Magic Hash Vulnerability

[paragonie-scott]

joomla-cms/libraries/joomla/crypt/password/simple.php

Line 151 in ec8a72f

return md5($password . substr($hash, 33)) == substr($hash, 0, 32);

You're using the non-strict equality operator to compare hashes...

http://blog.astrumfutura.com/2015/05/phps-magic-hash-vulnerability-or-beware-of-type-juggling/

cc @padraic @ircmaxell @enygma

[paragonie-scott]

Another suggestion: use a timing safe comparison.

(Also: make this use hash_equals() in PHP 5.6+.)

[mbabker]

There was a pull request for that at one point (#4206 then #7754) but in pretty typical manner around these parts it was over the head of most folks testing/reviewing patches and ended up abandoned/closed.

[beat]

👍 From code review standpoint, the referred commit as well as follow-up commits seem to address this issue properly.

Btw, Joomla upgrades the stored password hash at each login if needed. Thus, this issue can only occur on a very old account that has not been logged in for a very long time, or on a very old unmaintained Joomla installation (one of these has to be older than around 3 years so that the password hasn't been upgraded at a login with a recent Joomla version yet for that compare case to occur).