search

rofl0r / proxychains-ng

proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
http://sourceforge.net/projects/proxychains-ng/files
GNU General Public License v2.0
9.74k stars 1.07k forks source link

Lack of randomness in rand() #541

Open guijan opened 9 months ago

guijan commented 9 months ago

rand() has a dozen issues even when you seed it with a RNG, most of which are not relevant here, but there's still at least one issue with it that is still relevant to proxychains.

If different instances of proxychains get the same result from time() or clock_gettime() and call srand(current_time) at the same time, then as long as their rand()s use the same algorithm, they will get the same result. This could be on the same machine or across different machines.

The easiest solution is to use a proper RNG. arc4random_uniform() is present on all the BSDs, macOS, Illumos, musl, dietlibc, recent glibc, Android, recent Haiku, but not Windows. On Windows, there's the equivalent BCryptGenRandom(). On Haiku, it's tucked inside a BSD compat library that is part of the system (you still have to link to it manually because it's not libc): https://review.haiku-os.org/c/haiku/+/32/3

rofl0r commented 9 months ago

If different instances of proxychains get the same result from time() or clock_gettime()

that problem was observed with the use of time() (one-second granularity), but it's been resolved by the use of clock_gettime() which has nanosecond granularity, which makes it impossible to have the same value twice.