[pLog-svn] New Security Features in Joomla
Reto Hugi
plog at hugi.to
Mon Jul 30 08:02:49 EDT 2007
Hi List
I accidently read the release notes for the latest Joomla bugfix release
and stumbled upon an interesting note:
They changed the way they store user passwords to make them more secure
(they probably want to adress md5 weaknesses with rainbow tables).
As we had once a vulnerability where the md5 hash of the admin password
was revealed due to an sql injection vulnerability I thought it would be
interesting to know more about the measures the joomla team took.
This is what they do:
// salt is a random 16 char string, no hardcoded secret used
$salt = mosMakePassword(16);
$crypt = md5($passwd.$salt);
// this will store the string in the database.
$row->password = $crypt.':'.$salt;
Does anybody see where this could improve security? It hardly can
prevent attackers if an sql injection reveals the password because the
secret is included in the string after the colon, right?
Oh well, may one of you guys has an idea...
cheers,
reto
More information about the pLog-svn
mailing list