Techly NewsGet the app

Get the latest tech news

Single-packet race condition breaking the 65535 byte lim


Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at Flatt Security Inc. In 2023, James Kettle of PortSwigger published an excellent paper titled Smashing the state machine: the true potential of web race conditions. In the paper, he introduced a new attack technique called single-packet attack that can exploit a race condition without being affected by the network jitter. Quoted from Smashing the state machine: the true potential of web race conditions Recently, I encountered a limit-overrun type of race condition that requires sending approximately 10,000 requests simultaneously to exploit reliably, so I attempted to apply the single packet attack to it.

In 2023, James Kettle of PortSwigger published an excellent paper titled Smashing the state machine: the true potential of web race conditions. However, due to the single packet attack’s limitation, which restricts the maximum size of requests that can be sent to around 1,500 bytes, I couldn’t exploit the vulnerability. Integrate with the existing proxy tools: The current PoC doesn’t have flexibility, and requires changes to the code to add headers or modify the request body.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of byte

byte

Photo of byte lim

byte lim

Related news:

News photo

City in a Bottle – A 256 Byte Raycasting System

News photo

500 Byte Images: The Haiku Vector Icon Format (2016)

News photo

A 23-byte "hello, world" program assembled with DEBUG.EXE in MS-DOS

« How Postgres stores data on disk – this one's a page turner
CrowdStrike says it’s not to blame for Delta’s days-long outage »