|
Message-ID: <CACYkhxirraZ9g4HForJBSSTfckHXuinkrz3zwagW_jq0JKLUwA@mail.gmail.com> Date: Tue, 16 Jun 2015 21:04:52 +1000 From: Michael Samuel <mik@...net.net> To: oss-security@...ts.openwall.com Subject: Re: PostgreSQL - Predictable cancel key Hi, On 16 June 2015 at 20:15, Pierre Schweitzer <pierre@...ctos.org> wrote: > Well, I've thought about it, but that's still one million seeds and > the cancel key you're looking for might have been generated after > several random() call. So, that means perhaps 10 millions values to > explore? (If we make the hypothesis that for a given initialization, > it will only draw 10 PRN) > This is CPU, maybe GPU territory. 2^15-2 * 10m =~ 2^38 work offline. > How relevant would still be your cancel key once you found it? In the postmaster mainloop: ConnCreate() RandomSalt() -- the md5Salt craziness in the original post BackendStartup() MyCancelKey = PostmasterRandom(); No other calls to random(), srandom() that I can see, and the other calls to PostmasterRandom() are generating cancel keys for worker procs. So if you brute the md5Salt you have a pretty good chance of guessing something that was/is/will be a cancel key of another session. Regards, Michael
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.