Shulou(Shulou.com)06/01 Report--

* * when it comes to the application of random functions, as a rookie, I don't have a deep understanding. I record it here as a note, and then slowly master it, and then deepen it in the content.

The function of random function is often used to generate CAPTCHA, random file name, order number, and if used for security verification, it is often used to generate encrypted key, token, and so on. **

1. Common random functions

1. Rand ()

The commonly used random function generates a random number between 0-getrandmax () by default, but it has been replaced by the mt_rand () function because of performance problems.

Related functions:

Rand (int $min,int $max)

Srand (int $seed), generate the time seed, and the random values generated randomly under the same time seed are the same.

Getrandmax () gets the maximum random number, which varies from system to system. For example, the maximum linux is 2147483647.

2 、 mt_rand

The commonly used random function generates random numbers between 0-mt_getrandmax () by default, and Mersenne Twister algorithm generates random integers.

Related functions:

Mt_srand (), generate the seed, and the random values generated randomly under the same seed are the same.

This function is a better choice for generating random values, and returns results four times faster than the rand () function (according to the manual). Personally, I don't agree. I feel like he said four times as fast as he did many years ago. Because the Mersenne Twister algorythm used by mt_rand () is 1997, so many years ago, the speed difference between rand () and rand () may be (4 times). Since 2004, rand () has been using algorythm, so now they are not much different in speed.

Sometimes the manual is also a lie, just like the problem caused by this function that we will talk about later.

3. Uniqid ()

The function that generates a unique ID is more subtle and more accurate than mt_rand. Suitable for scene generation token and uuid generation

No research has been done on the details.

4. Openssl_random_pseudo_bytes ()

It is suitable for generating token. No research has been done on the details.

Second, the problems caused by the mt_rand () function

--

Today, we will focus on recording the problems brought about by mt_rand and the specific solutions in CTF. There are two versions of this function, one is the English version and the other is the Chinese version. To compare it, there will be an extra warning in the English version:

Caution:This function does not generate cryptographically secure values, and should not be used for cryptographic purposes. If you need a cryptographically secure value, consider using random_int (), random_bytes (), or openssl_random_pseudo_bytes () instead.

It means to pay attention to the security of the function, can not be used to generate password security values, do not refer to encryption, can be applied if necessary, and so on. In fact, there is nothing wrong with the function itself, but it is just used improperly.

I have no experience in digging loopholes, so it is not clear whether there are many loopholes mentioned by the boss, but as far as I am concerned, I will only choose to read the introduction of the Chinese version and use this function to generate password security values. In this way, you don't know the warning, and it will cause security problems.

First of all, we need to know that every time we call the mt_rand () function, we check to see if the system has been sown. (the sowing is done by the mt_srand () function.) when the random seed is generated, the random numbers generated later will be generated according to the random seed. So as mentioned earlier, the randomly generated random values under the same seed are the same. At the same time, it also explains the feasibility of cracking random seeds. If you need to generate a random seed every time you call the mt_rand () function, there is no way to crack it.

To do a simple test, the seed of the test random number is the same, and so is the random number for each subsequent execution.

Script:

The result of two execution:

You can see that the random numbers are the same.

At the same time, we should note that when sowing the mt_srand () function, it is only used when the mt_rand () function is called for the first time. So if we know the random value generated for the first time, it is possible to burst the random number seed.

--

Next, let's verify it.

First of all, the random number seed is exploded, and the tool php_mt_srand is used.

Tool link: https://github.com/lepiaf/php_mt_seed

The specific usage of this tool is no longer explained, but it is quite complicated to say. Recommend an article here, read it and get a general idea. At the same time, it also helps to understand random numbers.

Https:// × × w.openwall.com/php_mt_seed/README

Blow up the seeds of random numbers, and we will blow up the first set of numbers.

Get three sets of threshold values, there are random number seeds we use, of course, under normal circumstances we do not know this value, so we still need to verify.

--

How to verify it?

1. Just use this seed to generate a number through the mt_srand () function, and then call several sets of mt_rand () functions to generate several sets of random numbers\

2. Then compare the random number with the random number we just got.

Test the first group

Test the second group

Test Group 3

You can see that only the second set of random numbers is the same as the original, and the threshold value is successfully obtained here.

III. Topics in CTF

The topic comes from the network exercise platform of Chengdu University-- Random number.

Topic link: http://ctf.cdusec.org/challenges

The topic is very simple, and directly gives the source code of the random number of the topic and the first few groups of random numbers:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.