diff --git a/nse_main.lua b/nse_main.lua index 421ebfc2b..aeef33b8e 100644 --- a/nse_main.lua +++ b/nse_main.lua @@ -96,6 +96,12 @@ local open = io.open; local math = require "math"; local max = math.max; +-- Due to heap randomization (on most Operating Systems), we can use a +-- Lua function address as a good seed for the C srand function. If there +-- is no heap randomization, it's still a decently random integer; that is, +-- it's no better or worse than os.time(). +math.randomseed(tonumber(tostring(function() end):match("function: (0x%x+)"))); + local package = require "package"; local string = require "string"; diff --git a/nselib/mssql.lua b/nselib/mssql.lua index fbc1fe748..ef898d5ea 100644 --- a/nselib/mssql.lua +++ b/nselib/mssql.lua @@ -1691,11 +1691,6 @@ TDSStream = { self._socket:set_timeout( MSSQL_TIMEOUT * 1000 ) status, _, lport, _, _ = self._socket:get_info() - if ( status ) then - math.randomseed(os.time() * lport ) - else - math.randomseed(os.time() ) - end end if ( not(status) ) then diff --git a/nselib/rpc.lua b/nselib/rpc.lua index 773570df2..0a2ae7dac 100644 --- a/nselib/rpc.lua +++ b/nselib/rpc.lua @@ -120,8 +120,6 @@ RPC_version = { ["mountd"] = { min=1, max=3 }, } -math.randomseed( os.time() ) - -- Low-level communication class Comm = { diff --git a/nselib/sip.lua b/nselib/sip.lua index 340847436..48890bde8 100755 --- a/nselib/sip.lua +++ b/nselib/sip.lua @@ -683,13 +683,6 @@ Util = { local str = "" - -- Seed the random number, if we haven't already - if (not(nmap.registry.sip) or not(nmap.registry.sip.seeded)) then - math.randomseed(os.time()) - nmap.registry.sip = {} - nmap.registry.sip.seeded = true - end - for i = 1, length, 1 do local random = math.random(#set) str = str .. string.sub(set, random, random) @@ -830,4 +823,4 @@ Helper = { return self.session:invite(uri) end, -} \ No newline at end of file +} diff --git a/nselib/tns.lua b/nselib/tns.lua index 4db70f68c..7fe9af076 100644 --- a/nselib/tns.lua +++ b/nselib/tns.lua @@ -86,9 +86,6 @@ local HAVE_SSL = false if pcall(require,'openssl') then HAVE_SSL = true - math.randomseed( select(2, bin.unpack(">L", openssl.rand_bytes(8)))) -else - math.randomseed( os.time() ) end @@ -1224,4 +1221,4 @@ TNSSocket = send = function( self, data ) return self.Socket:send( data ) end, -} \ No newline at end of file +} diff --git a/scripts/dhcp-discover.nse b/scripts/dhcp-discover.nse index fc5e4e360..5309887f5 100644 --- a/scripts/dhcp-discover.nse +++ b/scripts/dhcp-discover.nse @@ -82,9 +82,6 @@ end --end local function go(host, port) - -- We're going to need some low quality random numbers - math.randomseed(os.time()) - -- Set up a fake host for prerule if(not(host)) then host = {} diff --git a/scripts/dns-fuzz.nse b/scripts/dns-fuzz.nse index cf0522fd7..f7d1a1644 100644 --- a/scripts/dns-fuzz.nse +++ b/scripts/dns-fuzz.nse @@ -280,7 +280,6 @@ function corruptAndSend (host, port, query) end action = function(host, port) - math.randomseed(os.time()) local endT local timelimit, err local retStr diff --git a/scripts/nping-brute.nse b/scripts/nping-brute.nse index be9d82c58..3a55c011f 100644 --- a/scripts/nping-brute.nse +++ b/scripts/nping-brute.nse @@ -180,7 +180,6 @@ Driver = } action = function(host, port) - math.randomseed(nmap.clock()) local engine = brute.Engine:new(Driver, host, port) engine.options.firstonly = true engine.options:setOption("passonly", true) diff --git a/scripts/oracle-enum-users.nse b/scripts/oracle-enum-users.nse index 007478dec..eaee6dc3c 100644 --- a/scripts/oracle-enum-users.nse +++ b/scripts/oracle-enum-users.nse @@ -79,13 +79,6 @@ local function get_random_string(length, set) local str = "" - -- Seed the random number, if we haven't already - if (not(nmap.registry.oracle_enum_users) or not(nmap.registry.oracle_enum_users.seeded)) then - math.randomseed(os.time()) - nmap.registry.oracle_enum_users = {} - nmap.registry.oracle_enum_users.seeded = true - end - for i = 1, length, 1 do local random = math.random(#set) str = str .. string.sub(set, random, random) diff --git a/scripts/sip-brute.nse b/scripts/sip-brute.nse index bcb25f79b..72ae2c85d 100755 --- a/scripts/sip-brute.nse +++ b/scripts/sip-brute.nse @@ -73,7 +73,6 @@ Driver = { -- was successful which makes it impossible to tell successfull logins -- from non-existing accounts apart. local function checkBadUser(host, port) - math.randomseed( os.time() ) local user = "baduser-" .. math.random(10000) local pass = "badpass-" .. math.random(10000) local helper = sip.Helper:new(host, port, { expires = 0 }) @@ -103,4 +102,4 @@ action = function(host, port) local engine = brute.Engine:new(Driver, host, port) local status, result = engine:start() return result -end \ No newline at end of file +end diff --git a/scripts/smb-brute.nse b/scripts/smb-brute.nse index e7a4ddf29..761565491 100644 --- a/scripts/smb-brute.nse +++ b/scripts/smb-brute.nse @@ -172,13 +172,6 @@ local function get_random_string(length, set) local str = "" - -- Seed the random number, if we haven't already - if not nmap.registry.smbbrute or not nmap.registry.smbbrute.seeded then - math.randomseed(os.time()) - nmap.registry.smbbrute = {} - nmap.registry.smbbrute.seeded = true - end - for i = 1, length, 1 do local random = math.random(#set) str = str .. string.sub(set, random, random) diff --git a/scripts/smb-psexec.nse b/scripts/smb-psexec.nse index 4c947e062..99bd6a240 100644 --- a/scripts/smb-psexec.nse +++ b/scripts/smb-psexec.nse @@ -693,7 +693,6 @@ local function get_config(host, config) elseif(nmap.registry.args.key) then config.key = nmap.registry.args.key else - math.randomseed( os.time() ) config.key = "" for i = 1, 127, 1 do config.key = config.key .. string.char(math.random(0x20, 0x7F))