Click here to Skip to main content
14,170,577 members
Click here to Skip to main content
Add your own
alternative version

Tagged as


4 bookmarked
Posted 30 Nov 2011
Licenced CPOL

Hack that GUID

, 11 Mar 2017
Rate this:
Please Sign up or sign in to vote.
How to hack GUIDs

Can you hack GUIDs? Let's give it a go:

Give me as much information as you can about the following GUID:


How about this one?


What I am interested in is the explanation of what you can extract and why; but if you extract some values, that is even better. :)

Please post your answers as comments. I will post the answer in a few days and until then the comments will be kept private.


As Tony and Hadi correctly answered, the first GUID above is a version 1 GUID which has a timestamp and the MAC address of the machine that created it while the latter is version 4 which is randomly generated; so not much can be extracted from it.

Long Answer

From Wikipedia article, "the original (version 1) generation scheme for UUIDs was to concatenate the UUID version with the MAC address of the computer that is generating the UUID, and with the number of 100-nanosecondintervals since the adoption of the Gregorian calendar in the West. This scheme has been criticized in that it is not sufficiently "opaque"; it reveals both the identity of the computer that generated the UUID and the time at which it did so."

And to understand the significance of the issue in V1 algorithm". This privacy hole was used when locating the creator of the Melissa virus.". To address these issues, version 4 was created which is randomly generated: "Version 4 UUIDs use a scheme relying only on random numbers. This algorithm sets the version number as well as two reserved bits. All other bits are set using a random or pseudorandom data source. Version 4 UUIDs have the form xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx where x is any hexadecimal digit and y is one of 8, 9, A, or B. E.g., f47ac10b-58cc-4372-a567-0e02b2c3d479."

As mentioned above, you can differentiate GUID versions using the first letter of the third group of letters. As you can see in my example, the former GUID is V1 (e56d9850-e9a7-11e0-9572-0800200c9a66) and the latter is V4 (acfb0e5e-4869-405a-a36e-852a1688bce7).

Microsoft started using version 4 from Windows 2000: "The upper four bits of the timestamp section contain the GUID's version that specifies the content of each section. Before Windows 2000, the CoCreateGuid function generated version 1 GUIDs. With Windows 2000, Microsoft switched to version 4 GUIDs, since embedding the MAC address was viewed as a security risk. The PocketGuid class also generates version 4 GUIDs.". Also, it is worth mentioning that .NET and SQL Server use underlying OS algorithm to generate GUIDs and as such, you are guaranteed to get GUID V4.

Hope this helps!


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Mehdi Khalili
Chief Technology Officer Genie solutions
Australia Australia
No Biography provided

You may also be interested in...

Comments and Discussions

QuestionInteresting, but... Pin
dandy7211-Apr-17 11:06
memberdandy7211-Apr-17 11:06 
AnswerRe: Interesting, but... Pin
Redgum30-Mar-18 10:09
professionalRedgum30-Mar-18 10:09 
QuestionWow Pin
Berat Bilgin5-Dec-11 22:31
memberBerat Bilgin5-Dec-11 22:31 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Cookies | Terms of Use | Mobile
Web06 | 2.8.190524.1 | Last Updated 12 Mar 2017
Article Copyright 2011 by Mehdi Khalili
Everything else Copyright © CodeProject, 1999-2019
Layout: fixed | fluid