NRIC Number Generation

At times, my job requires the use of “valid” NRIC numbers to conduct certain security testing. There was a time last year where there was a requirement for a sample of approximately 5000 NRIC numbers to conduct user-enumeration tests. I did a quick Google search and found a couple of online generators, but they were clunky and slow and it would probably take ages to generate a sizable sample. There was even this website, that stated: “If you need bulk generation of > 1000 NRIC numbers in any format, please contact me for a quote.” I wonder if this is even legal, so in my curiosity, I proceeded to request for a quotation with a dummy email account (see the email exchange below).


Anyway, I would definitely not pay for stuff like these and decided to do a small research with a good buddy (Joel) of mine on the algorithm behind the generation. After a few minutes, we found the publicly available algorithm online and we started programming a simple generator. 5000 unique NRIC numbers were then generated in less than 1 second, at zero cost. S$30 saved. 🙂


Now that the goodies are in a text file, it would be easy to use it in Burp Intruder and enumerate away…


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s