# Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CWE-338)

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

**Stack:** JavaScript

- Prevalence: 高 频繁被利用
- Impact: 高 2 条严重级别为高的规则
- Prevention: 已记录 4 个修复示例

**OWASP:** Cryptographic Failures (A02:2021-Cryptographic Failures) - #2

## Description

When a non-cryptographic PRNG is used in a security context (such as generating session tokens or cryptographic keys), an attacker may be able to predict its output and compromise the security mechanism.

## Prevention

基于 1 条 Shoulder 检测规则的 Weak PRNG 预防策略。

### Key Practices

- Use of Math

### JavaScript

Use crypto.randomBytes() or crypto.randomUUID() for security-sensitive random values

## Warning Signs

- [HIGH] Math.random() used for security-sensitive operation: ...
- [HIGH] use of Math

## Consequences

- 绕过保护机制
- 获取权限

## Mitigations

- 使用密码学安全的随机数生成器 (CSPRNG)
- 在 JavaScript 中使用 crypto.getRandomValues() 或 crypto.randomUUID()
- 在 Python 中使用 secrets 模块,而不是 random

## Detection

- Total rules: 4
- Languages: go, javascript, typescript, python

## Rules by Language

### Javascript (1 rules)

- **Weak Random Number Generation in Security Context** [HIGH]: Detects use of Math.random() for security-sensitive operations like generating
tokens, session IDs, or cryptographic keys. Math.random() is not cryptographically
secure and can be predicted by attackers.
  - Remediation: Replace Math.random() with cryptographically secure alternatives.

### Typescript (1 rules)

- **Weak Random Number Generation in Security Context** [HIGH]: Detects use of Math.random() for security-sensitive operations like generating
tokens, session IDs, or cryptographic keys. Math.random() is not cryptographically
secure and can be predicted by attackers.
  - Remediation: Replace Math.random() with cryptographically secure alternatives.