New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Patch insecure CSRF token crypto vulnerability #1164
Conversation
Thank you @Arinerron :) |
uhhh, looks like you used undefined function... panel is now broken...
I must revert this. @Arinerron, it would be nice if you setup virtualbox and install Vesta, then you can test your code before you send push requests, cheers :) |
Reverting #1164, because undefined function is used
@dpeca Ugh, sorry. You need the OpenSSL PHP module: http://us3.php.net/manual/en/book.openssl.php It says it come with PHP >=5.3.0, PHP 7 by default. http://php.net/manual/en/function.openssl-random-pseudo-bytes.php |
I think VestaCP has its own seperated PHP parser - /usr/local/vesta/php/bin/php Only @serghey-rodin can rebuild it. |
Should be rechecked by Sergey Rodin or Dmitry Naumov-Socolov |
This pull request was merged but reverted. The issue still exists in |
I noticed that CSRF tokens are not using a cryptographically secure pseudorandom number generator. An attacker could potentially "guess" the CSRF token, allowing them to control vesta. The current algorithm for generating CSRF tokens is
md5(uniqid(mt_rand(), true))
, but it should use an algorithm that is considered cryptographically secure (for example, bin2hex(openssl_random_pseudo_bytes(32)) or bytes from /dev/urandom).This pull request simply replaces the insecure crypto with the secure function.
To test if the code worked, I made this little script:
The output is something like:
The insecure algorithm (being used now) generates tokens like this:
Same length, just more secure. Here's a stackoverflow post about it: http://stackoverflow.com/a/2595372
Also,
http://php.net/manual/en/function.mt-rand.php
http://php.net/manual/en/function.rand.php
If you scroll down on either of those documentation pages, you'll see the warning about how it does not generate cryptographically secure values.
Thanks!