Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Final race-condition-in-the-web


Published on

Published in: Technology

Final race-condition-in-the-web

  1. 1. Race Condition Attacks in Web Applications gamma95[at]gmail[dot].com
  2. 2. Breaking news
  3. 3. About me
  4. 4. About me $g4mm4 === $gamma95 ● Penetration tester ● Bugs hunter ● Full time Internet Troll
  5. 5. About the talk● What is race condition?● Race conditions in the web applications● Prevention● Demo● References● Q&A
  6. 6. What is race condition?● A race condition or race hazard is a type of flaw in an electronic or software system where the output is dependent on the sequence or timing of other uncontrollable events● Race conditions can occur in electronics systems, especially logic circuits, and in computer software, especially multithreaded or distributed programs.
  7. 7. in Electronics● ∆t1 and ∆t2 represent the propagation delays of the logic elements.● When the input value (A) changes, the circuit outputs a short spike of duration (∆t1+∆t2) - ∆t2 = ∆t1
  8. 8. In Computer Software (file system, networking ...)
  9. 9. in Web Applications: Hit Counter
  10. 10. in Web Applications: Hit Counter
  11. 11. Tell me why?
  12. 12. Tell me why?
  13. 13. in Web Applications: Online Banking
  14. 14. in Web Applications: Online Banking
  15. 15. D3m0
  16. 16. Prevention
  17. 17. Semaphore
  18. 18. System V Semaphore PHP is compiled with --enable-sysvsem
  19. 19. LFI with phpinfo()● What is LFI? Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected
  20. 20. LFI with phpinfo()● Why PHPInfo()? The output of the PHPInfo() script contains the values of the PHP Variables, including any values set via _GET, _POST or uploaded _FILES.
  21. 21. How to win the race ?
  22. 22. D3m0
  23. 23. References● Practical Race Condition Vulnerabilities in Web Applications● "LFI with phpinfo() assistance" With PHPInfo Assistance.pdf● Nghệ thuật tận dụng lỗi phần mềm
  24. 24. Questions?
  25. 25. Thats all folks!