search

ADOdb / ADOdb

ADOdb is a PHP database class library that provides powerful abstractions for performing queries and managing databases. ADOdb also hides the differences between DB engines so you can easily switch them without changing your code.
https://adodb.org/
Other
427 stars 269 forks source link

Insecure Random number generation #1020

Open vjaykoogu opened 10 months ago

vjaykoogu commented 10 months ago

Description

We found vlunerability in PEN test results.

Environment

Error found in below files and Method to Change.

image

Fix

Using Below solution: To generate secure random numbers in PHP, I'll be using random_int() function or the random_bytes() function, which are specifically designed for cryptographic purposes and provide a higher level of randomness.

To generate a random number within a specified range: $randomNumber = random_int($min, $max);

To generate random bytes for cryptographic purposes. $randomBytes = random_bytes($length);

dregad commented 10 months ago

Thanks for your report. Please note

At first glance, only usages around ADOdb sessions (crypt.inc.php, adodb-session*.php are potentially problematic.

This code is very old and shows its age... An in-depth refactoring would be needed, replacing rand() by random_int() would only scratch the surface and be kind of pointless, considering we have code performing md5 / sha1 "encryption", or relying on mcrypt (removed in PHP 7.2).

mariobernheim commented 1 month ago

Is the issue that you can generate predictable sesskeys?