Tag Archives: passwords

Password failure in WordPress Plugin

One of the great features of WordPress is the wide variety of plugins available. They often enable a lot of interesting functionality and integrations to other services not native to WordPress itself. Most of these plugins are developed by individuals or small teams independent of the core community – and often not with a keen interest in security, but an exclusive focus on “making stuff work”.

I’ve been using the WordPress “Google AdSense Dashboard” for awhile, and after the recent host of password leaks, I’ve been changing and upgrading password all around. This change lead to expose what I would call a critical password exposure in the plugin and so far caused me to remove the plugin everywhere I’ve installed it.

The issue was the following:

If the password to Google AdSense fails in the plugin, your username and password is displayed in clear-text on screen – in the dashboard when logged into WordPress. Where’s the catastrophic take away – the username and password seems to be stored in clear text (or at least stored by the plugin in a format which can be converted back to clear text), and secondly, apart from storing it somewhat carelessly the plugin even display the information on the login screen – apparently for each and every user.

Create a random password with PHP

Some websites require access control, and sometimes you may need to generate a password for a user. Here’s a simple function that can do just that.

The $base-variable contains the characters allowed in the password. The supplied string may be changed, but the selected charaters should exist on all keyboards (as far as I know). When calling the function, you can specify the lenght of the password you want. Simple, right?

1
2
3
4
5
6
7
8
9
10
function makePassword($desiredLenght = 8) {
$password = '';
$base = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
 
for($i=0;$i<$desiredLenght;$i++) {
$password .= $base[(rand(0, (strlen($base)-1)))];
}
 
return $password;
}

Cracking the Cryptex with PHP

In the book “the Davinci Code” there was a fun little device called a cryptex.. A Cryptex has 6 dials with 6  letters on each, and only one combination producing a word will open it. The most straight forward way to crack it would be to try every combination one by one, but there’s a substantial number of combinations and we know only those which a valid words is a candidate.

With PHP, a few nested loops and the aspell interface available, cracking the code is simple matter:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
$pspell_link = pspell_new("da"); // Bring in the dictionarry
 
$array1 = Array("K", "M", "A", "D", "T", "J");  // First dial
$array2 = Array("B", "H", "R", "W", "Y", "E");
$array3 = Array("S","O","L","F","V","C");
$array4 = Array("X","T","N","U","Z","P");
$array5 = Array("E","D","Z","T","G","I");
$array6 = Array("N","G","L","D","Q","K");
 
foreach ($array1 as $a1) {
foreach ($array2 as $a2) {
foreach ($array3 as $a3) {
foreach ($array4 as $a4) {
foreach ($array5 as $a5) {
foreach ($array6 as $a6) {
$word = $a1 . $a2 . $a3 . $a4 . $a5 . $a6;
if (pspell_check($pspell_link,$word)) { // is the word in the dictionary?
echo $word;
echo "<br>";
}
}
}
}
}
}
}
 
exit();

This script prints out a list of all valid (Danish) words, that can occur with the given combination of letters.