Create multiple user with the same username (Race Condition) in it-novum/openitcockpit
Jun 4th 2023
Administrator users can create multiple users with the same username which breaks the logic of the web application.
Proof of Concept
Step 1: At Administration>User Management>Manager User Screen, click on "New Local User" button
Step 2: Fill in all the required fields, notice that the email is
Step 3: Intercept the above request
Step 4: Send the request to "Intruder", set payload position as image below
Step 5: Set the number of payloads to 100
Step 6: Set the concurrent requests to 30 and click "Start attack"
Step 7: 30 requests creating the user with the username "firstname.lastname@example.org" will be sent at the same time. Looking at the result, we can see there are 3 users with the username "pentest@gmail" created.
Step 8: Send the request again and see that it fails because the user "email@example.com" was created before, which means by default, it is unacceptable that 2 users with the same username in this system.
Step 8: Go to the User Management screen to confirm that.
When a race condition occurs during the creation of multiple users with the same username, it can result in data inconsistencies and authentication problems. Concurrent processes may overwrite or corrupt user data, leading to difficulties in identifying and distinguishing users, compromising security, and creating usability challenges.