I am creating an exericse for my users, where I am trying to tell them that using mt_rand() is not a good option from security point of view. What I did is that I showed them a normal user who gets a password reset email, the token is generated like this
mt_srand(ip2long( crc32($email));
$random_number = mt_rand();
Now I tell them once the user gets the token, we can reverse engineer it easily using https://www.openwall.com/php_mt_seed/, which would allow us to get the seed value for any randomly genrated value. My aim here is to show them if we get the seed, it would allow us to get access of admin token, or some catastrophic effect. but seems like getting the seed here is useless.
If the admin tries to reset his password, he will be using different email, thus a different seeding number and different random number. If I only have access to admin’s email, how can I show my audience the catastrophic effect of mt_rand using the same scenario?