bichhawat
commented
1 week ago Sorry Ruchit but without the attack, it is difficult to ask the fix from them.
Open RuchitJagodara opened 1 week ago
bichhawat
commented
1 week ago Sorry Ruchit but without the attack, it is difficult to ask the fix from them.
Here, same as I demonstrated in my issue #270. Here, also they are using the same pseudo random number generator mt19937 which makes the session token prediction possible. And as discussed in the issue #270, I can again disguise myself as another person and can withdraw some amount.
Proof of vulnerability of mt19937 can be found in LINK (You can find the exact topic with name "Inside the Pseudo-Random Number Generator (PRNG)" inside the paper), (in short, they have proved that numbers generated through mt19937 can be guessed).
From the LINK You can find the way of guessing the session token here. Bug again as I said in issue #270. I don't have very much knowledge of machine learning so I won't be able to display the attack here.
But because of use of mt19937 it makes it vulnerable to attacks.