A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Stacking the Virtual Deck: Attacks by Predicting RNGs - Adam Schwalm Derbycon 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Stacking the Virtual Deck: Attacks by Predicting RNGs
Adam Schwalm
Derbycon 2015

Many program written today require the ability to generate pseudo-random values. There are many ways of doing this and most languages and platforms choose unfortunate defaults, allowing attackers to predict the output of these RNGs and launch a variety of practical attacks. I discuss how some of these RNGs work and how they can be exploited. I will also release and discuss a tool for performing RNG prediction. I am open to either talk length (there is no either option in this form).

I recently graduated from Mississippi State University and am currently a security researcher for Dynetics in Huntsville, AL. I primarily work in software reverse-engineering and tool development.

Back to Derbycon 2015 video list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast