Predicting V8’s Math.random() truncated outputs
i'm doing a research & working around Math.random() like a month ago. Math.random() uses XORSHIFT128+, so, if we can get the state of the PRNG, it'll be easy to predict future outputs.
It is public knowledge that Math.random() isn't a CSPRNG, quoting Mozilla's JS References :
Note: Math.random() does not provide cryptographically secure random numbers. Do not use them for anything related to security.
Anyways, we all know we can guess Math.random() future outputs by getting 3-4 consecutive outputs.
Here's a github repo about that -> https://github.com/PwnFunction/v8-randomness-predictor/tree/main
And here's another repo about the same topic (This even doesn't need consecutive outputs)
At this point, everything is very nice, but when we come to the Practical & Real world aspect, the things get really hard. In a practical scenario, the app's don't leak raw Math.random() outputs, right?
Let's imagine we have a NodeJS back-end that generates "random" numbers in a specific range with this function :
function RandomInt(min, max) {
let res = Math.floor(Math.random() * (max - min + 1)) + min;
return res;
}
After defining that function, let's suppose the server uses that function like this and retrieves the data to the client :
//Let's generate some random values in different ranges
var randomValuesTest = {
randomVal1:RandomInt(250,300),
randomVal2:RandomInt(0,900),
randomVal3:RandomInt(300,500),
randomVal4:RandomInt(0,800),
randomVal5:RandomInt(500,900),
randomVal6:RandomInt(0,800),
randomVal7:RandomInt(0,900)
};
return randomValuesTest;
I have zero Python knowledge, i tried to adapt the code but i haven't achieved it. So i come with a variety of questions and problems:
How i can adapt this script to solve this kind of problem?
Thanks for everything.
