Project

chronoleak

0.0
The project is in a healthy, maintained state
chronoleaknoraj/chronoleakHomepageDocumentationSource CodeBug Tracker
Leaks time on a remote machine by using ICMP timestamp requests (13) and replies (14).
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Popularity
Downloads
189
Stars
4
Forks
0
Watchers
1
 Releases
Current version
0.0.1
Total releases
1
First release
2025-03-30
Latest release
2025-03-30
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
14
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2025-04-24
Reverse Dependencies
0

 Dependencies

Runtime

logger
< 2.0
 Project Readme

ChronoLeak

GitHub forks GitHub stars GitHub license Rawsec's CyberSecurity Inventory GitHub Workflow Status GitHub commit activity

ICMP Timestamp Remote Time Leaker

ChronoLeak logo

Leaks time on a remote machine by using ICMP timestamp requests (13) and replies (14).

Context, why this tool exists?

Knowing the time of a remote machine is important to perform time sensitive attacks.

For example, Time-based One Time Password (TOTP) generates a code that is valid only 30 seconds, but if the remote machine time drifted because it is not using NTP or has a timezone issue (sync with hardware clock) or whatever, the attack will fail because you are not targeting the right time range.

Other examples are network protocols, some have a handcheck sensitive to time, or even for the validity of a token or certificate were you could be denied because it is no yet or no longer valid. So you could have authentication issue just because you are not synchronized with the time of the remote machine.

Hopefully, ongoing ICMP timestamp requests (13), and outgoing ICMP timestamp replies (14) are rarelly filtered, allowing to disclose the remote machine time (CVE-1999-0524) remotly while being unauthenticated.

However, it should be noted that timestamps returned from machines running some versions of Windows are deliberately incorrect within 1000 seconds of the actual system time as a protection to deafeat such attacks.

Installation

gem install chronoleak

Check the installation page on the documentation to discover more methods.

Packaging status Gem Version GitHub tag (latest SemVer)

Documentation

Homepage / Documentation: https://noraj.github.io/ChronoLeak/

Author

Made by Alexandre ZANNI (@noraj).