Use of Predictable Algorithm in Random Number Generator in beestat/app

Valid

Reported on

Jun 26th 2021


✍️ Description

The random number generator implemented by mt_rand() on session keys is not suitable for cryptographic purposes (generation of tokens, passwords, or cryptographic keys) either. mt_rand function that produces predictable values is utilized as a source of randomness in a security-sensitive environment, insecure randomness mistakes arise. In this case, function generate_session_key() generated weak random numbers is mt_rand in /api/cora/session.php at line 252.

🕵️‍♂️ Proof of Concept

// POC.php

https://github.com/ambionics/mt_rand-reverse/blob/master/display_mt_rand.php

💥 Impact

This vulnerability is capable of letting the attacker guess the session key of any user.

Ziding Zhang
7 months ago

Admin


Hey x3rz, since I was not able to find a security policy or other method of contact, I've created an issue on the repo asking a way to responsibly disclose this vulnerability. Waiting to hear back; good job!

We have contacted a member of the beestat/app team and are waiting to hear back 7 months ago
beestat/app maintainer validated this vulnerability 7 months ago
x3rz has been awarded the disclosure bounty
The fix bounty is now up for grabs
beestat/app maintainer
7 months ago

I have marked this as a valid weakness, although I disagree with the severity. Hashing the value after generation means it cannot be reverse-engineered. The uniqid() function has microsecond precision, and adding mt_rand() on top of that adds even more randomness to the generated key. That on top of the application rate limiting makes this a virtual non-issue.

That said, I have no issues updating this to use a cryptographically-secure algorithm like openssl_random_pseudo_bytes() or random_bytes().

beestat/app maintainer confirmed that a fix has been merged on 14bed9 20 days ago
The fix bounty has been dropped