Tuesday, December 16, 2014

Predicting Struts CSRF Token (CVE-2014-7809)

A week has passed since the official release of Struts 2.3.20. I would like to now explain how CSRF tokens could be "easily" predicted by taking advantage of the vulnerability S2-023.

This article will be all about practical exploitation of a LCG pseudo random generator. Buckle up for code review, some math analysis and tons of hex fun!

True random number generator in action [Image Credit]