...
byte[] passwd = Encoding.UTF8.GetBytes(txtPassword.Text);
Rfc2898DeriveBytes rfc = new Rfc2898DeriveBytes(passwd, passwd,10001);
...
function register(){
$password = $_GET['password'];
$username = $_GET['username'];
$hash = hash_pbkdf2('sha256', $password, $password, 100000);
...
import hashlib, binascii
def register(request):
password = request.GET['password']
username = request.GET['username']
dk = hashlib.pbkdf2_hmac('sha256', password, password, 100000)
hash = binascii.hexlify(dk)
store(username, hash)
...
require 'openssl'
...
req = Rack::Response.new
password = req.params['password']
...
key = OpenSSL::PKCS5::pbkdf2_hmac(password, password, 100000, 256, 'SHA256')
...
null
salt (NULL
) contradicts its intended objective and can compromise system security in a way that cannot be easily remedied.null
salt (NULL
). Not only does a null
salt contradicts its intended objective but all of the project's developers can view the salt. It makes fixing the problem extremely difficult because after the code is in production, the salt cannot be easily changed. If attackers know the value of the salt, they can compute "rainbow tables" for the application and easily determine the hashed values.null
salt:
...
define('SECURE_AUTH_SALT', NULL);
...
null
salt. An employee with access to this information can use it to break into the system.null
salt (None
) defeats its own purpose and may compromise system security in a way that cannot be easily remedied.null
salt (None
). Not only does a null
salt defeats its own purpose but it allows all of the project's developers to view the salt and it also makes fixing the problem extremely difficult. After the code is in production, the salt cannot be easily changed. If attackers know the value of the salt, they can compute "rainbow tables" for the application and more easily determine the hashed values.null
salt (None
):
from django.utils.crypto import salted_hmac
...
hmac = salted_hmac(value, None).hexdigest()
...
null
salt. An employee with access to this information can use it to break into the system.
...
private static final String salt = "";
...
PBEKeySpec pbeSpec=new PBEKeySpec(password);
SecretKeyFactory keyFact=SecretKeyFactory.getInstance(CIPHER_ALG);
PBEParameterSpec defParams=new PBEParameterSpec(salt,100000);
Cipher cipher=Cipher.getInstance(CIPHER_ALG);
cipher.init(cipherMode,keyFact.generateSecret(pbeSpec),defParams);
...
...
CCKeyDerivationPBKDF(kCCPBKDF2,
password,
passwordLen,
"",
0,
kCCPRFHmacAlgSHA256,
100000,
derivedKey,
derivedKeyLen);
...
...
$hash = hash_pbkdf2('sha256', $password, '', 100000);
...
from hashlib import pbkdf2_hmac
...
dk = pbkdf2_hmac('sha256', password, '', 100000)
...
...
dk = OpenSSL::PKCS5.pbkdf2_hmac(password, "", 100000, 256, digest)
...
...
let ITERATION = UInt32(100000)
...
CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2),
password,
passwordLength,
"",
0,
CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA256),
ITERATION,
derivedKey,
derivedKeyLength)
...
salt = getenv("SALT");
password = crypt(getpass("Password:"), salt);
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to hash the password by modifying the environment variable SALT
. Additionally, this code uses the crypt()
function, which should not be used for cryptographic hashing of passwords. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
func someHandler(w http.ResponseWriter, r *http.Request){
r.parseForm()
salt := r.FormValue("salt")
password := r.FormValue("password")
...
sha256.Sum256([]byte(salt + password))
}
Example 1
will run successfully, but anyone who can get to this functionality can to manipulate the salt used to hash the password by modifying the environment variable salt
. Additionally, this code uses the Sum256
cryptographic hash function, which should not be used for cryptographic hashing of passwords. After the program ships, it is nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
...
Properties prop = new Properties();
prop.load(new FileInputStream("local.properties"));
String salt = prop.getProperty("salt");
...
MessageDigest digest = MessageDigest.getInstance("SHA-256");
digest.reset();
digest.update(salt);
return digest.digest(password.getBytes("UTF-8"));
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to hash the password by modifying the property salt
. After the program ships, it can be very difficult to undo an issue regarding user-controlled salts, as one would likely have no way of knowing whether or not a password hash had its salt determined by a malicious user.
import hashlib, binascii
def register(request):
password = request.GET['password']
username = request.GET['username']
salt = os.environ['SALT']
hash = hashlib.md5("%s:%s" % (salt, password,)).hexdigest()
store(username, hash)
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to hash the password by modifying the environment variable SALT
. Additionally, this code uses the md5()
cryptographic hash function, which should not be used for cryptographic hashing of passwords. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
...
salt = req.params['salt']
hash = @userPassword.crypt(salt)
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to hash the password by modifying the parameter salt
. Additionally, this code uses the String#crypt()
function, which should not be used for cryptographic hashing of passwords. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.null
(nil
) salt can compromise system security in a way that cannot be easily remedied.null
(nil
) salt. Not only does using a null
salt make it significantly easier to determine the hashed values, it also makes fixing the problem extremely difficult. After the code is in production, the salt cannot be easily changed. If attackers figure out that values are hashed with a null
salt, they can compute "rainbow tables" for the application and more easily determine the hashed values.null
(nil
) salt:
...
CCKeyDerivationPBKDF(kCCPBKDF2,
password,
passwordLen,
nil,
0,
kCCPRFHmacAlgSHA256,
100000,
derivedKey,
derivedKeyLen);
...
null
salt. After the program ships, there is likely no way to change the null
salt. An employee with access to this information can use it to break into the system.null
(None
) salt can compromise system security in a way that cannot be easily remedied.null
(None
) salt. Not only does using a null
salt make it significantly easier to determine the hashed values, it also makes fixing the problem extremely difficult. After the code is in production, the salt cannot be easily changed. If attackers figure out that values are hashed with a null
salt, they can compute "rainbow tables" for the application and more easily determine the hashed values.null
(None
) salt:
import hashlib, binascii
from django.utils.crypto import pbkdf2
def register(request):
password = request.GET['password']
username = request.GET['username']
dk = pbkdf2(password, None, 100000)
hash = binascii.hexlify(dk)
store(username, hash)
...
null
salt. After the program ships, there is likely no way to change the null
salt. An employee with access to this information can use it to break into the system.null
(nil
) salt can compromise system security in a way that cannot be easily remedied.null
(nil
) salt. Not only does using a null
salt make it significantly easier to determine the hashed values, it also makes fixing the problem extremely difficult. After the code is in production, the salt cannot be easily changed. If attackers figure out that values are hashed with a null
salt, they can compute "rainbow tables" for the application and more easily determine the hashed values.null
(nil
) salt:
...
let ITERATION = UInt32(100000)
...
CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2),
password,
passwordLength,
nil,
0,
CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA256),
ITERATION,
derivedKey,
derivedKeyLength)
...
null
salt. After the program ships, there is likely no way to change the null
salt. An employee with access to this information can use it to break into the system.
string salt = ConfigurationManager.AppSettings["salt"];
...
Rfc2898DeriveBytes rfc = new Rfc2898DeriveBytes("password", Encoding.ASCII.GetBytes(salt));
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the property salt
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
...
salt = getenv("SALT");
PKCS5_PBKDF2_HMAC(pass, sizeof(pass), salt, sizeof(salt), ITERATION, EVP_sha512(), outputBytes, digest);
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the environment variable SALT
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
...
Properties prop = new Properties();
prop.load(new FileInputStream("local.properties"));
String salt = prop.getProperty("salt");
...
PBEKeySpec pbeSpec=new PBEKeySpec(password);
SecretKeyFactory keyFact=SecretKeyFactory.getInstance(CIPHER_ALG);
PBEParameterSpec defParams=new PBEParameterSpec(salt,100000);
Cipher cipher=Cipher.getInstance(CIPHER_ALG);
cipher.init(cipherMode,keyFact.generateSecret(pbeSpec),defParams);
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the property salt
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
...
@property (strong, nonatomic) IBOutlet UITextField *inputTextField;
...
NSString *salt = _inputTextField.text;
const char *salt_cstr = [salt cStringUsingEncoding:NSUTF8StringEncoding];
...
CCKeyDerivationPBKDF(kCCPBKDF2,
password,
passwordLen,
salt_cstr,
salt.length,
kCCPRFHmacAlgSHA256,
100000,
derivedKey,
derivedKeyLen);
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the text in the UITextField inputTextField
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
function register(){
$password = $_GET['password'];
$username = $_GET['username'];
$salt = getenv('SALT');
$hash = hash_pbkdf2('sha256', $password, $salt, 100000);
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the environment variable SALT
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
import hashlib, binascii
def register(request):
password = request.GET['password']
username = request.GET['username']
salt = os.environ['SALT']
dk = hashlib.pbkdf2_hmac('sha256', password, salt, 100000)
hash = binascii.hexlify(dk)
store(username, hash)
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the environment variable SALT
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
...
salt=io.read
key = OpenSSL::PKCS5::pbkdf2_hmac(pass, salt, iter_count, 256, 'SHA256')
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the text in salt
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.
...
@IBOutlet weak var inputTextField : UITextField!
...
let salt = (inputTextField.text as NSString).dataUsingEncoding(NSUTF8StringEncoding)
let saltPointer = UnsafePointer<UInt8>(salt.bytes)
let saltLength = size_t(salt.length)
...
let algorithm : CCPBKDFAlgorithm = CCPBKDFAlgorithm(kCCPBKDF2)
let prf : CCPseudoRandomAlgorithm = CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA256)
CCKeyDerivationPBKDF(algorithm,
passwordPointer,
passwordLength,
saltPointer,
saltLength,
prf,
100000,
derivedKeyPointer,
derivedKeyLength)
...
Example 1
will run successfully, but anyone who can get to this functionality will be able to manipulate the salt used to derive the key or password by modifying the text in the UITextField inputTextField
. After the program ships, it can be nontrivial to undo an issue regarding user-controlled salts, as it is extremely difficult to know if a malicious user determined the salt of a password hash.