Open mithrandi opened 6 years ago
This code: https://github.com/twisted/mantissa/blob/53e5502aba23ce99be78b27f923a276593033fe8/xmantissa/signup.py#L228
This should just use urandom. As it stands, I think an attacker can obtain one of these tokens and reverse it to get the state of the random.random() generator, then brute-force somebody else's token with a relatively tiny number of attempts.
This code: https://github.com/twisted/mantissa/blob/53e5502aba23ce99be78b27f923a276593033fe8/xmantissa/signup.py#L228
This should just use urandom. As it stands, I think an attacker can obtain one of these tokens and reverse it to get the state of the random.random() generator, then brute-force somebody else's token with a relatively tiny number of attempts.