About me $g4mm4 === $gamma95 ● Penetration tester ● Bugs hunter ● Full time Internet Troll
About the talk● What is race condition?● Race conditions in the web applications● Prevention● Demo● References● Q&A
What is race condition?● A race condition or race hazard is a type of flaw in an electronic or software system where the output is dependent on the sequence or timing of other uncontrollable events● Race conditions can occur in electronics systems, especially logic circuits, and in computer software, especially multithreaded or distributed programs.
in Electronics● ∆t1 and ∆t2 represent the propagation delays of the logic elements.● When the input value (A) changes, the circuit outputs a short spike of duration (∆t1+∆t2) - ∆t2 = ∆t1
In Computer Software (file system, networking ...)
System V Semaphore PHP is compiled with --enable-sysvsem
LFI with phpinfo()● What is LFI? Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected
LFI with phpinfo()● Why PHPInfo()? The output of the PHPInfo() script contains the values of the PHP Variables, including any values set via _GET, _POST or uploaded _FILES.
References● Practical Race Condition Vulnerabilities in Web Applications https://defuse.ca/race-conditions-in-web-applications.htm● "LFI with phpinfo() assistance" http://www.insomniasec.com/publications/LFI With PHPInfo Assistance.pdf● Nghệ thuật tận dụng lỗi phần mềm http://bluemoon.com.vn/books/8935048992197.html