🚀 WannaRace

WebApp intentionally made vulnerable to Race Condition

🤖 Description

Race Condition vulnerability can be practiced in the developed WebApp. Task is to buy a Mega Box using race condition that costs more than available vouchers. Two challenges are made for practice. Challenge B is to be solved when PHPSESSID cookie is present, cookie is auto created when user is logged in. Happy learning 🎉.

🛠 Building and running the Docker image

Build the Docker image with:

git clone https://github.com/Xib3rR4dAr/WannaRace && cd WannaRace
docker build -t xib3rr4dar/wanna_race:1.0 .

Run Docker image:

docker run -it --rm xib3rr4dar/wanna_race:1.0

OR

docker run -it --rm -p 9050:80 xib3rr4dar/wanna_race:1.0

Then open in browser relevant IP:PORT

🎴 Screenshots

Challenge #1

Main Page

Four vouchers worth 400 units available for recharge

Task is to buy Mega box (which is worth 401 units) by exploiting race condition

Challenge #2

Same as Challenge #1 but requires login so that PHPSESSID and appropriate cookies are set

💡Solutions

Challenge #1 Solution

📝 TODOs

✅ Add Solution for Challenge #1
🕘 Add Solution for Challenge #2

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
src		src
web		web
.gitattributes		.gitattributes
Dockerfile		Dockerfile
LICENSE.md		LICENSE.md
README.md		README.md
challenge-1-solution.md		challenge-1-solution.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

🚀 WannaRace

🤖 Description

🛠 Building and running the Docker image

🎴 Screenshots

Challenge #1

Challenge #2

💡Solutions

📝 TODOs

About

Releases

Packages

Languages

License

Xib3rR4dAr/WannaRace

Folders and files

Latest commit

History

Repository files navigation

🚀 WannaRace

🤖 Description

🛠 Building and running the Docker image

🎴 Screenshots

Challenge #1

Challenge #2

💡Solutions

📝 TODOs

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages