I am practicing some vulnerabilities in smart contracts for my lecture in the university.
The contracts that I am practicing on are;
contract Company is CompanyInterface {
address public ceo;
...
function setCeo(address newCeo){
ceo = newCeo;
}
...
}
contract MainCompany is CompanyInterface {
address public ceo;
address public lib; // address of Company contract
...
function() payable external {
if(!lib.delegatecall(msg.data)) {
revert();
}
}
...
}
Here, I try to make myself ceo of the MainCompany. However, I couldn't figure out how to call setCeo here. As I know that when an attacker calls MainCompany.setCeo(attacker), MainCompany's fallback function should be triggered when the function (setCeo) can't be found in the MainCompany contract. However, it doesn't happen.
My approach is to create an attacker contract. In that contract, I created a function that does the following;
<addressOfMainCompany>.call.value(1)(bytes4(keccak256("setCeo(address)")), address(0x4b9...));
But ceo is still same. What is the correct way of changing ceo of the MainCompany here?
Thanks
