Skip to content

Instantly share code, notes, and snippets.

@vyorkin
Created March 9, 2022 12:02
Show Gist options
  • Save vyorkin/1f11bd26ac4f5ca6169a3dd1cd80aeb2 to your computer and use it in GitHub Desktop.
Save vyorkin/1f11bd26ac4f5ca6169a3dd1cd80aeb2 to your computer and use it in GitHub Desktop.
Created using remix-ide: Realtime Ethereum Contract Compiler and Runtime. Load this file by pasting this gists URL or ID at https://remix.ethereum.org/#version=soljson-v0.8.12+commit.f00d7308.js&optimize=false&runs=200&gist=
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.10;
contract Foo {
Bar bar;
constructor(address _bar) {
bar = Bar(_bar);
}
function callBar() public {
bar.log();
}
}
contract Bar {
event Log(string message);
function log() public {
emit Log("Bar was called");
}
}
// This code is hidden in a separate file
contract Mal {
event Log(string message);
// function () external {
// emit Log("Mal was called");
// }
// Actually we can execute the same exploit even if this function does
// not exist by using the fallback
function log() public {
emit Log("Mal was called");
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment