Scribd Logo
Upload

Welcome to Scribd!

  • Lab17 Race Conditions Vulnerabilities

    Uploaded by

    truongvg2003
    5 views2 pages

    Original Title

    Lab17 Race conditions vulnerabilities

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views2 pages

    Lab17 Race Conditions Vulnerabilities

    Uploaded by

    truongvg2003

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Lab 17: Race conditions vulnerabilities

    Objective:
    - This lab is designed to explore Race Conditions vulnerabilities in web applications and
    systems. Participants will interact with a simulated environment where specific processes or
    actions are prone to race conditions. The objective is to understand how race conditions
    occur, identify their impact on application security and data integrity, exploit these
    vulnerabilities, and learn effective strategies to prevent them.

    In this lab, students need to:


     Answer the following questions:
    o What are Race Conditions vulnerabilities, and how do they differ from other types of
    vulnerabilities in web applications? Explain the concept of a race condition, including
    how concurrent processes or threads can lead to unexpected or insecure states.
    Race Conditions vulnerabilites are when attacker sends at least two or many requests at
    the exact same time to cause a collision on the web application.
    o Describe the process of exploiting a Race Conditions vulnerability in a web application or
    system. What techniques can an attacker use to induce a race condition, and how can
    such vulnerabilities lead to security breaches or data corruption?
    Attackers often use technique to send requests as many as possible with the latest
    latency, single packet attack supports that ( demonstrated by PortSwigger ). Race
    Condition vulnerabilies can help attackers break logic flaws of the system thus it can
    result in financial loss.

     Perform challenge:
    o Limit overrun race conditions
     Explain and capture all steps (full windows screen capture).

    Submit a report addressing all the questions mentioned above in either PDF or Markdown format.
    Additionally, include a video demonstrating the detailed process of your work to ensure the
    authenticity of your lab exercise.
    The report file name must be Class_YourStudentID _YourName_Lab17

    In this lab, we will use BurpSuite Repeater’s function to send high number of requests in group and in
    parallel, the coupon will have the chance to be applied more than one more time so we can buy
    expensive 1337$ with just 50.00$.
    VIDEO LINK: LAB17_RaceConditions.mp4

    You might also like