Read the article directly on my blog: Ethernaut Solutions | Level 2 - Fal1out
Unlike a normal function that can be called anytime, a constructor is only executed once during the creation of the contract. In solidity versions before 0.8.0, a constructor was defined by naming it the same as your contract's name.
pragma solidity ^0.6.0;
contract Foo {
// This is a constructor, same name as the contract
function Foo() public payable {}
// This is a function
function foo() public payable {}
}Unfortunately, the typo in the Fal1out() function converts it to a normal function instead of a constructor. Because of that, Fal1out() is a public function that anyone can call to take ownership of the contract.
/* constructor */
function Fal1out() public payable {
owner = msg.sender;
allocations[owner] = msg.value;
}The Fal1out function should have been named Fallout.
- Simply call the
Fal1out()function to take ownership of the contract.
await contract.Fal1out();- Review your code carefully and multiple times before deploying it
- Use tests to catch obvious bugs like this one.