Randomness Attacks
Proof of concept regarding the attacks affecting PHP applications and a description of the mathematics behind them will be presented in :
George Argyros and Aggelos Kiayias, I Forgot Your Password: Randomness Attacks Against PHP Applications, USENIX Security, Bellevue, WA, August 8–10, 2012.
A full version of the paper [pdf]
Software:
1. A function for producing secure random bytes is published in github.
2. We released Snowflake, the first package of the three that we will release, and its available in github. This tool will assist the creation of seed recovery attacks; all necessary documentation is available in the README file. Software that will come in the following days: (*) The online gaussian solver along with a python interface in order to mount state recovery attacks against Mersenne Twister generators. (*). A python based library to create bruteforcing exploits in order to exploit vulnerabilities which include time entropy where we might need to make several thousand requests.
Impact:
A number of popular web-applications are affected. See the following:
http://developer.joomla.org/security/news/396-20120305-core-password-change.html
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html