What starting position does this attack require?

The first step is Account takeover (T1078) — a initial access primitive. Assumed environment: a self-hosted Node / Java / PHP app uses non-cryptographic RNG for security-sensitive tokens.

What is the final impact of this kill-chain?

The final step lands on Reverse RNG internal state (mt-extractor) (CR-WEAK-RNG), which falls under Credential Access. From here, an operator typically pivots into post-exploitation or maintains persistence.

How can defenders detect or prevent this attack?

Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

← RegistryDossier · 6 steps · 5 edges

Approved

Predictable RNG → forge password-reset tokens

App generates reset tokens via Math.random / Mersenne Twister seeded with time(). Capture a few legit tokens, recover the internal state, predict the next token for any user.

Filed by AD Knowledge BasePublished 2026-05-26

§ Kill-chainDrag · zoom · scroll

Initial Access

Account takeover

T1078 · Valid Accounts

Initial Access

Request password reset for victim

T1078 · Valid Accounts

Initial Access

Collect several reset tokens from attacker accounts

T1078 · Valid Accounts

Persistence

Submit predicted token + new password

T1098 · Account Manipulation

Credential Access

Predict next token for victim account

CR-WEAK-RNG · Predictable Random Number Generation

Credential Access

Reverse RNG internal state (mt-extractor)

CR-WEAK-RNG · Predictable Random Number Generation

§ Context

Assumed environment: a self-hosted Node / Java / PHP app uses non-cryptographic RNG for security-sensitive tokens. Attacker can register accounts to obtain reset-token samples.

§ Steps

01
Account takeoverInitial Access
T1078— Valid Accounts
02
Request password reset for victimInitial Access
T1078— Valid Accounts
03
Collect several reset tokens from attacker accountsInitial Access
T1078— Valid Accounts
04
Submit predicted token + new passwordPersistence
T1098— Account Manipulation
05
Predict next token for victim accountCredential Access
CR-WEAK-RNG— Predictable Random Number Generation
06
Reverse RNG internal state (mt-extractor)Credential Access
CR-WEAK-RNG— Predictable Random Number Generation

§ References

T1078Valid Accounts
T1098Account Manipulation

§ Frequently asked

What is the "Predictable RNG → forge password-reset tokens" attack path?: App generates reset tokens via Math.random / Mersenne Twister seeded with time(). Capture a few legit tokens, recover the internal state, predict the next token for any user. It chains 6 steps drawn from real-world offensive-security techniques.
What starting position does this attack require?: The first step is Account takeover (T1078) — a initial access primitive. Assumed environment: a self-hosted Node / Java / PHP app uses non-cryptographic RNG for security-sensitive tokens.
What is the final impact of this kill-chain?: The final step lands on Reverse RNG internal state (mt-extractor) (CR-WEAK-RNG), which falls under Credential Access. From here, an operator typically pivots into post-exploitation or maintains persistence.
How can defenders detect or prevent this attack?: Detection and prevention vary per step. Refer to each linked MITRE ATT&CK entry under "References" — every technique on that page lists defensive controls, detection telemetry, and known threat-actor usage.

Predictable RNG → forge password-reset tokens

§ Context

§ Steps

§ References

§ Frequently asked

§ Related dossiers

Vish helpdesk → Okta MFA reset → admin → ransomware (MGM-class)

Flash-loan governance attack → DAO admin

Vishing → helpdesk MFA reset → account takeover

MFA fatigue / prompt-bombing → M365 admin compromise