Random security
REV MEDIUM - 452
The first thing to notice is that the random generator that was used in the java program was not truly random and so it was a question of finding out how it worked.
Naturally I looked for guidance using google and after surprisingly not many searches, I found this blog https://franklinta.com/2014/08/31/predicting-the-next-math-random-in-java/
It detailed exactly what the question was asking, how the Math.random() works and how to reverse it with 100% certainty.
The lucky thing was that he even provided his COMPLETE CODE which I borrowed. (https://franklinta.com/2014/08/31/predicting-the-next-math-random-in-java/)
Extracting and setting up a java project that uses the code he provided I could provide a number from the server as input, find the RNG seed using the functions he provided and guess the next number using that seed.
All in all the code looked like so:
package org.example;
import java.util.Random;
public class App {
public static void main(String args[]) {
ReplicatedRandom rr = new ReplicatedRandom();
String num = "0.1608229152051377"; // string from server
// Assuming the argument is a string representing a double,
// replicate the Random that the double was generated from
if (rr.replicateState(Double.parseDouble(num))) {
System.out.println(rr.nextDouble());
}
return;
}
}
Feeding the server the output of this program gave the flag.
Last updated
Was this helpful?