From c387d2f139bf3c20810785367933e24ee7fad394 Mon Sep 17 00:00:00 2001
From: jvoisin <julien.voisin@dustri.org>
Date: Sun, 1 Sep 2024 22:26:53 +0200
Subject: [PATCH] Make use of proper CSPRNG when possible

---
 php/meterpreter/meterpreter.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/php/meterpreter/meterpreter.php b/php/meterpreter/meterpreter.php
index b42d945d..4d269b3d 100755
--- a/php/meterpreter/meterpreter.php
+++ b/php/meterpreter/meterpreter.php
@@ -822,10 +822,17 @@ function channel_read($chan_id, $len) {
 }
 
 function rand_xor_byte() {
+  if (can_call_function('random_int')) {
+    return chr(random_int(1, 255));
+  }
   return chr(mt_rand(1, 255));
 }
 
 function rand_bytes($size) {
+  if (can_call_function('random_bytes')) {
+    return random_bytes($size)
+  }
+
   $b = '';
   for ($i = 0; $i < $size; $i++) {
     $b .= rand_xor_byte();