💻
Application Security Cheat Sheet
  • Application Security Cheat Sheet
  • Android Application
    • Overview
      • Application Data & Files
      • Application Package
      • Application Sandbox
      • Application Signing
      • Deployment
      • Package Manager
    • Intent Vulnerabilities
      • Deep Linking Vulnerabilities
    • WebView Vulnerabilities
      • WebResourceResponse Vulnerabilities
      • WebSettings Vulnerabilities
  • CI/CD
    • Dependency
      • Dependency Confusion
      • Dependency Hijaking
      • Typosquatting
    • GitHub
      • GitHub Actions
      • Code owners
      • Dependabot
      • Redirect
      • Releases
  • Cloud
    • AWS
      • Amazon API Gateway
      • Amazon Cognito
      • Amazon S3
  • Container
    • Overview
      • Container Basics
      • Docker Engine
    • Escaping
      • CVE List
      • Exposed Docker Socket
      • Excessive Capabilities
      • Host Networking Driver
      • PID Namespace Sharing
      • Sensitive Mounts
    • Container Analysis Tools
  • Framework
    • Spring
      • Overview
      • Mass Assignment
      • Routing Abuse
      • SpEL Injection
      • Spring Boot Actuators
      • Spring Data Redis Insecure Deserialization
      • Spring View Manipulation
    • React
      • Overview
      • Security Issues
  • Linux
    • Overview
      • Philosophy
      • File
      • File Descriptor
      • I/O Redirection
      • Process
      • Inter Process Communication
      • Shell
      • Signals
      • Socket
      • User Space vs Kernel Space
    • Bash Tips
  • iOS Application
    • Overview
      • Application Data & Files
      • Application Package
      • Application Sandbox
      • Application Signing
      • Deployment
    • Getting Started
      • IPA Patching
      • Source Code Patching
      • Testing with Objection
  • Resources
    • Lists
      • Payloads
      • Wordlists
    • Researching
      • Web Application
      • Write-ups
    • Software
      • AWS Tools
      • Azure Tools
      • Component Analysis
      • Docker Analysis
      • Dynamic Analysis
      • Fuzzing
      • GCP Tools
      • Reverse Engineering
      • Static Analysis
      • Vulnerability Scanning
    • Training
      • Secure Development
  • Web Application
    • Abusing HTTP hop-by-hop Request Headers
    • Broken Authentication
      • Two-Factor Authentication Vulnerabilities
    • Command Injection
      • Argument Injection
    • Content Security Policy
    • Cookie Security
      • Cookie Bomb
      • Cookie Jar Overflow
      • Cookie Tossing
    • CORS Misconfiguration
    • File Upload Vulnerabilities
    • GraphQL Vulnerabilities
    • HTML Injection
      • base
      • iframe
      • link
      • meta
      • target attribute
    • HTTP Header Security
    • HTTP Request Smuggling
    • Improper Rate Limits
    • JavaScript Prototype Pollution
    • JSON Web Token Vulnerabilities
    • OAuth 2.0 Vulnerabilities
      • OpenID Connect Vulnerabilities
    • Race Condition
    • Server Side Request Forgery
      • Post Exploitation
    • SVG Abuse
    • Weak Random Generation
    • Web Cache Poisoning
Powered by GitBook
On this page
  • Overview
  • When random values can be predicted?
  • Random generation
  • Go
  • Java
  • Node.js
  • Python
  • Ruby
  • UUID/GUID
  1. Web Application

Weak Random Generation

PreviousSVG AbuseNextWeb Cache Poisoning

Last updated 2 years ago

Overview

Applications use random values in many flows for security purposes, such as password recovery or session generation. However, not every value that seems random actually is. As a result, if an application relies on generators to produce values that can be predicted, then that application is vulnerable.

When random values can be predicted?

There are several conditions that may allow you to predict generated random values:

  • Insufficient length of generated values (this usually means the lenght < 16 bytes).

  • Short alphabet that is used for generation.

  • Using static values for generation.

  • Using values that can be easily guessed (for example, timestamp).

  • Using statistical random number generators whose output can be reproduced.

Often, the fulfillment of one or more of the conditions above will result in the ability to predict generated values.

Random generation

Go

Weak generation:

Crypto-strong generation:

Java

Weak generation:

Crypto-strong generation:

  • For a UNIX-like OS, the default strong generation algorithm is NativePRNGBlocking, which is based on /dev/random. As a result, SecureRandom.getInstanceStrong() will return a SecureRandom implementation that can block the current thread when the generateSeed or nextBytes methods is called.

References:

Node.js

Weak generation:

Crypto-strong generation:

Python

Weak generation:

Crypto-strong generation:

Ruby

Weak generation:

Crypto-strong generation:

UUID/GUID

Universally unique identifier (UUID) or globally unique identifier (GUID) is a 128-bit label used for information in computer systems. UUID/GUID has the following format:

123e4567-e89b-12d3-a456-426614174000
  • Version 0 Only seen in the nil UUID/GUID 00000000-0000-0000-0000-000000000000.

  • Version 1 The UUID/GUID is generated in a predictable manner based on:

    • The current time.

    • A randomly generated "clock sequence" which remains constant between UUIDs/GUIDs during the uptime of the generating system.

    • A "node ID", which is generated based on the system's MAC address if it is available.

  • Version 3 The UUID/GUID is generated using an MD5 hash of a provided name and namespace.

  • Version 4 The UUID/GUID is randomly generated.

  • Version 5 The UUID/GUID is generated using a SHA1 hash of a provided name and namespace.

You can find the UUID/GUID version number directly after the second hyphen. For example, the UUID/GUID shown above is a version 4.

bcd510ca-3357-48d7-8e3f-1206b9c09632
              ^

As you can see there is only version 4 which uses a random number generator to generate the values. Therefore, other versions can be potentially predicted. In the references you can find a link to a tool that allows generating UUID/GUID of version 1 based on a creation time and a UUID/GUID sample.

References:

There are five versions of UUID/GUID versions defined in the :

math/rand
crypto/rand
java.util.Random
org.apache.commons.lang3.RandomStringUtils
java.security.SecureRandom
Everything about Java's SecureRandom
CRACKING THE ODD CASE OF RANDOMNESS IN JAVA
elttam/rsu-cracker - RandomStringUtils/nextInt Cracker
Math.random()
node:crypto
random
secrets
Random
Kernel.rand
SecureRandom
RFC4122
Intruder - Cyber Security Research: In GUID We Trust
intruder-io/guidtool: A tool to inspect and attack version 1 GUIDs