https://ethernaut.openzeppelin.com/

Claim ownership of the contract below


// Claim Ownership of the Contract
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;

import 'openzeppelin-contracts-06/math/SafeMath.sol';

contract Fallout {

  using SafeMath for uint256;
  mapping (address => uint) allocations;
  address payable public owner;

  /* constructor */
  function Fal1out() public payable {
    owner = msg.sender;
    allocations[owner] = msg.value;
  }

  modifier onlyOwner {
	        require(
	            msg.sender == owner,
	            "caller is not the owner"
	        );
	        _;
	    }

  function allocate() public payable {
    allocations[msg.sender] = allocations[msg.sender].add(msg.value);
  }

  function sendAllocation(address payable allocator) public {
    require(allocations[allocator] > 0);
    allocator.transfer(allocations[allocator]);
  }

  function collectAllocations() public onlyOwner {
    msg.sender.transfer(address(this).balance);
  }

  function allocatorBalance(address allocator) public view returns (uint) {
    return allocations[allocator];
  }
}

Exploiting the "Fallout" Contract for Ownership Takeover:

In this walkthrough, we will exploit the "Fallout" contract to demonstrate an ownership takeover vulnerability. The contract has a misspelled constructor name, and we will use this vulnerability to become the new owner of the contract.

Step 1: Identifying the Vulnerability

We analyze the contract code and quickly notice a typo in the constructor function name: Fal1out instead of Fallout. This typo could lead to a potentially exploitable vulnerability.


contract Fallout {

  using SafeMath for uint256;
  mapping (address => uint) allocations;
  address payable public owner;

  /* constructor */
  function Fal1out() public payable {
    owner = msg.sender;
    allocations[owner] = msg.value;
  }
}

Step 2: Replicating the Exploit

We create a new contract that interacts with the vulnerable "Fallout" contract. This will allow us to claim ownership of the contract.


pragma solidity ^0.8;

interface Fallout {
    function owner() external view returns (address);
    function Fal1out() external payable;
}

Step 3: Executing the Exploit