I'm digging into UUIDv1 generation and bruteforce, in order to take control of a password reset feature of a website which sends a link with a get parameter token=UUIDvX.
I'm trying to identify which version of UUID hashing algorithm the server uses.
Being able to generate the right UUID would lead to any registered account takeover.
I found that UUIDv1 is based on 2 parameters to handle the randomness : the MAC of the host and a 10^-7 second precision timestamp (please correct me if I'm wrong).
I've also found that the MAC corresponds to the "hostid" in Linux systems, and that on a Debian machine, it is a fixed value (hexa) : 007f0101.
(just type hostid command in a Debian terminal to check that).
uuid.uuid1(node=None, clock_seq=None)
Generate a UUID from a host ID, sequence number, and the current time. If node is not given, getnode() is used to obtain the hardware address. If clock_seq is given, it is used as the sequence number; otherwise a random 14-bit sequence number is chosen.
from : https://docs.python.org/3/library/uuid.html#uuid.uuid1
When we set the hostid, the last 6 bytes (on 16 bytes produced uuid) never change from one test to another.
When we play with the nanoseconds, it affects only the bytes 9 and 10. (<= 9 999 nanoseconds), and bytes ~3-4 to 8 vary when we play with everything between the year and the nanoseconds.
So... to make a long story short, after a few more local tests, I found out that generating uuidv1 hashes always end the same depending of the input (here the hostid).
We may be able to deduce from this behavior that, on the website feature, if I get two different tokens ending, it would mean that the server does NOT use UUIDv1.
It seems logical to me, be I would like to know if someone shares my opinion here. Anyone ?
