Skip to content
/ PHP-Race-Condition-POC Public

This repo contains a PHP Race Condition POC that simulates a vulnerability seen in Starbucks gift cards in 2015.

1 star 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SeanRobertDH/PHP-Race-Condition-POC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
mysql
mysql
 
 
nginx
nginx
 
 
php
php
 
 
var/www
var/www
 
 
.env
.env
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

PHP-Race-Condition-POC

This repo contains a PHP Race Condition POC that simulates a vulnerability seen in Starbucks gift cards in 2015.

Prerequisites:

  1. install Docker.
  2. Ensure that you're running the docker container in a multi-cpu or multi-threaded enviroment (Docker uses all available resources by default).

Setup:

Note* May not work on M1 Mac or other ARM-based OSes. If you find a solution, please feel free to submit a PR!

  1. Run git clone https://github.com/SeanRobertDH/PHP-Race-Condition-POC.
  2. Run Docker.
  3. in the cloned directory with the docker-compose.yml file, run the command docker-compose up.
  4. The vulnerable web server is now running on localhost:6969.
  5. There should be '2 gift cards with $500 each'. Your goal is to increase the sum of their values to be more than $1000.

Recommended Tools:

Resetting the container:

  1. Open a seperate terminal also in the directory with the docker-compose.yml file and run the command docker-compose down -v.

Another Race Condition Challenge:

About

This repo contains a PHP Race Condition POC that simulates a vulnerability seen in Starbucks gift cards in 2015.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages