source: trunk/src/nextrand.c @ 85

Last change on this file since 85 was 5, checked in by tmorgan, 12 years ago

made nextrand more user friendly

File size: 2.1 KB
Line 
1/*
2Simple tool to generate the next [num] subsequent random numbers using Java
3Random.nextInt(), given any two sequential outputs of this method.
4
5Copyright (C) 2012 Virtual Security Research, LLC
6Author: Dan J. Rosenberg
7Updates by: Timothy D. Morgan
8
9 This program is free software: you can redistribute it and/or modify
10 it under the terms of the GNU Lesser General Public License, version 3,
11 as published by the Free Software Foundation.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program.  If not, see <http://www.gnu.org/licenses/>.
20*/
21
22#include <stdio.h>
23#include <stdlib.h>
24
25#define MULTIPLIER 25214903917L
26#define ADDEND 11L
27#define MASK ((1L << 48) - 1)
28
29unsigned long long seed;
30
31int nextInt()
32{
33  seed = (seed * MULTIPLIER + ADDEND) & MASK;
34  return (int) (seed >> 16);
35}
36
37
38int main(int argc, char **argv)
39{
40  int i, num;
41  unsigned long long r1, r2;
42 
43  if (argc != 4) 
44  {
45    fprintf(stderr, "[-] Usage: %s rand1 rand2 num\n", argv[0]);
46    fprintf(stderr, 
47            "[-] Note that rand1 and rand2 must be signed integers returned in sequence\n"
48            "    from a single Java Random instance.  Values provided must be generated\n"
49            "    by Random.nextInt() which was called with no arguments.\n");
50    return 1;
51  }
52 
53  r1 = atoi(argv[1]);
54  r2 = atoi(argv[2]);
55  num = atoi(argv[3]);
56 
57  for (i = 0; i < 65536; i++) 
58  {
59    seed = (r1 << 16) + i;
60    if ((unsigned int)(((seed * MULTIPLIER + ADDEND) & MASK) >> 16) == (unsigned int)r2) 
61      break;
62   
63    seed = 0;
64  }
65 
66  if (!seed) {
67    fprintf(stderr, "[-] Seed not found.\n");
68    return 1;
69  }
70 
71  fprintf(stderr, "[+] Seed %.12llX found based on provided values: ", seed);
72  fprintf(stderr, "%d %d\n", (int)r1, nextInt());
73  fprintf(stderr, "[+] Next %d values:\n", num);
74 
75  for (i = 0; i < num; i++) 
76    printf("%d\n", nextInt());
77 
78  return 0;
79}
Note: See TracBrowser for help on using the repository browser.