File Path Race Condition & How To Prevent It - bin 0x31

preview_player
Показать описание
In this video we look at a typical race condition involving file paths. We learn about the renameat syscall to exploit it and also how to fix it.


-=[ 🔴 Stuff I use ]=-


-=[ ❤️ Support ]=-


-=[ 🐕 Social ]=-


-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
  1. LiveOverflow
  2. Live Overflow
  3. liveoverflow
  4. hacking tutorial
  5. how to hack
  6. exploit tutorial
Рекомендации по теме
File Path Race 0:07:55

File Path Race Condition & How To Prevent It - bin 0x31

What is a 0:02:09

What is a Race Condition (Computer Programming)?

Race Conditions and 0:06:54

Race Conditions and How to Prevent Them - A Look at Dekker's Algorithm

Web Shell Upload 0:10:02

Web Shell Upload via Race Condition

Race condition vulnerability 0:01:00

Race condition vulnerability poc | bug bounty |

Race Condition Trick 0:08:40

Race Condition Trick /proc/self/fd

pwn.college - Race 0:25:20

pwn.college - Race Conditions - Races in the Filesystem

Web shell upload 0:02:52

Web shell upload via race condition - solve without turbo-intruder

CS434 - Race-Condition 0:08:41

CS434 - Race-Condition Vulnerability

Race Condition to 0:01:32

Race Condition to Bypass Product Limit

Race Condition | 0:01:06

Race Condition | bug bounty poc 2020 | hackerone

MITRE CTF 2019 0:15:01

MITRE CTF 2019 - Linux [200] Race Conditions with BASH

API Security: Race 0:04:56

API Security: Race Condition

What is directory 0:05:09

What is directory traversal? (file path traversal) - Web Security Academy

Race Conditions Explained 0:12:11

Race Conditions Explained With An Example | C Programming Tutorial

RACE CONDITION BUGS! 0:04:27

RACE CONDITION BUGS!

Race Condition Demo 0:07:51

Race Condition Demo

Discovering a race 0:02:44

Discovering a race condition vulnerability in Gitlab with the single-packet attack

Hacking banks with 0:05:49

Hacking banks with race conditions

Race condition on 0:00:53

Race condition on like button | Bughunting | POC | Bug bounty

PHP Unserialize & 0:08:33

PHP Unserialize & Race Condition - Tenet on HackTheBox

Race Condition bug 0:05:13

Race Condition bug bounty POC | Bug Bounty 2020 Explained | every.org

Race Conditions - 0:05:00

Race Conditions - SY0-601 CompTIA Security+ : 1.3

200$ Bounty Race 0:01:06

200$ Bounty Race condition vulnerability #hackerone

Комментарии
Автор

I really appreciate that you showed the way to fix this vulnerability also!! Very nice.

joonasfi
Автор

Wow, didn't know about the swapping syscall !

PwnFunction
Автор

I am surprised to see you uploading so many videos haha I hope you keep this up! love your content!

cybermagician
Автор

I'm extremely new to programming and still don't understand all of it. But this person is actively explaining code very well.

AshnSilvercorp
Автор

Interestingly, file contents may also suffer from race condition. I believe it was Samsung TVs which would read in firmware upgrade files from USB stick to verify their signature and if that check passed then read the file again to apply the upgrade. Issue is that one can easily create a USB device which returns some contents on first read but something completely different on another.


By the way, this file path race is essentially the reason why one cannot setuid shell scripts.

mina
Автор

Awesome video. Never thought that race conditions on file paths would be a thing..
Hope you get well soon enough to enjoy Christmas!

simonzelenski
Автор

haha, you upload informational content on par with the best tutorials online, and your worried you don't upload enough. get some well needed rest buddy!

vladde
Автор

I have been using file paths without doing anything. Now I know. Please keep making more videos like this.

sreyanchakravarty
Автор

Out of all your videos, that's the first thing I geniunely didn't know about 🤩

bap
Автор

Deine Videos retten gerade meine Klausur!

tesilia
Автор

Feel better man. Thanks for the video. Learned something new, as always from your channel.

schrodyn
Автор

This is really cool, I've written similar racey file code before but never bothered to look into how you avoid it.

joecarter
Автор

I tried another approach, making a symlink to a empty file I have permissions to, breaking the readflag on an open() syscall and then pointing the symlink to the actual flag. This didnt work unfortunately, but I still learned stuff and you got me to do something, which is very lovely. Thank you.

perli
Автор

It feels like Christmas, because so many new content! LOL. I appreciate your hard work LiveOverflow!

Ookamiraven
Автор

That was really interesting, even better that you showed how to prevent the race condition. Thank you!

theotherjim
Автор

A simple way to show modifications through time, you can use the command watch -n 1 <command> to execute a command each second to get the differences. Something like: ```watch -n 1 ls -lha```

jrmiasmg
Автор

A great explanation of a common and easy to overlook bug.

MrLeeFergusson
Автор

Really cool trick. Somewhat the same concept is using mkfifo to 'pause' the race - if a program writes to a pipe it'll then wait till something reads from it, and if it tries to read it'll wait till something writes.

mal-nrym
Автор

Each video shows me, that I must no no have to learn more and more =D Thanks a lot for the explanation, and also for fixing part. It is really helpful.A few weeks ago I started to watch your binary series and now comes new episodes, they somehow filling each other. Really great recourse. Thanks again. By the way "Gute Beserrung" =) PS:I'm not a german, so hope I wrote it write =D

elikelik
Автор

Thanks, it really helped me to perform a priv esc

badrelmazaz
welcome to shbcf.ru