webPromedium

Lab 272 — SwiftMart — Race Condition in Promo Code Redemption

hackadvisor

Task: Digital marketplace with wallet system where each user gets a single-use $50 promo code, but premium vault items cost $500+. Solution: TOCTOU race condition on promo code redemption endpoint — fire 200 concurrent requests using threading.Barrier to redeem the same code multiple times before it's marked as used, inflating wallet balance to purchase the vault item containing the flag.

$ ls tags/ techniques/

flask race_condition toctou concurrent_requests threading session_cookies decoy_flag promo_code wallet digital_marketplace

race_condition_exploitationthread_barrier_synchronizationsession_cookie_sharingtoctou_promo_bypassconcurrent_http_flooding

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ grep --similar

Similar writeups

[web][Pro]Lab 14 — SoundMart — Race Condition in Coupon Redemption— hackadvisor
[web][Pro]Точка невозврата (Point of No Return)— hackerlab
[web][Pro]Race Shop— web-kids20
[web][Pro]Race Shop 2— web-kids20
[web][Pro]Lab 162 — VaultDrop — File Upload Race Condition (TOCTOU)— hackadvisor