-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathSG0005.htm
More file actions
134 lines (106 loc) · 4.59 KB
/
SG0005.htm
File metadata and controls
134 lines (106 loc) · 4.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<!DOCTYPE html>
<html lang="en">
<head>
<title>Weak random generator - Roslyn Security Guard</title>
<meta charset="utf-8">
<link href="css/bootstrap.min.css" media="screen" rel="stylesheet">
<link href="css/bootstrap-theme.min.css" media="screen" rel="stylesheet">
<link href="//fonts.googleapis.com/css?family=Ubuntu:400,500,700,400italic" rel="stylesheet" type="text/css">
<link href="css/font-awesome.min.css" media="screen" rel="stylesheet">
<!-- Custom styles -->
<link href="css/styles.css" media="screen" rel="stylesheet">
<!-- Mobile support -->
<meta content="width=device-width, initial-scale=1" name="viewport">
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="website" />
<meta property="og:title" content="Roslyn Security Guard" />
<meta property="og:description" content="Security Guard is a set of Roslyn analyzers that aim to help security audits on .NET applications." />
<meta property="og:site_name" content="Roslyn Security Guard" />
<meta name="twitter:card" content="summary" />
<meta name="twitter:description" content="Security Guard is a set of Roslyn analyzers that aim to help security audits on .NET applications." />
<meta name="twitter:title" content="Roslyn Security Guard" />
<meta name="keywords" content="security,owasp,csharp,c#,vb,.net,dotnet,asp.net,mvc,scanner,vulnerability,injection" />
<!-- IE 6-8 support of HTML 5 elements -->
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<![endif]-->
</head>
<body>
<a id="skippy" class="sr-only sr-only-focusable" href="#content"><div class="container"><span class="skiplink-text">Skip to main content</span></div></a>
<header class="navbar navbar-default navbar-fixed-top" id="top" role="banner">
<div class="container">
<div class="navbar-header">
<button class="navbar-toggle collapsed" type="button" data-toggle="collapse" data-target="#vertx-navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a href="/" class="navbar-brand"><img alt="Security Guard Logo" src="images/logo-small.png"></a>
</div>
<nav class="collapse navbar-collapse" id="vertx-navbar-collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="index.htm">Download</a></li>
<li><a href="#comingsoon">Tutorial</a></li>
<li><a href="rules.htm">Rules</a></li>
</ul>
</nav>
</div>
</header>
<div class="index-header jumbotron jumbotron-ad hidden-print">
<div class="container">
<h2>Weak random generator</h2>
<a href="/rules.htm" class="btn-info btn-sm" role="button">Back to rules list</a>
</div>
</div>
<section id="rule" class="rule-single">
<div class="container highlight highlight-left">
<p>
The random numbers generated could be predicted.
The use of a predictable random value can lead to vulnerabilities when used in certain security critical contexts.
</p>
<h3>Risk</h3>
<p>
</p>
<h3>Vulnerable Code</h3>
<pre>
Random rnd = new Random();
byte[] buffer = new byte[16];
rnd.GetBytes(buffer);
return BitConverter.ToString(buffer);
</pre>
<h3>Solution</h3>
<pre>
using System.Security.Cryptography;
RandomNumberGenerator rnd = RandomNumberGenerator.Create();
</pre>
<h3>References</h3>
<p>
<a href="http://projects.webappsec.org/w/page/13246945/Insufficient%20Transport%20Layer%20Protection">WASC-04: Insufficient Transport Layer Protection</a><br/>
<a href="http://cwe.mitre.org/data/definitions/295.html">CWE-295: Improper Certificate Validation</a>
</p>
</div>
</section>
<br/><br/>
<footer>
<div class="highlight-gray">
<div class="container footer text-center">
<p>.NET Security Guard is open source licensed under the <a href="https://www.gnu.org/licenses/lgpl-3.0.en.html">GNU Lesser General Public License 3.0 (LGPL)</a>.</p>
</div>
</div>
</footer>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<!-- Google Analytics -->
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-90570539-1', 'auto');
ga('send', 'pageview');
</script>
</body>
</html>