This blog is about the educational (and sometimes entertainment) value of simple hacks. For active vulnerabilities, real names are concealed.
Wednesday, May 23, 2018
Low-Tech Random Number Generator Hacks
This is a fun one and doesn't require any programming knowledge or high tech.
Many systems rely on random number generators. They are typically found in games to create the environment's seemingly random behavior. But because random number generators start with a "seed" (a static number the pseudorandom algorithm starts with) it's pretty easy to predict what the next "random" action will be if the generator is restarted. The key is figuring out what triggers the generator's algorithm to restart. Within the context of a game, this might mean restarting a level puts all the enemies back in the same place... but what about other systems?
Years ago, I was a volunteer in a medical study related to measuring sleep deprivation. As part of the experiment, there was a cognitive test for reaction time (which helped the doctor measure how quality of sleep affected alertness... spoiler: it affects it quite a lot!). To perform the test, the user sits in front of a monitor and presses a button if they see a red dot appear on the screen. The dot, of course, appears at random intervals. However, I noticed if I accidentally pressed the button when the screen was empty, the dot would always come up after the same amount of time after the mistaken press. It was clearly resetting the system in some way. If I counted a few beats after my 'mistaken' press, I could predict when the dot would show up next. This was enough to rig it so I could react before even seeing the dot and get a perfect, superhuman reaction time score as a result: do a 'mistaken' press, wait, press, see red dot, repeat. After doing this for a few days, an annoyed researcher approached me:
"We're getting some impossible results... can you please try to stop doing what you're doing? Only press when you see the red dot? Thanks."
That's what he said, but his face said, "Stop messing around."
The study had a lot of control variables. For example, I wasn't allowed to have windows, computers, phones, live TV or clocks (to make sure my perception of time wasn't affecting how tired I felt). They suspected I was trying to count time because the IV drip had a "drips per second" metric on the display, and covered it with tape.
I do not recommend messing up the integrity of someone's scientific research just to try this out... but it seems that random number generators show up in lots of places that aren't games. It turns out they are so easy to hack, you just might do it by accident!
Subscribe to:
Posts (Atom)