Password input being altered incorrectly for loginauth
Submitted James Hawkwind, Mar 12 2012 11:32 AM | Last updated Mar 12 2012 11:32 AM
In reference to this document: http://community.inv...ogin-modules-r7
When a user has a password that contains the any of the following characters:
So entering
Getting the password from $password, gets this:
While getting the password directly from the form submission via $_POST["ips_password"] or $_POST["password"], gets this:
Issue #032018 may be affected by this issue, because other boards pass the raw $_POST string to the MD5 function then store the password.
IPB must not sanitize the $password variable, or provide an alternate variable that has an unsanitized raw password entry.
When a user has a password that contains the any of the following characters:
!*&"<>\'
- Exclamation
- Star
- Ampersand
- Double quote
- Less than
- Greater than
- Backwards slash
- Single quote
So entering
~!@#$%^&*()_+{}|:"<>?`-=[]\;;',./
Getting the password from $password, gets this:
With an MD5 hash of: 4FDD3C288BC79394A5CDE8357E35D4DF~!@#$%^&*()_+{}|:"<>?`-=[]\;',./
While getting the password directly from the form submission via $_POST["ips_password"] or $_POST["password"], gets this:
With an MD5 hash of: 14B954C33ADD5FBB42AAC05C891C7D04~!@#$%^&*()_+{}|:"<>?`-=[]\;;',./
Issue #032018 may be affected by this issue, because other boards pass the raw $_POST string to the MD5 function then store the password.
IPB must not sanitize the $password variable, or provide an alternate variable that has an unsanitized raw password entry.
| Status: | Fixed |
| Version: | |
| Fixed In: |
5 Comments
$password = html_entity_decode($password, ENT_QUOTES); $html_entities = array( "!", "$", "\" ); $replacement_char = array( "!", "$", "\\" ); $password = str_replace( $html_entities, $replacement_char, $password );This can be handled within the custom login module IMO (and has been ever since they were implemented - this isn't something new/changed recently)
http://community.inv...ogin-modules-r7