Nmap Development mailing list archives
Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets
From: jah <jah () zadkiel plus com>
Date: Thu, 24 Apr 2008 03:45:55 +0100
On 24/04/2008 02:54, Brandon Enright wrote:
The problem here is that the rng is being seeded with time every time it is called. Time is pretty biased and will generate a collision which will create a cycle in the prng (calls to rand()).
So this probably explains why I didn't see the issue whilst stepping through the code as much time passes between seedings whereas in realtime, it's probably only microseconds.
The solution to this is to drop the re-seeding code starting at line 184 of nbase/nbase_rng.cc (it is redundant and done in main.cc).
142 of nbase_rnd.c you mean? If so, patch attached. I've taken the liberty of removing the badrandomwarning stuff too - Kris K has already submitted a patch for this entire issue... http://seclists.org/nmap-dev/2006/q3/0240.html So, nice work Brandon and, retrospectively, to Kris! regards, jah
--- nbase_rnd.c.orig Mon Mar 3 15:21:50 2008
+++ nbase_rnd.c Thu Apr 24 03:24:49 2008
@@ -109,11 +109,9 @@
int get_random_bytes(void *buf, int numbytes) {
static char bytebuf[2048];
- static char badrandomwarning = 0;
static int bytesleft = 0;
int tmp;
int res;
- struct timeval tv;
FILE *fp = NULL;
unsigned int i;
short *iptr;
@@ -134,15 +132,6 @@
bytesleft = sizeof(bytebuf);
}
if (!fp) {
- if (badrandomwarning == 0) {
- badrandomwarning++;
- /* error("WARNING: your system apparently does not offer /dev/urandom or /dev/random. Reverting to less
secure version."); */
-
- /* Seed our random generator */
- gettimeofday(&tv, NULL);
- srand((tv.tv_sec ^ tv.tv_usec) ^ getpid());
- }
-
for(i=0; i < sizeof(bytebuf) / sizeof(short); i++) {
iptr = (short *) ((char *)bytebuf + i * sizeof(short));
*iptr = rand();
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [Bug]? -iR <num_hosts> on windows XP generates duplicate targets jah (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Fyodor (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Brandon Enright (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets jah (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Fyodor (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Brandon Enright (Apr 23)
- RE: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Thomas Buchanan (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Fyodor (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets jah (Apr 24)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Brandon Enright (Apr 30)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets jah (Apr 30)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets David Fifield (Apr 30)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Brandon Enright (Apr 30)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Kris Katterjohn (May 01)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Brandon Enright (Apr 23)
- Re: [Bug]? -iR <num_hosts> on windows XP generates duplicate targets Fyodor (Apr 23)