[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Attacks based on predictable process IDs??

To: Full Disclosure <full-disclosure@lists.netsys.com>
Subject: Re: [Full-Disclosure] Attacks based on predictable process IDs??
From: Brett Hutley <brett@hutley.net>
Date: Fri, 28 Nov 2003 11:51:37 +1100

Brett Hutley wrote:

Folks, does anyone know why predictable process IDs are considered harmful?

Thanks for all the responses. I was analysing the randomness of the Windows random number generator - CryptGenRandom() [seems to display a high degree of entropy], and I thought I'd look at the randomness of Windows PID generation at the same time.

I'm sure there are apps out there that attempt to do crypto while seeding their PRNG with a predictable value like the PID. I was just wondering what other attack vectors exist for predictable PIDs.

Cheers, Brett

--
Brett Hutley [MAppFin,CISSP,SANS GCIH]
mailto:brett@hutley.net
http://hutley.net/brett


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Attacks based on predictable process IDs??
  - From: Brett Hutley <brett@hutley.net>

Prev by Date: [Full-Disclosure] Re: [ANNOUNCE] Python network security tools: Pcapy, Impacket, InlineEgg
Next by Date: Re: [Full-Disclosure] Antivirus Software Solutions?
Previous by thread: Re: [Full-Disclosure] Attacks based on predictable process IDs??
Next by thread: [Full-Disclosure] Stupid XP trick - BIOS DOS?
Index(es):
- Date
- Thread