Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for typical php mt_rand default seeds: #24

Open
altf4 opened this issue Mar 3, 2015 · 1 comment
Open

Support for typical php mt_rand default seeds: #24

altf4 opened this issue Mar 3, 2015 · 1 comment
Labels
enhancement

Comments

@altf4
Copy link
Owner

altf4 commented Mar 3, 2015

PHP apps that implicitly seed their mt_rand do so according to the algorithm here:

http://lxr.php.net/xref/PHP_5_4/ext/standard/php_rand.h#46

#define GENERATE_SEED() (((long) (time(0) * getpid())) ^ ((long) (1000000.0 * php_combined_lcg(TSRMLS_C))))

There's not a whole lot of entropy in the unix timestamp of the server start plus PID. This would make breaking PHP apps that use implicit seeding a lot easier.
@altf4
Copy link
Owner Author

altf4 commented Apr 23, 2015

On my Linux system, pid_max is 32768:

cat /proc/sys/kernel/pid_max
32768

We might be able to safely include all possible PIDs, or maybe just some on the lower end. 32k isn't that many.

time(0) can be limited to a reasonably likely window, too. Maybe just the last year or so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@altf4