Security Basics mailing list archives

Re: Session ID Analysis

From: John Morrison <john.morrison101 () gmail com>
Date: Thu, 12 Aug 2010 20:36:34 +0100

Mr. Mufambisi,

I put the data in to OpenOffice Calc and sorted the data. There are 2
or 3 of every entry. So, to me there is a repeating pattern and it is
not random.

On 12 August 2010 01:36, M.D.Mufambisi <mufambisi () gmail com> wrote:

Hi,

I have been analysing session IDs generated by a test site (for
security practice) using burp. Burp reports that the randomnes of the
sessionids is extremely poor. having a look at the session Ids, i can
tell the first 50 or so bytes are about the same on all sessionIDs.
And the other 10 appear to change. I bet burp got to this conclusion
based on the first 50 bytes or so. Suppose the developer came and said
yes, the first 50bytes are based on a calculation by date (hence they
are all teh same) but the last 10 bytes are extremely random...how
would i be able to confirm or deny this? I will paste a couple of the
sessionIds here and I would be most grateful if I got ideas of what
the changing bytes could be. Ultimately i want to see if i will be
able to predict sessionIDs.

May i also kindly have suggestions of software that i can use to find
solutions to the above or to analyse sessionIds. thanks. I will paste
a sample of the session Ids here for your perusal.

tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdexuhbbM/OzDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdexuhbbM/OzDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TcO5qjLLF8O/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TcO5qjLLF8O/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tdu9rhLHK9+rBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tdu9rhLHK9+rBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tde5qhLbF8ezAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tde5qhLbF8ezAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tculug7nL9unOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tculug7nL9unOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tculug7nL9unOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TeOhpgrfM8OjHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TeOhpgrfM8OjHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Td+lpjLPL9+fGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Td+lpjLPL9+fGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdelvhLbM/ebEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdelvhLbM/ebEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tc+ttgLHE9+zDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tc+ttgLHE9+zDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TcOpphLPK/e/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TcOpphLPK/e/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tdutph7jP/OrBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tdutph7jP/OrBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdepohrfL9OzAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdepohrfL9OzAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdepohrfL9OzAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TcuVsjbbI8+nOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TcuVsjbbI8+nOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TeORvjLXL/ejHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TeORvjLXL/ejHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Td+VshLDI/OfGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Td+VshLDI/OfGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdeVthrTE8ObEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+TdeVthrTE8ObEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tcu1jg7jJ/OzDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37D1DSfcgLqokBpnTBSEX+F+Tcu1jg7jJ/OzDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdeRsgLfI8O/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdeRsgLfI8O/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcOVsgrLN9+rBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcOVsgrLN9+rBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcOVsgrLN9+rBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TduRvjbHI8ezAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TduRvjbHI8ezAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tdu5qhrDO9unOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tdu5qhrDO9unOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdexjhrnJ8OjHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdexjhrnJ8OjHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcO1jgLTO9+fGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcO1jgLTO9+fGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tee5qgrjJ/ebEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tee5qgrjJ/ebEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Td+hphLLP9+zDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Td+hphLLP9+zDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdO5igrTN/e/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdO5igrTN/e/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdO5igrTN/e/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tc+9ijLDE/OrBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tc+9ijLDE/OrBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tee5tjLjO9OzAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Tee5tjLjO9OzAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdupogbjF8+nOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdupogbjF8+nOPaw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdelrgLbO/ejHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdelrgLbO/ejHP6s=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcOprgrLF/OfGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcOprgrLF/OfGPqw=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TeepojLnP8ObEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TeepojLnP8ObEOa0=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Td+RvhrPM/OzDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Td+RvhrPM/OzDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Td+RvhrPM/OzDOqI=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdexohLnF8O/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TdexohLnF8O/CP6M=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcO1ohrTK9+rBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TcO1ohrTK9+rBMa4=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TduxrgbPF8ezAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+TduxrgbPF8ezAMKM=
tQ0mWP3eTWy2dsm9ZEOvRB7djuKHP8lob8S37DxKSfcgLqokBpnTBSEX+F+Td+9vjLLL9unOPaw=

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Session ID Analysis M.D.Mufambisi (Aug 12)
- Re: Session ID Analysis John Morrison (Aug 12)
  - Re: Session ID Analysis M.D.Mufambisi (Aug 12)
- Re: Session ID Analysis PortSwigger (Aug 12)
  - Re: Session ID Analysis M.D.Mufambisi (Aug 12)
    - Re: Session ID Analysis Michal Zalewski (Aug 13)
    - Re: Session ID Analysis Luis MartinGarcia. (Aug 16)
- Re: Session ID Analysis Shankar Arjunan (Aug 13)
  - Message not available
    - White paper on Malware Analysis Sachin Chadha (Aug 23)