BG - Untwisting the Mersenne Twister: How I Killed PRNG - moloch & Dan 'AltF4' Petro

please respect the speaker while you're in here silence your cell phones otherwise enjoy the presentation oh okay Ivan like fun hi you

enjoyed lcds it wasn't like document number one the document number two it was just a random number that was being generated right it was a fairly large random number two where you like wouldn't want to be able to brute force that absolutely couldn't room force it online you couldn't send like a request every single time and he was just using like the standard like insecure random number generator and so this is normally where like as a penetration tester the finding ends we say well it's the random numbers are being generated and securely and maybe if we had a tool to like actually break us then we would you know you could theoretically grab everyone's documents and I felt like well like

that's something I like we could do really it seems like a reasonable sort of thing and then kind of spent a long time searching for such a tool and it turned out that like nothing actually existed there's a lot of cool tools that are proof of concepts that like do one very specific thing with random numbers that break them given an entire set of assumptions that are not really like usable in the real world that can't actually be used to break real web apps or you know applications generally so we want to make something that was like actually very practical something you can use to break real websites I'm using real random number generators that

aren't like some trivial ones that are you know made just to kick over like these are actual generators that are being used by all the major frameworks and so that's how this whole sort of thinking about you and then probably about six for six months later I need did you do the same thing in at Ruby web application so I took Dan sort of started the project and then I came along and I'm responsible for a lot of the threading and the addition of a couple more PR NGS and stuff like that and we've been we've been collaborating on it for a while now so okay um would get into a quick demo just to show you

what it looks like and then we're going to talk a little more about it about how it all works and that's working afterward

it's this they need it to me were some nightmare okay projectors okay so we have some output here from the mercy knee twister which is the one that we're going to be demonstrating here this is the direct output of the of the Mersenne twister a lot of times you know this will this will be the basis by which a password is generated or something like that so but these actually are also not sequential outputs or I don't believe they are these are just several outputs that we've gotten from the from any any application which uses this random number generator and they're found the seed so yeah the you can see in the bottom here it says it found the seed 3

1337 with the confidence of a hundred percent so it looked at the numbers that observed there so the idea is that you would be looking at whatever numbers are output from whatever program you're seeing they're here in decimal but it'll take it equally well in hex or whatever the actual application takes right and we'll talk a little bit more about like mangling scripts in the case that like if it's a generated password but this is just an easy example of how you can take some output from a random number generator throw it into the tool and then the tool will give you the initial seed that was used to generate those numbers yeah and as you can see right

there i deleted several of the numbers so it doesn't have to be sequential outputs as long as they're you know coming from the same seed we can reverse that and normally I should also probably make the point it takes a bit longer than this but this is an example so for the sake of time we've chosen a particularly weak seed but you can brute force the entire seed space pretty quickly since it's threaded ok we can come back to the the program again after we explain a little more of the inner workings it so that's kind of what it looks like so you're getting the actual output from an hour random number generator just the

raw numbers that it outputs and then you're getting the initial seed and from the initial seed you can then predict all future and past random numbers that are gonna be generated from that seed right so if that's the password then you're going to be able to get everybody's randomly generated password if it's a document idea you can get everybody's documents etc etc so it's going to be dependent on the context in which it's used but this sort of thing is obviously almost always a very important thing from a security standpoint so before we get into how that program actually works to recover the seeds we're going to talk a little bit about what is a pseudo-random number

generator and what you know sort of define what that is talk a little bit about the history here to sort of set the stage for breaking these so in nature you know that there's a lot of random sequences everywhere however and so traditionally what you'll do is you'll you'll do what something called sampling and you'll sample the this noise for example the static on a television is an excellent source of real randomness truly random data so you'll sample this to produce numbers and then you can use these numbers for whatever you need random numbers for this is called a non-deterministic algorithm I guess because we're taking a non-deterministic source of information and converting it to numbers machines on

the other hand are very deterministic and you know computers fall into this category their processes are repeatable and predictable so this is you know machines are deterministic by definition it won't be computers wouldn't be very helpful if you ran the same program on different computers and it did different things half the time although sometimes it happens with race conditions but for the most part machines are very deterministic and they do the same thing every single time so the first random number generator was actually developed for the in yak for calculating certain equations related to the development of the hydrogen bomb by someone called john von neumann a mathematician who is working on it at the time and basically he needed to

repeatedly do calculations related to the hydrogen bomb and he to do these he needed lots of random numbers but the in yak had very limited memory space so you can't take a truly random source and store all of those integers and do multiple calculation because the machine didn't have enough memory so he developed what's called the middle squares method and this is the first random number generator there's a lot of different kinds of random number generators this is just the first one and that is you take some truly random value called the seed and you simply square it and output this the middle this is where it gets its name the middle squares and whatever that output

is becomes the next seed and you square that and you output the middle and you simply repeat this process indefinitely now eventually this will repeat when it gets to a seed which it has a previously used the amount of time it takes for a random number generator to repeat is called the period and we'll talk a little bit more about that in a second but really the point here is that in nature a truly random source is from a non deterministic from sampling non deterministic data whereas a pseudo-random data is collected by introducing a seed and then getting output from a deterministic algorithm so that's really the difference that we're looking at here and we're going to talk

a lot about samples or I'm sorry the period as well as the seed because those are going to be really critical to the randomness of the data so this demonstrates the period this is called a random walk so basically we're taking output of a random number generator and drawing the line and the line changes direction based on the output of the random number generator the white line is from truly random data in the blue line is from a pseudo-random number generator and you can see that the pseudo-random number generator repeats itself over and over again whereas the truly random source just sort of walks around definitely and the the key takeaway here is that with a pseudo-random number

generator there are many sequences which cannot occur and that's one of the properties that we can use to recover the seat and we'll talk about how we do that in a little bit here so period size the machine you mercy knee twister has a very very very large period this is the number here this is how many sequential outputs you can get from the random number generator before it will repeat which is basically infinite there is not enough energy left in the universe to cycle the mercy knee twister with a given seed through all of its iterations so that's one important property however the mercy new twister is not cryptographically secure as hopefully we all know so the period size isn't

everything even though this has a very large period and it creates very good randomness it's not suitable for cryptography that point actually is worth emphasizing as well actually that the depth of any random number generator is for all intents and purposes infinite like even though strictly speaking given enough time this could like repeat right like for all intents and purposes its infant right so given a particular seed and you say just generate me random numbers it'll just keep on doing it functionally infinitely so that's going to be a challenge of ours as well kind of describe a little bit later okay so now let's say we have a random number generator and it has a very large period

which will never repeat and we get a bunch of output from it how can we determine whether or not that output is good randomness right we're using a deterministic algorithm to create non to simulate non-deterministic data so how can we sort of evaluate whether or not they have you know similar properties and it turns out that we can actually do this using something called the die hard tests that's actually its name yeah it came out the same year as die hard with a vengeance number three although personally I like live free die hard I guess that's why we're not actually sure that's why they called it them no but what we'd like to think so there's a

bunch of different statistics that you get you against these random number generators to see if you know their output resembles non-deterministic data so an example is like birthday attacks this test suite will look for collisions like that the craps test which is pretty cool considering we're in Vegas it basically simulates a bunch of games of craps like a hundred thousand games using the output of the random number generator and then sees if the outcome follows a certain distribution and that's a pretty important use case to write like people that are trying to implement random number generators for the purposes of running online gambling sites really want to make sure that like if you're going to run a craps game on the basis

of this random number generator that it's going to be fair right it's not going to like give the house and like a a bumper well they wouldn't mind that I guess make sure they would give all the players a bump or something like that so want to make sure that like given certain realistic applications that the generator is going to be fair then another one that I like is the monkey tests and this is the old like you know if you have an infinite number of monkeys banging on a typewriter you get all the works of Shakespeare so what you do is you take the opportunity and convert it to words and then see how

many English words actually come out and that should also follow a certain distribution and if it doesn't we know that the data is not truly random and we should expect to see words right like by the infinite monkeys theorem but we shouldn't expect to see we should expect to see a very specific amount yet there's a certain distribution that looks like so the mercy knee twister which is the focus of this talk I guess passes all of these tests and it has a very large period but it's still not suitable for cryptography we can still recover seeds so how do those work well a lot of times the seed is just very poorly chosen and this is this is true

of pretty much every major programming language I know Ruby Python PHP I'll use a combination of time in milliseconds the PID sometimes people will like read from stack memory and then throw that in even though that doesn't I mean that varies but is certainly deterministic or they use a combination of these or they'll use a hard-coded random value which is what Sony did on the PlayStation 3 very famously poor there ECC so they were calculating signatures on all their binaries on the PlayStation 3 which requires a random number but since they use the same random number every single time you can actually calculate their private key and this was done in 2010 by a group of researchers

this is a relevant XKCD yeah it is it's funny but at the same time it kind of cuts the heart of like what randomness is to like it just returns for and it might actually take you a little while to realize that this wasn't a random number generator or that it's just a really poor one perhaps because it's entirely possible that you have a very large stretch of the number four in the middle of a legitimate even cryptographically secure random number generator and that that's really what pseudo-random number generators do is they stretch entropy so we have a little bit of hopefully truly random data for the seed and then we stretch that entropy across a very large sequence so

now Dan is going to talk about attacks against random number generators so we're going to some of those properties of random number generators or all the things that are potential weak spots that we can attack right so the first thing that you might be thinking about doing for attacking random number generators is the seed right so if the seed is the single value that's going to determine all the random numbers from very beginning all the way to the end then if we know that value then we know the whole thing so in most of the cases here we're going to be trying to recover the seed trying to find some clever way of taking empirical output from the

generator and getting the seed so the first way obviously is just a guess what the seed value is and in many cases that's really possible so they're 32-bit seeds 32-bit integers rather are the seed values for pretty much every generator like geode seer and the Mersenne twister or pretty much all of its variants on the windows would sear and they're all 32-bit seeds just an unsigned integer or sind in der it doesn't matters with a 32-bit in so there's 4.2 billion values there which is not a whole lot of entropy so that's something that can absolutely just be heard for an off about right so that's certainly within the the tolerance of an offline attacks

that's also important here is we're not talking about online brute force attacks so like often with password based systems if you want to try to guess somebody's password you actually have to send a request out to the web server and say is this the person's password no is this person password now and that kind of thing fails because you have to wait a really long time for the request to come back and then you might have the server like timing you out or something like that so this is obviously only an offline attack so we're not going to be doing any like cumbersome requests out to a server so because we can do this all out was just limited by cpu power

and even though you know regular laptop is able to group force through 4.2 billion values in a reasonable amount of time certainly within the amount of time that'll finish within an ordinary pen test and also on time stamp based seeds so the 31,000 31 31 million values is the number of seconds in a year so the that's a much much smaller value right do I see a hand sure I'll take a question so the question is w tried using amazon to guessing the seats um we have just been using our own cpu power and laptops if you really wanted to immigration i'll talk about distributed computing for breaking the stuff at the end yes Oh at least in practice um the

just using a regular laptop has worked for me so far that it hasn't there the brute forcing does help the bigger more powerful machines you have especially if you're talking about a greater depth which something I'm going to mention a little bit but VF for obvious ordinary use case pretty standard machines are good enough so a time stamp based seeds especially like unix timestamp swords one per second is very very easy right even if you know the broad up time of the server which by the way is often given to you in HTTP headers like the uptime with server you give a pretty good idea of what the timestamp is going to be that was for the generator a lot

of times it also give you the web server will be very helpful and tell you how long it took to process a request so you can start with the HTTP response time and then count backwards that many milliseconds or whatever and if the seat is based on time it's going to have to occur within time for him so it's very easy to narrow down the seed and even some of the other values that we talked about like process IDs things like that are not very random at all on process IDs tend to be very short if you ever just look at a random process ID on your computer if they're a very short number you can enumerate all

through the not all possible process IDs but they're all extremely likely process I these very quickly so we weekly report chosen seeds are the number one way to break a random number generator so yeah we provide an easy framework for doing that with trying to match as many different algorithms as possible so yeah so given so we're going to talk a little bit about here the actual algorithm that's used to check whether a see whether a particular seat is correct or not so we have a set of given numbers so here they're just two digit numbers in reality they're going to be much larger than that but this is a good visual aid right here so like 40 to 60 127 etc case

you could agree that we're going to say these are our given set of observed numbers from the random number generator so suppose you're on some site and you see those are the document IDs that are getting thrown out from some website that's you know storing documents online so we try a seed we just say you're going to strut see number 100 right so we calculate what that number Jenner what the random numbers should be one by one and compare it to the head of the list here and ovid little animation in just a moment if it matches then you move to the next number and you can just continue until matches at the pound I'm

so this has a great property which is that it doesn't matter if the if our numbers are out of sequence so yeah here you can see we can be back Oh does it just on automatically okay go back yeah so suppose we have on 42 so that the top line is our observed numbers the numbers that we've just seen from whatever website were attacking and so the bottom numbers are this the random numbers that are being output by our generator right so for any particular seed so we're going to do is we're going to try getting a first number the first number is 45 that's not the right one the next one is 33 not the right number right 42

oh ha we got the number 42 rates that's a hit so now we look for the next number so 97 is a Miss didn't get anything 61 aha that's a hit so we move on ahead again so then we say 27 that's another heads so we move forward a little bit 75 we get another hit there was a little bit off for some reason 49 is a Miss that's not a big deal just keep moving like 51 is another miss 89 there is a go there's another hit and then you keep on going until you get to the end so what's notable here is that this means that the numbers that we observed from the website right the top

number are not sequential and so that's a really big deal for making this attack realistic making it weaponize abul because if you're grabbing ids from a website that's live then chances are you're not the only one getting values from the generator right there might be just other users that are going to be you know getting other random values from this thing so like in the middle there there's going to be this entire chunk of somebody else who uploaded a document now that's their number right so requiring sequential numbers we try to avoid at all costs so that's something that we do here with this you know quick little algorithm

and we will be able to predict everything from that or not because we have the entire internal state right because any number is defined as just the sum of the two previous numbers but only going back as far as 31 spaces the only trouble here is that we're missing the LSB s so if you just try straight up adding the values that you see they're going to be off by like one and then the next time you try dang and they're gonna be off by two and the next time we're gonna be off by four and pretty quickly there to be totally different numbers so we have to do some fancy math to try to

recover the LSB s but minus that the basic algorithm here is pretty straightforward you just observe 32 consecutive numbers anywhere and then that's it that is the internal state and so you never actually get the internals you never get the initial seed from this which is sort of interesting all you get is a state and then from the state you can go backwards and forwards to predict all future and past values so grabbing the least significant bits there's kind of two methods that we use there's the yes in check where you take the internal state you assume that all the LSB sr0 right and then you just see how well does that predict all the numbers that

I've observed and so you get some measurement of how well that how well that predicts my random numbers and then you try flipping a bit and see if that improves or makes the your prediction worse and if it made it better than you and then you keep that incremented right so that works somewhat well and then there's the boolean algebra way which we also do which is I think a little bit too mathy for this to be really long but yeah LSPs are essentially a big boolean equation where you know that these two values have an or relationship and it also has an X or relationship and these two numbers have an hand relationship and so you can just map that out and

take care of it like some giant boolean equation though it is notable that it you do actually need more than 32 consecutive integers for this to be completely sure if you have less than I think it's a hundred thirty-two remember correctly then it's possible to get a false positive where you'll have an internal state that says here is it perfectly predicts all the numbers you've given me but if you were to try that against the actual website again then it might start differing so if you can get the more consecutive numbers better yeah doing this conscious just like with anything and pen testing the more information you have about a target the more accurate you can exploit

something so yeah alright so the core application is written in C++ I don't I much prefer Python to C++ and C just because it's more fun and I don't have to worry about like memory and stuff so we've gone ahead and written python bindings for this application as well as you saw before we have a command-line interface so you don't have to even worry about all the stuff we just talked about you just have to get output from the random number generators and then let untwist or do all the math and stuff for you but let's say you know if you wanted to distribute this on Amazon ec2 or something like that in C put C C++

world you're going to have to write like open mpi bindings or something like that which can be very troublesome and annoying but C++ does have are something that Python cannot and that's in the threading so in the C Python implementation there's something called the GI L the global interpreter lock which basically prevents Python byte codes from executing concurrently basically what this means is that threads in Python are not performant they won't consume multiple cores if you want to you know if we're interested in performance threads in Python are still useful for certain things but not for utilizing multiple cores but this is something C++ can do very easily because its native code so what we what you can

do is and this is what we do in on twister is you basically define a python interface to your C++ code and suspend the Python execution and then let your native code run and then restore the Python thread state after you're done and this allows us to call a Python function which executes C++ code on multiple cores but we get back a Python object and it's completely transparent to the Python code and what this is really powerful for is we can do something like our PI C which is remote Python call which basically allows you to call Python functions across a network and so basically we can set up a server with multiple nodes call

a single Python function which will execute C++ code on multiple threads across multiple machines and it just looks like a normal Python function it's very very simple and I'll demo this in a second too so the code is available on github right now on any of those repos bishop foxes the company ulta for is down here at Moloch decrement I guess so you can find that the latest code is probably it's up on the bishop Fox get up a gap so you just go to github com / Bishop Fox you'll see untwist are there in our repos so the python bindings like also worth mentioning for output mangling oh yeah well demo okay as you

can see we have a nun twister s oh this is just a normal shared object similar to a dll if you're familiar with that on Windows so what we can do is we just we can import the shared object just like anything else so we just actually imported that shared object even though it doesn't contain any Python code it's just a C++ shared object and we even get like we even get doc strings and stuff which describe it it's just like a normal Python function and we can so this is a test script which is equivalent to the command that I ran earlier and as you can see you just this is all the code that we have and it just

looks like normal Python code but when we run it it actually returns a Python object which is a list of tuples with this in the confidence so we can manipulate those just like any other Python object even though we're calling C++ code and the C++ code will actually throw Python exceptions to so if there's a mistake or something it'll the C++ code will throw a Python exception and we can just have all of the logic for that handled in our Python code and we don't have to write any C++ code and like have to worry about recompiling stuff and then linking it against the proper libraries and whether or not we're performant or not it's all handled by the c++ and we

maintain multiple threads of execution with this model as well so you know the Compton's levels i think is something we didn't mention that's worth that's bears mentioning so the confidence levels are based off of how many of the correct hits we got so we have an intial set of observed values right and perhaps we just didn't go deep enough or something like that and we got we observed half of the values but then we didn't see the second half right so we say well we're starting to get like right values but we didn't get all of them so it might have like a confidence level of say fifty percent so you see a competence level

one hundred percent that means we in fact predicted all the observed values so the confidence level is sort of what it might sound like it's kind of how sure the program is that this is the correct seed and you can set that to various thresholds if you want to back only give me outputs that are one hundred percent or maybe if you only get a couple of outputs then that's good enough for me it's also worth mentioning that in a lot of interpreted language well the underlying system may use something like the more scenic twister you're not really calling you know so for example in pipe the Python ran function uses mercy knee twister but

Python doesn't have 32-bit integers right integers of Python are arbitrary precision so there's actually like some exhorting and stuff that happens when you call like random dot R and int which returns a random integer between a certain range so in the field you may need to add logic in front of or behind the actual brute-forcing of the seed and that's another thing that this Python interface is really good for we're also going to soon pretty soon we'll have support for tamper data scripts so you can define on call back to manipulate the output before we compare it against the list of observed values and that's how you can break that like random dot R and int

sort of stuff so no I guess it that's about it yeah we have our contact information at the end of the slides here I guess it bears mentioning that we're hiring so if you're ever felt this was super cool and one to work and that's where that will take questions the question i've got a microphone hold on okay good this will be better than me having to repeat probably you mentioned that the depths can be selected by the person running the script in your experience thus far what kinds of depths have been typically required to get various levels of confidence in the data returned yeah I think that in the instances that I've used this for actual

pen tests have been on like test environments not like a lie of production machines that have been running for a really really long time so the deaths have been pretty short so like you know 10,000 or something a guy who's been pretty sufficient so this on a QA environment that's not going to get a whole lot of traffic and of course dependent on the context if you're doing things like password resets and that's a pretty uncommon thing that's not going to happen very often so even on a production system you're going to get what may be a few dozen or something like that a day depending on the size of the site so it's even hard to give you a

ballpark but on something that might be like you know if you even just visit a page and then that you know God gets a new random number then that's gonna happen like all the time you might be getting tens of thousands of hits hour or I don't know right so that it's really hard to say for instance but yeah the instance that I've done it I'm like on from non production systems on relatively quiet boxes like a thousand ten thousand is pretty I'm sufficient and that's something that's innumerable on a pretty ordinary laptop too I was just curious what the moloch affiliation is is that just a name you guys made up or is that the AOL packet capture I had

it before AOL for the record it's a reference to buffy the vampire slayer which is TV series and there's a demon that gets uploaded to the internet so my name is a reference to hockey that makes your programs go faster you should try it sometime yeah with all these random number issues wouldn't it make sense to just all of us use secure random number generators or other serious performance issues and they has recently been a debate that Linux should get a random number Cisco so do you think this will change things and the because I think it may just make sense to say our programming languages should always use secure and remember generators and we're done and we don't

have this problem yeah the that's a really good point about the actually saw the patch file for that the Linux kernel system call for I get random numbers I think that's a great thing because I'm in many cases people want to do the right thing like they want to use secure random numbers like on there you know in bed and environment or something like that but then you have a logistical programming problem of like how do you actually get it you want to read from Deb you random but like maybe w random doesn't exist in your system so you try like diff random but you really shouldn't be trying to have random maybe it's an in the proc file system or who

knows right like what do you like what do you do so there's a lot like I think openssl had a famous problem where like they tried all these things they tried like Debbie random and they tried to brand him and then they tried something else and eventually defaults it down to something like really horrible that's like wasn't random at all that's upset that's the where the stack memory came from exactly right that got him into like a lot of hot water and so that sort of thing can be alleviated by just having a system call in the linux kernel that says give me some random yeah the the the nice thing about random numbers in a program is that they're very easy

to swap out since you shouldn't know what they're going to be anyways hopefully so yeah it really does I mean for probably like ninety-nine percent of the use cases of random numbers in applications you can use cryptographically secure random number generators it's just that developers aren't aware of the problems with like default rand or random and python and things like that and partly there there is some legitimate doubt being put on to whether or not these an exploitable right that's kind of the thrust of our tool on twister is that these problems have been well known for a long time and we want to make that clear that like there's not any new like theoretical ground being broken I'm here

like this is really just an implementation of attacks that other people have done or an implementation in a way that's actually usable for real pentest music the only time you really should be using pseudo-random number generators or like not cryptographically secure pseudo-random number generators but like mercy knee twister and stuff is if you need a random sequence to be repeatable so for earlier we talked about John von Neumann and his calculations related to the hydrogen bomb so he needed to rerun calculations on something that seemed on the same sequence of randomness each time so if you need the same sequence of random numbers every time that is a definitive use case for pseudo-random number generator for pretty much anything else

you should be using a cryptographically secure so legs like video games for instance like if you want to have like some random numbers being generated every time you shoot a gun like whether it goes up or down or something like that right the bullet spray or how much damage you do or something like that but then you also want to be able to take a save file and replay it from start to finish that kind of means you have to use a deterministic like insecure random number generator you can't use truly random numbers each time otherwise like you wouldn't be able to unless you saved all them individually yep yeah yeah yeah you could you yeah that's that's correct

you could use a most secure random number generators will not allow you to control the seeds because they'll use entropy pools so they'll be pulling lots of though basically the pulling seeds from multiple areas and then mixing them into a pool of entropy so like at least hopefully and to a point you made earlier there actually are potential performance hits that you can take on secure random number generators especially if you have to go through the system column interface and that's going to be a bit of overhead in a way that you're not going to be hitting by just calling a you know library call but for the vast majority of instances where you really need secure ness in your branded

members like that tiny bit of system call winner like overhead is not worth you know risking your data I'm especially if you're talking about password resets or something like that would happen so infrequently to the point of it being a negligible amount of performance head we have other questions like from a practical purpose which frameworks have you had success against are you just against custom applications or have you seen third-party frameworks that are falling down on this kind of stuff um so the default PHP so PHP does both like rand and mt r and r by default like the Mersenne twister one of the challenges we've had however even within the rahsaan twister itself is that like the

slightest of differences in like how its set up or the actual algorithm causes it to be two totally different numbers to the point where it's actually hard to reproduce so in trying to implement the PHP's Mersenne twister I literally just copied out the source code from like the PHP source because of course PHP isn't written PHP for obvious reasons rights pregnancy so just go there is a version of PHP written in page I wouldn't recommend it the the the actual see file like when i took it copied into my own program and ran it gave me different numbers than a PHP program was I could not figure out for the life me why I was

doing that because the tiniest of differences in terms of implementation will cause you totally different numbers but yeah in terms of actual successes on PHP has been really good and then of course local like desktop apps or you know anything that's native code running particularly G lives here and um is something that's like really easily supported um oh as our call as a source of that problems you're saying I solar yeah aslr is generally just you know I don't believe you actually even need to use cryptographically secure random numbers for the SLR slide I mean it's probably a good idea to but really the idea of a SLR is that it actually the shift is just indeterminate at the time

that you're like injecting shellcode into a process so usually the entire memory space is shifted only one value and then use offsets and stuff even though I mean that would matter if you're trying to seed on the basis of life memory they're probably just calling I would assume on Linux it calls dev random and stuff so yeah but yeah that that isn't really a use case that we have for this application just because breaking a SLR is very contextual and dependent on like what libraries and stuff you have available to your shellcode and stuff like that so you have to like find a leak and then calculate the offset or calculate the slide and then jump to something so it's

not really something that this is meant to solve so maybe time for one more question if any additional question okay thank you very much gentlemen excellent thank you