Open hats-bug-reporter[bot] opened 1 week ago
Github username: -- Twitter username: -- Submission hash (on-chain): 0x87fb9b664d6e11ea8bc56c5e17a9335f45d2fc5b6b3f8a9faeb3459010d17e29 Severity: high
Description: Description
Anyone can call the setOwners function of the Attacker contract by changing its storage
setOwners
Attack Scenario
Anyone can overwrite the variable owners
owners
Attachments
function setOwners(address[] memory _owners) public {
it is advisable to use the onlyOwner modifier of the contract Ownable2Step.sol in this function
onlyOwner
Non-issue, ReentrancyAttack.sol is used only for simulation/testing.
ReentrancyAttack.sol
i agree @0xRizwan is invalid!!
Github username: -- Twitter username: -- Submission hash (on-chain): 0x87fb9b664d6e11ea8bc56c5e17a9335f45d2fc5b6b3f8a9faeb3459010d17e29 Severity: high
Description: Description
Anyone can call the
setOwners
function of the Attacker contract by changing its storageAttack Scenario
Anyone can overwrite the variable
owners
Attachments
function setOwners(address[] memory _owners) public {
it is advisable to use the
onlyOwner
modifier of the contract Ownable2Step.sol in this function