RevCMS exploits

Printable View

06-05-16
DutchenL

RevCMS exploits

Can someone link me to the fix where people can't hash passwords of users?
Because this is possible with the regular RevCMS version.
06-05-16
JayCustomDev

Re: RevCMS exploits

Well RevCMS currently uses just MD5 encryption. You could make a simple test when they login , now this is pseudo code so do not just copy and paste this but it would look something like this:

Code:

$test = mysql_query("SELECT password FROM users WHERE username = '".$postedUsername."' LIMIT 1"); if(MD5($postedPass) == $test['password']){ $newPass = SHA1($postedUsername . MD5($postedPass)); mysql_query("UPDATE users SET password = '".$newPass."'; //Login }else if(SHA1($postedUsername . MD5($postedPass) == $test['password']){ //Login }else{ //Incorrect Login }

The Goal Of This:
While users can still login, every time they login their password will still be changed in the background to a more secure (There are still better options then this...) password. But I recommend fixing this up, because I just coded this in 2 minutes and it's not the best :) Maybe someone will reply and fix my code to help him out.
06-05-16
DutchenL

Re: RevCMS exploits

Quote:

Originally Posted by JayCustomDev

Well RevCMS currently uses just MD5 encryption. You could make a simple test when they login , now this is pseudo code so do not just copy and paste this but it would look something like this:

Code:

$test = mysql_query("SELECT password FROM users WHERE username = '".$postedUsername."' LIMIT 1"); if(MD5($postedPass) == $test['password']){ $newPass = SHA1($postedUsername . MD5($postedPass)); mysql_query("UPDATE users SET password = '".$newPass."'; //Login }else if(SHA1($postedUsername . MD5($postedPass) == $test['password']){ //Login }else{ //Incorrect Login }

The Goal Of This:
While users can still login, every time they login their password will still be changed in the background to a more secure (There are still better options then this...) password. But I recommend fixing this up, because I just coded this in 2 minutes and it's not the best :) Maybe someone will reply and fix my code to help him out.

I mean, are their exploits in RevCMS where you can easily hash passwords? if yes, where exactly
06-05-16
Matata

Re: RevCMS exploits

Quote:

Originally Posted by DutchenL

I mean, are their exploits in RevCMS where you can easily hash passwords? if yes, where exactly

Are you sure you know what you're asking about?
06-05-16
DutchenL

Re: RevCMS exploits

Quote:

Originally Posted by Matata

Are you sure you know what you're asking about?

yes I am

There is an exploit in revcms where you can hash passwords
07-05-16
JayCustomDev

Re: RevCMS exploits

No. You are mistaken on your question. There may be an exploit in some revcms themes where you can get access to the hash password but that does not mean there is an exploit with the passwords. Password encryption in MD5 is not secure and can easily be dehashed from online databases which is the problem with revcms.
07-05-16
DutchenL

Re: RevCMS exploits

Quote:

Originally Posted by JayCustomDev

There may be an exploit in some revcms themes where you can get access to the hash password

That's what I was looking for me. Excuse my language.
09-05-16
DutchenL

Re: RevCMS exploits

uuuuuuuuuuuuuuuuup
01-10-16
JayCustomDev

Re: RevCMS exploits

Quote:

Originally Posted by JayCustomDev

Well RevCMS currently uses just MD5 encryption. You could make a simple test when they login , now this is pseudo code so do not just copy and paste this but it would look something like this:

Code:

$test = mysql_query("SELECT password FROM users WHERE username = '".$postedUsername."' LIMIT 1"); if(MD5($postedPass) == $test['password']){ $newPass = SHA1($postedUsername . MD5($postedPass)); mysql_query("UPDATE users SET password = '".$newPass."'; //Login }else if(SHA1($postedUsername . MD5($postedPass) == $test['password']){ //Login }else{ //Incorrect Login }

The Goal Of This:
While users can still login, every time they login their password will still be changed in the background to a more secure (There are still better options then this...) password. But I recommend fixing this up, because I just coded this in 2 minutes and it's not the best :) Maybe someone will reply and fix my code to help him out.

I have already given your solution I hae no idea why you are bumping the thread again.