Home Lab Setup SEED Labs Books Lectures Workshops
SEED Logo

Race-Condition Vulnerability Lab

Overview

The learning objective of this lab is for students to gain the first-hand experience on the race-condition vulnerability by putting what they have learned about the vulnerability from class into actions. A race condition occurs when multiple processes access and manipulate the same data concurrently, and the outcome of the execution depends on the particular order in which the access takes place. If a privileged program has a race-condition vulnerability, attackers can run a parallel process to ``race'' against the privileged program, with an intention to change the behaviors of the program.

In this lab, students will be given a program with a race-condition vulnerability; their task is to develop a scheme to exploit the vulnerability and gain the root privilege. In addition to the attacks, students will be guided to walk through several protection schemes that can be used to counter the race-condition attacks. Students need to evaluate whether the schemes work or not and explain why.

Tasks (PDF)

Time (Suggested)

  • Supervised (closely-guided lab session): 2 hours
  • Unsupervised (take-home project): 1 week

SEED Videos

SEED Books (English) (Chinese)

  • Computer & Internet Security: A Hands-on Approach, 2nd edition (§ 7)
  • Computer Security: A Hands-on Approach, 2nd edition (§ 7)
  • Chinese version, 1st edition (§ 7)

Feedback and Help

Please give us your feedback on this lab using this feedback form.
The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.