More Tools
Start with whatever tools you may have.Better tools will be found as you go.
Last updated
Start with whatever tools you may have.Better tools will be found as you go.
Last updated
Using a tool can help you find and exploit TOCTOU issues. There are a couple of such tools available in the open-source world:
We will solve the last challenge using RaceTheWeb. The executable files for RaceTheWeb can be obtained from https://github.com/aaronhnatiw/race-the-web/releases
Which version to download? It depends on the operating-system you are running
On Linux and macOS machines, you need to make the file executable.
Running RacetheWeb is easy:
Open command prompt/Terminal
Navigate to the directory where you have extracted/downloaded the executable binary file
Run the following command:
race-the-web portion:
Depending on the operating-system you are using, the race-the-web portion needs to be changed.
<toml-file> portion:
TOML stands for Tom’s Obvious Minimal Language. The TOML file supplied should be having the request details so that race-the-web can run them.
Find TOML file for some of the TimeGap Theory challenges below:
In the above TOML file:
Count defines how many requests RaceTheWeb tools would be sending in parallel
Verbose defines the verbosity level of output that is displayed on the screen. The value of this can either be true or false
Method defines the type of the request. This can be GET, POST, PUT, DELETE etc.
URL is, well, the url at which request needs to be sent
Body of the request. You can skip this part if there is no body that needs to be submitted
In the above TOML file:
Count is 1. However, there are three requests in the file. As such, RaceTheWeb tool will send three parallel requests
First two requests have wrong password in the request body
In the above TOML file, we are sending a cookie as well.
Now you know:
Various open-source tools and techniques for finding and exploiting TOCTOU security issues
How to use RaceTheWeb tool for exploiting TOCTOU security issues
Writing TOML files for RaceTheWeb tool
Operating System
FIle to be downloaded
Linux 32-bit
race-the-web_2.0.1_lin32.bin
Linux 64-bit
race-the-web_2.0.1_lin64.bin
macOS 32-bit
race-the-web_2.0.1_osx32.app.zip
macOS 64-bit
race-the-web_2.0.1_osx64.app.zip
Windows 32-bit
race-the-web_2.0.1_win32.exe
Windows 64-bit
race-the-web_2.0.1_win64.exe
Operating System
Command to run on Terminal
race-the-web_2.0.1_lin32.bin
chmod +x race-the-web_2.0.1_lin32.bin
race-the-web_2.0.1_lin64.bin
chmod +x race-the-web_2.0.1_lin64.bin
race-the-web_2.0.1_osx32.app.zip
Extract the zip file
chmod +x race-the-web_2.0.1_osx32.app
race-the-web_2.0.1_osx64.app.zip
Extract the zip file
chmod +x race-the-web_2.0.1_osx64.app
Operating System
race-the-web portion
Linux 32-bit
./race-the-web_2.0.1_lin32.bin
Linux 64-bit
./race-the-web_2.0.1_lin64.bin
macOS 32-bit
./race-the-web_2.0.1_osx32.app
macOS 64-bit
./race-the-web_2.0.1_osx64.app
Windows 32-bit
race-the-web_2.0.1_win32.exe
Windows 64-bit
race-the-web_2.0.1_win64.exe
Name
Notes
Browser Dev Tools
Very easy to find
Comes with major browsers
Does not support sending cookies
cURL
Easy to get
Works on almost all the platforms
Supports sending cookies
