题目描述

image.png

解题过程

题目源码

  1. // SPDX-License-Identifier: MIT
  2. pragma solidity ^0.6.0;
  4. import '@openzeppelin/contracts/math/SafeMath.sol';
  6. contract Fallout {
  8.   using SafeMath for uint256;
  9.   mapping (address => uint) allocations;
  10.   address payable public owner;
  13.   /* constructor */
  14.   function Fal1out() public payable {
  15.     owner = msg.sender;
  16.     allocations[owner] = msg.value;
  17.   }
  19.   modifier onlyOwner {
  20.             require(
  21.                 msg.sender == owner,
  22.                 "caller is not the owner"
  23.             );
  24.             _;
  25.         }
  27.   function allocate() public payable {
  28.     allocations[msg.sender] = allocations[msg.sender].add(msg.value);
  29.   }
  31.   function sendAllocation(address payable allocator) public {
  32.     require(allocations[allocator] > 0);
  33.     allocator.transfer(allocations[allocator]);
  34.   }
  36.   function collectAllocations() public onlyOwner {
  37.     msg.sender.transfer(address(this).balance);
  38.   }
  40.   function allocatorBalance(address allocator) public view returns (uint) {
  41.     return allocations[allocator];
  42.   }
  43. }

我们可以注意到构造函数 Fallout 被写成了 Fal1out,导致该函数不是构造函数,可以直接调用获取 owner权限
image.png
调用方法即可获取权限
image.png