Partial Construction Race Conditions
HTML-код
- Опубликовано: 28 июн 2024
- 👩🎓👨🎓 Learn about Race Condition vulnerabilities and how to exploit them! This lab contains a user registration mechanism. A race condition enables us to bypass email verification and register with an arbitrary email address that we do not own. To solve the lab, we'll exploit the race condition to create an account, then log in and delete the user carlos.
Overview:
0:00 Intro
0:09 Partial construction race conditions
2:05 Lab: Partial construction race conditions
2:42 Predict potential collision
6:37 Benchmark the behaviour
9:11 Prove by claiming the victims email address
15:05 Conclusion
If you're struggling with the concepts covered in this lab, please review portswigger.net/web-security/... 🧠
🔗 Portswigger challenge: portswigger.net/web-security/...
🧑💻 Sign up and start hacking right now - go.intigriti.com/register
👾 Join our Discord - go.intigriti.com/discord
🎙️ This show is hosted by / _cryptocat ( @_CryptoCat ) & / intigriti
👕 Do you want some Intigriti Swag? Check out swag.intigriti.com
9:07 This same issue happens to me too, but I don't know why. Awesome video btw 🎉❤
Thanks! At least it's not just me then 😅
Love this!
Excellent
Thank you so much 😀