Access Denied
If an address is a contract, then the size of code stored at the address will be greater than 0. However, if you are a hacker, this may not always be the case.
Contract Link (Sepolia Testnet):
https://sepolia.etherscan.io/address/0x65e7fe0c5112ae242732786eed8dcc31e27131d7
The Objective:
- To get the flag, you must first become the admin of the contract.
Hint: Use Remix IDE
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract access_denied {
string private data;
address admin;
constructor(string memory _data) {
data = _data;
admin = msg.sender;
}
function isContract(address addr) public view returns (bool) {
uint size;
assembly {
size := extcodesize(addr)
}
return size > 0;
}
modifier noEOA {
require (msg.sender != tx.origin, "No-EOA allowed!");
_;
}
modifier noContract {
require (!isContract(msg.sender), "No-contract allowed either!");
_;
}
function changeAdmin(address _addr) external noEOA noContract {
_changeAdmin(_addr);
}
function _changeAdmin(address _addr) private {
require(msg.sender==_addr);
admin = _addr ;
}
function getflag() public view returns (string memory) {
require(msg.sender == admin, "You are not admin yet!");
return(data);
}
}
The contract has been deployed on the Sepolia testnet. To interact with and solve the contract, you will need some Ether. You can obtain test Ether from the following website: