juhaniemi
commented
7 years ago Checksum salt has been emptied and the salt in the origin system has been renewed to avoid possible abuse. Thanks for reporting this!
Closed tunnela closed 7 years ago
juhaniemi
commented
7 years ago Checksum salt has been emptied and the salt in the origin system has been renewed to avoid possible abuse. Thanks for reporting this!
You are currently sharing checksum salt of Radioactivity module here:
https://github.com/DigiTurku/kada/blob/master/code/modules/features/tkufi_configuration_feature/tkufi_configuration_feature.strongarm.inc#L3193
The same checksum salt is used at https://www.turku.fi making it easy to bypass data authenticity verification used in emit.php of Radioactivity module. By using the salt in the previous link one could try to distort the results produced by the algorithms in Radioactivity module.
In addition to that it may be possible to get access to system files since an attacker could easily make a request to emit.php by using customized parameters. One of the parameters used in emit.php is
storagewhich is directly used in require_once, and since there is no data authenticity verification, an attacker could try file inclusion attack for reading files outside of Radioactivity module by using NUL byte attack, file traversal attack etc.You should not share salts or any security credentials for public. Especially if the same security credentials are used at https://www.turku.fi.