All Rooms
Race Conditions
medium45 mintryhackme
Learn about race condition vulnerabilities — what they are, why they happen, and how to exploit them. Understand multi-threading, TOCTOU (Time of Check to Time of Use) bugs, and state diagrams. Practice exploiting race conditions using Burp Suite Repeater to send parallel requests, first transferring money between accounts simultaneously to exceed balances, then exploiting a challenge web app to get an account above $1000.
Skills You Will Learn
race-conditionsburp-suite-repeatertoctoumulti-threadingstate-diagrams
Prerequisites
- thm-burpsuitebasics
- thm-burpsuiterepeater
- burp-suite
- http-requests
Walkthrough Phases
1
Understanding Race Conditions
Learn the theory behind race condition vulnerabilities
2
Exploiting Race Conditions
Use Burp Suite to exploit race conditions in a web application
11 questions to answer
alienrecon start thm-raceconditionsattacksDon't have AlienRecon? Get started here