WannaRace is a WebApp intentionally made vulnerable to Race Condition
Description
Race Condition vulnerability can be practiced in the developed WebApp. Task is to buy a Mega Box using race condition that costs more than available vouchers. Two challenges are made for practice. Challenge B is to be solved when PHPSESSID cookie is present, cookie is auto created when user is logged in. Happy learning .
Building And Running The Docker Image
Build the Docker image with:
git clone https://github.com/Xib3rR4dAr/WannaRace && cd WannaRace
docker build -t xib3rr4dar/wanna_race:1.0 .
Run Docker image:
docker run -it –rm xib3rr4dar/wanna_race:1.0
Then open in browser relevant IP:PORT
Screenshots
Main Page
Four vouchers worth 400 units available for recharge
Task is to buy Mega box (which is worth 401 units) by exploiting race condition
Challenge #2
Same as Challenge #1 but requires login so that PHPSESSID and appropriate cookies are set
On March 4, 2025, a group claiming to be the notorious threat actor BianLian began…
Blindsight is a red teaming tool designed to dump LSASS (Local Security Authority Subsystem Service)…
Hiphp, developed by Yasserbdj96, is an open-source tool designed to create a backdoor for controlling…
PowerShell-Hunter is a robust collection of PowerShell-based tools designed to aid security analysts in detecting…
DE-TH-Aura, an initiative by SecurityAura, focuses on enhancing detection engineering and threat hunting capabilities using…
MassVulScan is a powerful network scanning tool designed for pentesters and system administrators to identify…