⏱️⏱️⏱️ Who can win the subscribe race condition? ⏱️⏱️⏱️
@nsns7993
4 жыл бұрын
Nice video!
@weednweights
3 жыл бұрын
Since you are allowed to go sudo to change owner of sanic, why not just go sudo to cat the flag? Shouldn't the usage of sudo be restricted during a CTF?
@247CTF
3 жыл бұрын
This is just a contrived example to show how this could be exploited.
@youssefblt9839
7 ай бұрын
how can we detedt this type of vulnerabilitys on a web app using burp
@247CTF
6 ай бұрын
You could try making multiple requests at the same time. PortSwigger has a free lab on race conditions you could check out.
@nopenope5949
3 жыл бұрын
I have watch the entire video and understand about the logic of race condition but when I want to implement it to the challange I got stuck, can you help me?
@247CTF
3 жыл бұрын
What are you trying to do?
@nopenope5949
3 жыл бұрын
@@247CTF I have intercept the website for knowing flow of the data and getting the point where I can do the race condition but I'm still confuse how to trigger its race condition
@rishabhanand4029
3 жыл бұрын
Good video.
@247CTF
3 жыл бұрын
Thanks!
@dergartenbaumlaufer6635
4 жыл бұрын
That was just everything I needed to solve the acid flag bank challenge. Very cool :)
Пікірлер: 13