Race Limit Issues
Why is so important control a race limit issue?
Testing Apps at the web I found that a lot of them are vuln to race limit attacks, without any src filter as ip address, or limit in registers account submit, or login attempts, etc..
As a example, i tested the register form at hackerone.com, i send this PoC to them on July 5, they closed as duplicate and explained to me that they are not concern about this issue and for hist user policy they dont like the idea of use captchas.
The video PoC shows how easy is exploiting a race limit without in register users form:
The poc insert a new user registration, verify the confirmation email and validate the user, all automatically:
IMPACT
We can impact in many forms:
- Inject unlimited registers and create a Denial Of Service in Databases
- Change parameters like voting suffs or any feature in the app
- Multiply the attack using Threads
- Use this for attack a competition company or product or app
- Any evil or malicious way to decriment the performance of a site or the app
(Race limit can be used to brute force attacks, login attempts, or API endpoint attacks. For all this is so important filter & control race limit in all ways.)
A simple Fixation:
The same report was submited to other companies, they pay bounties and fix the issue, put a simple captcha or recaptcha in his login forms or register forms and was done. That’s simple.
Tips: If you found a race limit and exploit it, search in scope of the company and submit a report, if you have lucky, you have paid with a bounty $$$
Happy Hacking! :) Ak1T4
