“Security expert Andreas Bogk warns that, despite recent PHP
improvements, the session IDs of users who are logged into PHP
applications remain guessable. Upon close examination, the alleged
improvements display frightening weaknesses.“PHP assigns a session ID in order to allow individual page
calls to be allocated to a specific logged-in user. To prevent
attackers from using a forged session ID to take control of a
session, the ID is chosen supposedly at random. When computers
require random numbers, invariably a pseudo random number generator
such as the Linear Congruential Generator (LCG) will be used. Such
number generators use complex mathematical operations to generate a
stream of numbers which are random at least in so far as it is
impossible to predict future numbers based on the numbers already
generated.”
PHP blunders with random numbers
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis