race condition – WindowsTechs.com

Race condition in Python [closed]

Posted on October 7, 2024 by Johnny

I am trying to teach my students about race conditions on the web, and for that purpose, I am using a simple bank example, in which we transfer an amount from person A to Person B’s account. If we use Burp and send simultaneous requests li… Continue reading Race condition in Python [closed]→

The Other Kind Of Static Hazard to Your Logic Circuits

Posted on November 24, 2023 by Dan Maloney

We’ve all heard of the dangers of static electricity when dealing with electronics, and we all take the proper precautions when working with static-sensitive components — don’t we? But as …read more Continue reading The Other Kind Of Static Hazard to Your Logic Circuits→

Data integrity protection in Drupal 10.x – how lock conditions might fail

Posted on June 16, 2023 by Keith Douglas

I was doing some pentesting on a Drupal 10.x application that some colleagues built; I have not reviewed the source code. The dynamic vulnerability scanner I use provoked some exceptions related to a failure to obtain locks on various obje… Continue reading Data integrity protection in Drupal 10.x – how lock conditions might fail→

How to win the race of making an offer before another DHCP server?

Posted on March 7, 2023 by mkd

I’m trying to run a rogue DHCP server on my local network to simulate a MITM attack. Upon researching the DHCP attack, it seems to have a low success rate since the rogue DHCP server must be faster than the actual DHCP server in making an … Continue reading How to win the race of making an offer before another DHCP server?→

Using the readlink function to avoid symbolic link race conditions when opening a file path

Posted on January 27, 2023 by Plastic

I’m reading this paper. On the page 11 the paper says:

Unix applications can obtain access to files without encountering symlink races. This is important for normal application programmers who, for example, might want to write an ftp serv… Continue reading Using the readlink function to avoid symbolic link race conditions when opening a file path→

How can opening a non-existing file cause a security vulnerability?

Posted on July 7, 2022 by Xavier Mukodi

I was reading on race conditions when I encountered the paragraph below:

How exactly does trying to read a non-existing file cause a security vulnerability?

Continue reading How can opening a non-existing file cause a security vulnerability?→

Cryptocurrency startup fails to subtract before adding, loses $31m

Posted on December 6, 2021 by Paul Ducklin

Think of a number, any number. Take away 42. Add 42 back in. Then pretend you didn’t take away 42. How much is left? Continue reading Cryptocurrency startup fails to subtract before adding, loses $31m→

Understanding the Meltdown vulnerability

Posted on September 14, 2021 by Segmentation fault

I need to write a simple program that demonstrates a race condition. I picked the Meltdown vulnerability.
I want to clarify something. I’m following this explanation https://resources.infosecinstitute.com/topic/race-conditions-exploitation… Continue reading Understanding the Meltdown vulnerability→

Can be this considered token race condition vulnerability?

Posted on April 1, 2021 by Maicake

I’m testing a REST API.
To get the access-token and refresh-token you need first to authenticate using Basic Authentication with user and password.
Then you get access-token and refresh-token pair and you can use the first to interact with… Continue reading Can be this considered token race condition vulnerability?→

What is the impact if there is Race Condition while submitting OTP?

Posted on March 2, 2021 by Joel Deleep

I recently came across a web application where it was asking for an OTP after a successful login.
Let the endpoint be https://www.example.com/otpcode
The initial test for a brute-force of the OTP resulted in a 400 Bad request. I tested for… Continue reading What is the impact if there is Race Condition while submitting OTP?→