{"id":897,"date":"2007-11-25T12:56:09","date_gmt":"2007-11-25T20:56:09","guid":{"rendered":"\/?p=897"},"modified":"2007-11-26T10:12:20","modified_gmt":"2007-11-26T18:12:20","slug":"touchpaper-breached","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=897","title":{"rendered":"Touchpaper breached"},"content":{"rendered":"<p><a href=\"http:\/\/www.lightbluetouchpaper.org\/\">Light Blue Touchpaper<\/a>\u00a0is\u00a0a blog run by leading international security researchers at the\u00a0Computer Laboratory, University of Cambridge.\u00a0\u00a0In recent\u00a0<a href=\"http:\/\/www.lightbluetouchpaper.org\/2007\/11\/20\/wordpress-cookie-authentication-vulnerability\/\">posts<\/a>, researcher Steven Murdoch\u00a0writes that Touchpaper, which is based on the same WordPress blogging software I use,\u00a0was\u00a0breached around the same time as Identityblog (described<a href=\"\/?p=890\">\u00a0here<\/a>).\u00a0\u00a0<\/p>\n<p>Steven explains that the attack was the result of several problems in WordPress &#8211; a <a href=\"http:\/\/www.securityfocus.com\/archive\/1\/archive\/1\/469258\/100\/0\/threaded\">SQL injection vulnerability<\/a> plus a basic misuse in the way password hashes\u00a0are stored\u00a0and used in cookies.\u00a0 The latter problem remains even after release 2.3.1.\u00a0 He writes:<\/p>\n<blockquote><p>It is disappointing to see that people are still getting this type of thing wrong. In their 1978 summary, Morris and Thompson <a href=\"http:\/\/cm.bell-labs.com\/cm\/cs\/who\/dmr\/passwd.ps\" class=\"broken_link\"><font color=\"#0066cc\">describe the importance<\/font><\/a> of one way hashing and password salting (neither of which WordPress does properly).<\/p><\/blockquote>\n<p>I also pointed this problem out to several people when first experimenting with how to integrate Information Cards\u00a0into WordPress a couple of years ago.\u00a0 The comments may not have made their way back to people who could fix the problems&#8230;<\/p>\n<p><span _e_onclick=\"selEm(_this);\" _ao=\"3\" _em=\"hvanes@intesigroup.com\" _rt=\"SMTP\" _dn=\"Hans Van Es\" _fJnk=\"1\" _e_oncontextmenu=\"onRwCm();\" _e_ondblclick=\"onDblClkRcp();\" onclick=\"_e(this,this._e_onclick)\" title=\"hvanes@intesigroup.com\" ondblclick=\"_e(this,this._e_ondblclick)\" id=\"spnFrom\" oncontextmenu=\"_e(this,this._e_oncontextmenu)\" class=\"rwRRO\">Steven\u00a0has\u00a0<a href=\"http:\/\/www.lightbluetouchpaper.org\/2007\/11\/16\/google-as-a-password-cracker\/\">another recent post\u00a0<\/a>that describes more,\u00a0equally\u00a0surprising, uses of hashing, and discusses the interplay between hashes and search engines:<\/span><\/p>\n<blockquote><p>One of the steps used by the attacker who <a href=\"http:\/\/www.lightbluetouchpaper.org\/2007\/10\/27\/upgrade-and-new-theme\/\">compromised<\/a> Light Blue Touchpaper a few weeks ago was to create an account (which he promoted to administrator; more on that in a future post). I quickly disabled the account, but while doing forensics, I thought it would be interesting to find out the account password. WordPress stores raw MD5 hashes in the user database (despite <a href=\"http:\/\/trac.wordpress.org\/ticket\/2394\" class=\"broken_link\">my recommendation<\/a> to use <a href=\"http:\/\/en.wikipedia.org\/wiki\/Salt_(cryptography)\">salting<\/a>). As with any respectable hash function, it is believed to be computationally infeasible to discover the input of MD5 from an output. Instead, someone would have to try out all possible inputs until the correct output is discovered.<\/p>\n<p>So, I wrote a trivial Python script which hashed all dictionary words, but that didn\u2019t find the target (I also tried adding numbers to the end). Then, I switched to a Russian dictionary (because the comments in the shell code installed were in Russian) but that didn\u2019t work either. I could have found or written a better password cracker, which varies the case of letters, and does common substitutions (e.g. o ? 0, a ? 4) but that would have taken more time than I wanted to spend. I could also improve efficiency with a <a href=\"http:\/\/en.wikipedia.org\/wiki\/Rainbow_table\">rainbow table<\/a>, but this needs a large database which I didn\u2019t have.<\/p>\n<p>Instead, I <a href=\"http:\/\/www.google.com\/search?q=20f1aeb7819d7858684c898d1e98c1bb\">asked Google<\/a>. I found, for example, a <a href=\"http:\/\/freepages.genealogy.rootsweb.com\/~camat\/harvey\/srn\/2\/0\/20f1aeb7819d7858684c898d1e98c1bb.html\" class=\"broken_link\">genealogy page<\/a> listing people with the surname \u201cAnthony\u201d, and an <a href=\"http:\/\/www.fizber.com\/Colorado\/for-sale-Single-Family-home-1887.html\">advert for a house<\/a>, signing off \u201cPlease Call for showing. Thank you, Anthony\u201d. And indeed, the MD5 hash of \u201cAnthony\u201d was the database entry for the attacker. I had discovered his password.<\/p>\n<p>In both the webpages, the target hash was in a URL. This makes a lot of sense \u2014 I\u2019ve even written code which does the same. When I needed to store a file, indexed by a key, a simple option is to make the filename the key\u2019s MD5 hash. This avoids the need to <a href=\"http:\/\/en.wikipedia.org\/wiki\/Code_injection\">escape<\/a> any potentially dangerous user input and is very resistant to accidental collisions. If there are too many entries to store in a single directory, by creating directories for each prefix, there will be an even distribution of files. MD5 is quite fast, and while it\u2019s unlikely to be the best option in all cases, it is an easy solution which works pretty well.<\/p>\n<p>Because of this technique, Google is acting as a hash pre-image finder, and more importantly finding hashes of things that people have hashed before. Google is doing what it does best \u2014 storing large databases and searching them. I doubt, however, that they envisaged this use though. <img src=\"http:\/\/www.lightbluetouchpaper.org\/wp-includes\/images\/smilies\/icon_smile.gif\" alt=\":-)\" class=\"wp-smiley\" \/><\/p><\/blockquote>\n<p><span _e_onclick=\"selEm(_this);\" _ao=\"3\" _em=\"hvanes@intesigroup.com\" _rt=\"SMTP\" _dn=\"Hans Van Es\" _fJnk=\"1\" _e_oncontextmenu=\"onRwCm();\" _e_ondblclick=\"onDblClkRcp();\" onclick=\"_e(this,this._e_onclick)\" title=\"hvanes@intesigroup.com\" ondblclick=\"_e(this,this._e_ondblclick)\" oncontextmenu=\"_e(this,this._e_oncontextmenu)\" class=\"rwRRO\">They say misery loves company.\u00a0 And if I had wanted company\u00a0while my blog was being\u00a0breached, the Cambridge Computer Laboratory\u00a0would have been\u00a0about as good company as I could get.\u00a0 But I&#39;m sure they, like me, draw one conclusion above all others:\u00a0\u00a0 build systems on the basis they will be breached, in order to reduce the\u00a0consequences to the absolute minimum.\u00a0<\/span><\/p>\n<p><span _e_onclick=\"selEm(_this);\" _ao=\"3\" _em=\"hvanes@intesigroup.com\" _rt=\"SMTP\" _dn=\"Hans Van Es\" _fJnk=\"1\" _e_oncontextmenu=\"onRwCm();\" _e_ondblclick=\"onDblClkRcp();\" onclick=\"_e(this,this._e_onclick)\" title=\"hvanes@intesigroup.com\" ondblclick=\"_e(this,this._e_ondblclick)\" oncontextmenu=\"_e(this,this._e_oncontextmenu)\" class=\"rwRRO\">[Thanks to Hans Van Es for pinging me about this.]<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Steven Murdoch looks at recent Wordpress vulnerabilities and how search engines impact our use of hashes<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[13,2,3,11],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/897"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=897"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/897\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=897"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=897"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=897"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}