Skip to content

Month: July 2018

Nebula Level10: A Newbie’s Approach

Level10 introduces the Time-of-check Time-of-use (TOCTOU) vulnerability, well described in the CWE website.   What you’ll need to know… C   Level10 I’ll quickly explain the TOCTOU vulnerability using a simple example. Consider the following lines of code. if(!access(abc_file, W_OK)){   fp = fopen(abc_file, “w+”);   write(fp, “moveax”, sizeof(“moveax”)); }…