Always use the constructor() function when defining a constructor in your contract.
The constructor is a function that gets executed only once when your contract is first deployed.
DO NOT declare a constructor function using the same name as your contract.
Firstly, the point of this challenge is to first become the owner of the Smart Contract in question. Only the owner of this contract can do things like withdraw money from the contract. So study the contract and look for possible paths that would allow you to become its owner.
The BurpSuite certification is a medium/hard CTF/exam where puts your web skills tested.
These are just my personal thoughts and opinions that led me to pass the exam.
If you already have experience with web application testing,
I suggest to do the labs anyway or at least to see how portswigger academy allows you to exploit server-side vulnerabilities via their exploit server.
In this blog I will outline my experience about the OSCP (Offensive Security Certified Professional) exam....
I started with the buffer overflow while running the nmap scans. .