Shulou(Shulou.com)06/02 Report--

This article mainly introduces the PHPCMS loophole authkey generation algorithm problems lead to authkey leakage how to do, has a certain reference value, friends in need can refer to. I hope you will learn a lot after reading this article. Next, let the editor take you to learn about it.

On the repair of authkey leakage caused by the problem of phpcms authkey Generation algorithm

Introduction: vulnerability name: phpcms authkey generation algorithm problems lead to authkey leak patch file: caches/configs/system.php patch source: cloud shield self-developed vulnerability description: phpcms in the installation, due to the continuous use of mt_rand () in the same page, there is no effective mt_srand (); seed randomization operation, resulting in the risk of authkey leakage, hackers can use this vulnerability to guess the website authkey and then invade the website. [note: after the patch is repaired, the auth_key and phpsso_auth_key in the configuration file of your website will be automatically modified, and it will only be run once. During the repair period, the cookies visited by some users will fail, resulting in the need to log in to the website. Otherwise, you can rest assured to upgrade]. Aliyun vulnerability hint.

Online solution:

1. In / caches/configs/system.php, add the first parameter:

'alivulfix' = >' yes'

After modification, the screenshot of the code is as follows:

2. Find and modify the auth_key,20 bit string; you can customize what you write.

'auth_key' = >' 2qKYgs0PgHWWtaFVb3KPcards, / / key

3. Find and modify the auth_key,32 bit string; you can customize what you write.

'phpsso_auth_key' = >' hjor66pewop_3qooeamtbiprooteqein', / / encryption key

Note: at this point, it is the same as Ali Cloud's Cloud Knight with one click to repair.

It's just that none of the users of the site can log in for the time being, and then there is the most important step.

4. Log in to the phpsso Management Center at the background, and in the navigation menu phpsso-> Application Management-> Edit, edit the value of 'phpsso_auth_key'' set by "Communication key" for step 3, and then click submit.

Screenshots of the key steps are as follows:

After submission, the page shows that the communication is successful, as shown in the following figure.

5. Finally, test the login as an extra.

You will find that the website is ready to log in, and the prompts from Aliyun's backstage about "phpcms authkey generation algorithm problems lead to authkey leakage" have disappeared.

Ali Cloud gives feedback. The screenshot is as follows:

If you modify the local file first:

(1) upload the modified file to the corresponding file location on the server and overwrite it directly.

(2) proceed with steps 4 and 5 above.

(3) finally, log in to the Aliyun backend and click verify (screenshot below) to complete the vulnerability repair.

Thank you for reading this article carefully. I hope the editor will share the authkey generation algorithm of PHPCMS loopholes and what to do when authkey leaks. At the same time, I also hope that you will support us, pay attention to the industry information channels, and find out if you encounter problems. Detailed solutions are waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.