An open API service indexing awesome lists of open source software.

https://github.com/priyabug/race-condition-detection-and-mitigation

It explores race condition vulnerabilities, detection techniques, and mitigation strategies, providing insights into how they are exploited and how to prevent them.
https://github.com/priyabug/race-condition-detection-and-mitigation

attack-program countermeasure detection improved-attack mitigation python race-conditions target-machine ubuntu

Last synced: about 2 months ago
JSON representation

It explores race condition vulnerabilities, detection techniques, and mitigation strategies, providing insights into how they are exploited and how to prevent them.

Awesome Lists containing this project

README

          

Race-Condition-Detection-and-Mitigation

Description


A race condition arises when multiple processes simultaneously access and modify the same data, and the execution outcome depends on the sequence of these accesses.
If a privileged program contains a race-condition vulnerability, attackers can execute a parallel process to "race" against the privileged program, aiming to alter its behavior.
Here we have exploited the vulnerability and gain the root privilege. In addition to the attacks, and we will also discuss about various protection schemes that can be used to counter the race-condition attacks.
The lab covers the following topics:
• Race condition vulnerability
• Sticky symlink protection
• Principle of least privilege

![image](https://github.com/user-attachments/assets/ed8fa262-f0bc-4056-ada0-df40383dc7bd)

Languages and Utilities Used

- Python
- Ununtu 20.04 VM

Environments Used

- Windows 11 Home (21H2)

Program walk-through:

Task 1: Choosing Our Target

Task 2: Launching the Race Condition Attack


2.A: Simulating a Slow Machine

2.B: The Real Attack

2.C: An Improved Attack Method

Task 3: Countermeasures


3.A: Applying the Principle of Least Privilege

3.B: Using Ubuntu’s Built-in Scheme