Algorithm

AES (Advanced Encryption Standard)

AES-CBC Bit Flipping Attack

AES-CBC Padding Oracle Attack

AES-ECB Padding Attack

Ansible Vault Secret

Atbash Cipher

Base32, Base64

Caesar Cipher

Camellia Cipher

Certificates

Cryptography

DES (Data Encryption Standard)

Diffie-Hellman Key Exchange

ECC (Elliptic Curve Cryptography)

ECDSA (Elliptic Curve Digital Signature Algorithm)

Fernet

GPG (GNU Privacy Guard)

HMAC

KDBX Files

Kerberos TGT Cracking

Length Extension Attack

MD4, MD5

Multi-Tap Cipher

NTLM, NTLMv2

PEM (Privacy Enhanced Mail)

PGP (Pretty Good Privacy)

PKCS (Public-Key Cryptography Standards)

PowerShell Credentials

RAR (Roshal Archive)

RIPEMD

ROT13, ROT47

RPNG (Pseudo Random Number Generator) Guessing

RSA (Rivest Shamir Adleman)

SHA1 Hash Collision Attack

SHA1, SHA256, SHA512

Transposition Cipher

Vigenere Cipher

Key Derivation Function

Bcrypt

PBKDF2

Scrypt

Tool

John the Ripper

Math

Chinese Remainder Theorem

Exponentiation

GCD (Greatest Common Divisor)

Modular Congruence

Quadratic Residue

Bit Wise Operation

AND Bitwise Operations

OR Bitwise Operations

Shift Bitwise Operations

XOR Bitwise Operations

Conversion

Convert Binary to Int in Python

Convert Bytes to Hex in Python

Convert Bytes to Int in Python

Convert Bytes to Matrix in Python

Convert Bytes to String in Python

Convert Character to Binary in Python

Convert Character to Unicode in Python

Convert Hex to Bytes in Python

Convert Hex to Int in Python

Convert Int to Binary in Python

Convert Int to Bytes in Python

Convert Int to Hex in Python

Convert Int to String in Python

Convert Matrix to Bytes in Python

Convert String to Binary in Python

Convert String to Bytes in Python

Convert String to Int in Python

Convert Unicode to Character in Python

Zero Padding in Python

RPNG (Pseudo Random Number Generator) Guessing

Last modified: 2023-07-30

Cryptography

We may be able to predict numbers from the previous generated numbers because PRNG does not generate truly random numbers.

Investigation

Suppose that the following RPNG program in Python. The seed, which is used for the random number generator, is generated from the time when the program runs.

import random
import time

seed = int(time.time())

random.seed(seed)

num = random.randint(1, 100)
print("Generated number: ", num)

If we can get the seed, we can generate the same number as this program.

Exploitation

There are several ways to guess the number. Here are some of the examples.

Run Program at the Same Time

If we can retrieve the program source code, we can run the custom exploit inherited from it, then run it at the same time.

Get the Seed from Target System Time

If we can know when the program executed in target system, we may be able to calculate the seed from the system time of the target.
We can calculate it in online tools like Epoch Converter.
When retrieving the seed, we can put it on the original code as below.

# This is the seed which is retrieved from the time generated random numbers.
seed = 1724169824
random.seed(seed)

As a result, we can get the same number whenever we run the program.

ON THIS PAGE

Investigation Exploitation