This repository contains code snippets and POCs associated to our article on breaking Python's PRNG with a few values and no bruteforce.
The functions shared accross all POCs are located in functions.py.
- poc_predict : This POC shows how to predict the futur PRNG outputs given 624 consecutive outputs.
- poc_IFrom2S : This POC shows how to recover an initial state
I
value from a pair of current stateS
values. - poc_KFrom3I : This POC shows how to recover a value of
K
(the seed array) from three consecutive initial stateI
values. - poc_stateRewind : This POC shows how to rewind a full state
S
up to the initial stateI
.
- recover_32bitSeed : Example recovery of a 32-bit seed using 6 outputs.
- recover_64bitSeed : Example recovery of a 64-bit seed using 8 outputs.
- recover_FloatSeed : Example recovery of a 64-bit seed using 8 outputs. This time the PRNG is seeded with a float.
- recover_BytesV1Seed : Example recovery of a 64-bit seed using 8 outputs. This time the PRNG is seeded with bytes, using the version 1 algorithm.
- recover_BytesV2Seed : Example recovery of a 7 characters long seed using 8 outputs. This time the PRNG is seeded with bytes, using the version 2 algorithm (the default).
- recover_DefaultSeed : Example recovery of the operating system's CSPRNG generated seed using 624 outputs. The PRNG is not seeded explicitely (the default case).