Untwisting the Mersenne Twister: How I killed the PRNG

Presented at BSidesLV 2014, Aug. 5, 2014, 3 p.m. (60 minutes).

"Applications rely on generating random numbers to provide security, and fail catastrophically when these numbers turn out to be not so "random." For penetration testers, however, the ability to exploit these systems has always been just out of reach. To solve this problem, we've created "untwister:" an attack tool for breaking insecure random number generators and recovering the initial seed. We did all the hard math, so you don't have to! Random numbers are often used in security contexts for generating unique IDs, new passwords for resets, or cryptographic nonces. However, the built-in random number generators for most languages and frameworks are insecure, leaving applications open to a series of previously theoretical attacks. Lots of papers have been written on PRNG security, but there's still almost nothing practical you can use as a pentester to actually break live systems in the wild. This talk focuses on weaponizing what used to be theoretical into our tool: untwister. Let's finally put rand() to rest."

Presenters:

  • Dan Petro / AltF4 as Dan 'AltF4' Petro
    Dan Petro is a Senior Security Analyst at Bishop Fox (formerly Stach & Liu), a security consulting firm providing IT security services to the Fortune 500, global financial institutions, and high-tech startups. In this role, he focuses on application penetration testing and secure development. Dan has presented at numerous conferences, including DEFCON, HOPE, and BSides, and is the founding member of the Pi Backwards CTF team. Prior to joining Bishop Fox, Dan served as Lead Software Engineer for a security contracting firm. Dan holds a Bachelor of Science from Arizona State University with a major in Computer Science, as well as a Master's Degree in Computer Science from Arizona State University. Joe DeMesy is a Senior Security Analyst at Bishop Fox (formerly Stach & Liu), a security consulting firm providing IT security services to the Fortune 500, global financial institutions, and high-tech startups. In this role, he focuses on penetration testing, source code review, and mobile application assessments. Joe is an expert in secure development, fluent in several programming languages, and lead developer for The Planetary Assault System, an open-source password cracking platform. He co-founded both Root the Box, a capture the flag security competition, and [Buffer]Overflow, one of the largest active computer security clubs in the US. Joe is regularly invited to participate as a red team penetration tester for the Collegiate Cyber Defense Competition. He is a noted expert in the field of information security, having been quoted in InformationWeek and Dark Reading. Joe has also presented his research at conferences hosted by the US Department of Defense, and was recently recognized by the DoD for exceptional achievements in security contributions. Prior to joining Bishop Fox, Joe was employed as an IT specialist with a Fortune 100 electronics retailer where he responded to incidents and secured compromised systems. Joe holds a Bachelor of Science from the University of Advancing Technology, C.A.E. with a major in Computer Sciences.
  • Moloch as moloch

Links:

Similar Presentations: