

19. Alien Codex

Challenge & Exploit codes

Test

forge test --match-contract AlienCodexExploitTest -vvvv

Exploit on chain

forge script AlienCodexExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

20. Denial

Challenge & Exploit codes

Test

forge test --match-contract DenialExploitTest -vvvv

Exploit on chain

forge script DenialExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

21. Shop

Challenge & Exploit codes

Test

forge test --match-contract ShopExploitTest -vvvv

Exploit on chain

forge script ShopExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

22. Dex

Challenge & Exploit codes

Test

forge test --match-contract DexExploitTest -vvvv

Exploit on chain

forge script DexExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

23. Dex Two

Challenge & Exploit codes

Test

forge test --match-contract DexTwoExploitTest -vvvv

Exploit on chain

forge script DexTwoExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

24. Puzzle Wallet

Challenge & Exploit codes

Test

forge test --match-contract PuzzleWalletExploitTest -vvvv

Exploit on chain

forge script PuzzleWalletExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

25. Motorbike

Challenge & Exploit codes

Test

Foundry test function cannot detect that the code size has changed to 0.
Anvil should be able to test it (WIP).

Exploit

forge script MotorbikeExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

26. DoubleEntryPoint

Challenge & Exploit codes

Test

forge test --match-contract DoubleEntryPointExploit -vvvv

Exploit on chain

forge script DoubleEntryPointExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

27. Good Samaritan

Challenge & Exploit codes

Test

forge test --match-contract GoodSamaritanExploit -vvvv

Exploit on chain

forge script GoodSamaritanExploitScript -vvvv --private-key $PRIVATE_KEY --fork-url $RPC_RINKEBY --broadcast --sig "run(address)" $INSTANCE_ADDRESS

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

Ethernaut with Foundry

Common Setup

Test All Exploit

0. Hello Ethernaut

1. Fallback

2. Fallout

3. Coin Flip

4. Telephone

5. Token

6. Delegation

7. Force

8. Vault

9. King

10. Re-entrancy

11. Elevator

12. Privacy

13. Gatekeeper One

14. Gatekeeper Two

15. Naught Coin

16. Preservation

17. Recovery

18. MagicNumber

19. Alien Codex

20. Denial

21. Shop

22. Dex

23. Dex Two

24. Puzzle Wallet

25. Motorbike

26. DoubleEntryPoint

27. Good Samaritan

FilesExpand file tree

Ethernaut

Directory actions

More options

Directory actions

More options

Latest commit

History

Ethernaut

Folders and files

parent directory

README.md

Ethernaut with Foundry

Common Setup

Test All Exploit

0. Hello Ethernaut

1. Fallback

2. Fallout

3. Coin Flip

4. Telephone

5. Token

6. Delegation

7. Force

8. Vault

9. King

10. Re-entrancy

11. Elevator

12. Privacy

13. Gatekeeper One

14. Gatekeeper Two

15. Naught Coin

16. Preservation

17. Recovery

18. MagicNumber

19. Alien Codex

20. Denial

21. Shop

22. Dex

23. Dex Two

24. Puzzle Wallet

25. Motorbike

26. DoubleEntryPoint

27. Good Samaritan