Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Random generator #17

Open
xeroxtheprintlord opened this issue Jan 15, 2024 · 4 comments
Open

Random generator #17

xeroxtheprintlord opened this issue Jan 15, 2024 · 4 comments

Comments

@xeroxtheprintlord
Copy link

As it stands, the random generator implemented in the script is not even close to Math.random function that was used in JS.
You are using random.randit and that drastically differs from the Math.random.

Also, you are generating 1 hex key per seed, not knowing what values were generated by math.random before the output was thrown into Arcfour with the seed.
@demonluca
Copy link

As it stands, the random generator implemented in the script is not even close to Math.random function that was used in JS. You are using random.randit and that drastically differs from the Math.random.

Also, you are generating 1 hex key per seed, not knowing what values were generated by math.random before the output was thrown into Arcfour with the seed.

Interesting do you think it’s possible to fix? If your on telegram we’ve got a group discussion going your more than welcome to join https://t.me/+2Drmjbwu8fk1MjQ0

@XorkrX
Copy link

XorkrX commented Feb 6, 2024

generating random numbers through "class SecureRandom" and provision of seed value can create deterministic result. means we can get same result of random numbers for same seed value and then our PRIZE also if we are lucky in finding correct seed value. But then main issue is this code will work only if any vulnerable site used same process as "class SecureRandom" (finding or guessing exact creation date as seed time is next distant step). So the code will be different for each site ?

@demonluca
Copy link

generating random numbers through "class SecureRandom" and provision of seed value can create deterministic result. means we can get same result of random numbers for same seed value and then our PRIZE also if we are lucky in finding correct seed value. But then main issue is this code will work only if any vulnerable site used same process as "class SecureRandom" (finding or guessing exact creation date as seed time is next distant step). So the code will be different for each site ?

Hi if you want to discuss with others you can join us on telegram https://t.me/+2LNzborOVN1iOGI0

@JOHNNYMOULAND
Copy link

@XorkrX
Hey pal, can you take 5 minutes and help me with this. If i know the exact EPOCH time that my wallet was created, can i seed the math.random 3 source number generator to reveal my seed, which i can then figure out my ETH Private key/?
Thank you in advance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@demonluca @xeroxtheprintlord @XorkrX @JOHNNYMOULAND