Re: [PHP] Re: How safe is a .htaccess file?
2010/8/24 Peter Lind : > On 24 August 2010 16:25, Jan G.B. wrote: >> 2010/8/24 Bob McConnell : >>> From: Peter Lind >>> On 24 August 2010 15:43, Gary wrote: > Jan G.B. wrote: > >> The weakness of MD5 is mainly because MD5 collisions are possible. >> That means, that different strings can have the same MD5-hash... > > http://en.wikipedia.org/wiki/MD5#cite_note-1 It's worth noting that that essentially does not touch upon whether or not MD5 can be considered safe or not as a means to store password information. The researchers have discovered ways of crafting inputs to easily find colliding hashes - they have not discovered any easy means to craft an input that will collide with a given hash. >>> >>> That's a simple matter of brute force, which can be done once and saved >>> for instant use later. However, putting a salt into your algorithm >>> pretty much eliminates the chances of success using that attack. >>> >>> Bob McConnell >>> >> Thanks.. >> actually it's quite annoying when you post an answer which >> tries to explain a subject and people just post a link as >> response to one citation which somehow lacks relevance on the topic. >> > > The link posted was all the relevance there is. MD5 is not weak in the > sense that it is easy to find collisions when all you have is a hash > (which is what you were implying). MD5 is only weak in the sense that > it's possibly to generate two input texts such that the MD5 hashes of > both will collide. > The "other" weakness of MD5 (the more relevant one here) is that > calculating an MD5 hash is relatively fast today. Which means you can > generate rainbow tables of the most common inputs in relatively little > time. Of course, these rainbow tables are worthless against more > secure passwords and/or against salted passwords. > > Regards > Peter > Hi peter, this clears it up for me. So I was quite correct with my post. :-) Have a nice day. Regards, Jan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How safe is a .htaccess file?
On 24 August 2010 16:25, Jan G.B. wrote: > 2010/8/24 Bob McConnell : >> From: Peter Lind >> >>> On 24 August 2010 15:43, Gary wrote: Jan G.B. wrote: > The weakness of MD5 is mainly because MD5 collisions are possible. > That means, that different strings can have the same MD5-hash... http://en.wikipedia.org/wiki/MD5#cite_note-1 >>> >>> It's worth noting that that essentially does not touch upon whether or >>> not MD5 can be considered safe or not as a means to store password >>> information. The researchers have discovered ways of crafting inputs >>> to easily find colliding hashes - they have not discovered any easy >>> means to craft an input that will collide with a given hash. >> >> That's a simple matter of brute force, which can be done once and saved >> for instant use later. However, putting a salt into your algorithm >> pretty much eliminates the chances of success using that attack. >> >> Bob McConnell >> > Thanks.. > actually it's quite annoying when you post an answer which > tries to explain a subject and people just post a link as > response to one citation which somehow lacks relevance on the topic. > The link posted was all the relevance there is. MD5 is not weak in the sense that it is easy to find collisions when all you have is a hash (which is what you were implying). MD5 is only weak in the sense that it's possibly to generate two input texts such that the MD5 hashes of both will collide. The "other" weakness of MD5 (the more relevant one here) is that calculating an MD5 hash is relatively fast today. Which means you can generate rainbow tables of the most common inputs in relatively little time. Of course, these rainbow tables are worthless against more secure passwords and/or against salted passwords. Regards Peter -- WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How safe is a .htaccess file?
2010/8/24 Bob McConnell : > From: Peter Lind > >> On 24 August 2010 15:43, Gary wrote: >>> Jan G.B. wrote: >>> The weakness of MD5 is mainly because MD5 collisions are possible. That means, that different strings can have the same MD5-hash... >>> >>> http://en.wikipedia.org/wiki/MD5#cite_note-1 >> >> It's worth noting that that essentially does not touch upon whether or >> not MD5 can be considered safe or not as a means to store password >> information. The researchers have discovered ways of crafting inputs >> to easily find colliding hashes - they have not discovered any easy >> means to craft an input that will collide with a given hash. > > That's a simple matter of brute force, which can be done once and saved > for instant use later. However, putting a salt into your algorithm > pretty much eliminates the chances of success using that attack. > > Bob McConnell > Thanks.. actually it's quite annoying when you post an answer which tries to explain a subject and people just post a link as response to one citation which somehow lacks relevance on the topic. My intro-sentence was "I'm not a crypto expert". Gary, do you expect me to read the full detail report of Tao Xie and Dengguo Feng? Can you sum it up in two or three sentences? Regards -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: How safe is a .htaccess file?
From: Peter Lind > On 24 August 2010 15:43, Gary wrote: >> Jan G.B. wrote: >> >>> The weakness of MD5 is mainly because MD5 collisions are possible. >>> That means, that different strings can have the same MD5-hash... >> >> http://en.wikipedia.org/wiki/MD5#cite_note-1 > > It's worth noting that that essentially does not touch upon whether or > not MD5 can be considered safe or not as a means to store password > information. The researchers have discovered ways of crafting inputs > to easily find colliding hashes - they have not discovered any easy > means to craft an input that will collide with a given hash. That's a simple matter of brute force, which can be done once and saved for instant use later. However, putting a salt into your algorithm pretty much eliminates the chances of success using that attack. Bob McConnell -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How safe is a .htaccess file?
On 24 August 2010 15:43, Gary wrote: > Jan G.B. wrote: > >> The weakness of MD5 is mainly because MD5 collisions are possible. >> That means, that different strings can have the same MD5-hash... > > http://en.wikipedia.org/wiki/MD5#cite_note-1 It's worth noting that that essentially does not touch upon whether or not MD5 can be considered safe or not as a means to store password information. The researchers have discovered ways of crafting inputs to easily find colliding hashes - they have not discovered any easy means to craft an input that will collide with a given hash. Regards Peter -- WWW: http://plphp.dk / http://plind.dk LinkedIn: http://www.linkedin.com/in/plind BeWelcome/Couchsurfing: Fake51 Twitter: http://twitter.com/kafe15 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: How safe is a .htaccess file?
One thing I would do, and I have done this in many of my applications: a) Store the username / password in a database. b) Encrypt passwords (with a salt) with AES-256 using a key stored in a file OUTSIDE the document path. c) Add code to the beginning of the included file to ensure it is only executed by approved files. -Original Message- From: Jan G.B. [mailto:ro0ot.w...@googlemail.com] Sent: Tuesday, August 24, 2010 9:09 AM To: Andre Polykanine Cc: Nathan Rixham; tedd; php-general@lists.php.net Subject: Re: [PHP] Re: How safe is a .htaccess file? 2010/8/19 Andre Polykanine : > Hello Nathan, > > Sorry, could you provide any links to read for a security noob?) > Actually, I know that the md5 is decryptable (there are bases with > words encrypted in md5), but I thought the SHA1 was secure... > -- > With best regards from Ukraine, > Andre > - Original message - > From: Nathan Rixham > To: tedd > Date: Thursday, August 19, 2010, 12:03:12 PM > Subject: [PHP] Re: How safe is a .htaccess file? > > tedd wrote: >> Hi gang: >> >> The subject line says it all. >> >> How secure is a .htaccess file to store passwords and other sensitive >> stuff? >> >> Can a .htaccess file be viewed remotely? > > Semi-safe, > > .htaccess is prevented from being served by configuration options (which > come as default), however these can be overwritten so best to check by > doing a GET on the resource URI. > > This doesn't prevent them from being exposed via other processes though, > for instance a poorly coded 'download.php?path=/path/to/.htaccess' could > still expose the file. > > Typically, its obviously better to store only a hash of a password > rather than the pass in plain text, choosing the strongest algorithm you > can; password security is of course relative though, a sha-512 of > 'password1' is far from secure. > > A good way to approach encryption for files is to openssl_seal them > using a public key which is only available to your application - this > doesn't negate insecure code, but it at least ensures the raw files are > encrypted securely enough to negate any of these worries. (just keep > your private key safe, preferably in a pkcs12 w/a strong 64char+ pass) > > Best, > > Nathan > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Hi Nathan, I'm not a crypto expert.. but I'll try to explain it: The weakness of MD5 is mainly because MD5 collisions are possible. That means, that different strings can have the same MD5-hash... When you use "test" as a secret password, then no hashing algorythm at can be considered as "safe". The first two passwords a cracker will try might be "1234" and "test".. No big deal. Databases of MD5-hashes exists. And so can exist Databases of SHA-* hashes. To get around these databases you can just "salt" your hash.. that way the Hash of the word "test" will not be the same as the hash in the database without *your* salt. No matter if you use MD5 or SHA256 $ echo -ne test | md5sum 098f6bcd4621d373cade4e832627b4f6 - $ echo -ne test-mySecretSalt | md5sum c62fb41567c476e36ba46e5b53ae6d59 - Only the first string will be available in a hash-database. So you see - as long as a cracker only get's your salted hashes WITHOUT the used salt, it's pretty safe.. as long as you don't think about ignore collisions! Back to topic: - as mentioned before the biggest risk in authentication via .ht* files is that one can try to get these files via a bug in an application.. (e.g. ?read_file=.htaccess%00) - that's why you don't want to use plain text-passwords in .htaccess files. most used is the htdigest algorythm. Be sure to use a STRONG password: long string with letter, numbers and more chars. - if you're curious, get a copy of "John the Ripper password cracker" and try to decode your passwords.. that's what the bad guys use once they get your .htaccess file. Regards Regards -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: How safe is a .htaccess file?
2010/8/19 Andre Polykanine : > Hello Nathan, > > Sorry, could you provide any links to read for a security noob?) > Actually, I know that the md5 is decryptable (there are bases with > words encrypted in md5), but I thought the SHA1 was secure... > -- > With best regards from Ukraine, > Andre > - Original message - > From: Nathan Rixham > To: tedd > Date: Thursday, August 19, 2010, 12:03:12 PM > Subject: [PHP] Re: How safe is a .htaccess file? > > tedd wrote: >> Hi gang: >> >> The subject line says it all. >> >> How secure is a .htaccess file to store passwords and other sensitive >> stuff? >> >> Can a .htaccess file be viewed remotely? > > Semi-safe, > > .htaccess is prevented from being served by configuration options (which > come as default), however these can be overwritten so best to check by > doing a GET on the resource URI. > > This doesn't prevent them from being exposed via other processes though, > for instance a poorly coded 'download.php?path=/path/to/.htaccess' could > still expose the file. > > Typically, its obviously better to store only a hash of a password > rather than the pass in plain text, choosing the strongest algorithm you > can; password security is of course relative though, a sha-512 of > 'password1' is far from secure. > > A good way to approach encryption for files is to openssl_seal them > using a public key which is only available to your application - this > doesn't negate insecure code, but it at least ensures the raw files are > encrypted securely enough to negate any of these worries. (just keep > your private key safe, preferably in a pkcs12 w/a strong 64char+ pass) > > Best, > > Nathan > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Hi Nathan, I'm not a crypto expert.. but I'll try to explain it: The weakness of MD5 is mainly because MD5 collisions are possible. That means, that different strings can have the same MD5-hash... When you use "test" as a secret password, then no hashing algorythm at can be considered as "safe". The first two passwords a cracker will try might be "1234" and "test".. No big deal. Databases of MD5-hashes exists. And so can exist Databases of SHA-* hashes. To get around these databases you can just "salt" your hash.. that way the Hash of the word "test" will not be the same as the hash in the database without *your* salt. No matter if you use MD5 or SHA256 $ echo -ne test | md5sum 098f6bcd4621d373cade4e832627b4f6 - $ echo -ne test-mySecretSalt | md5sum c62fb41567c476e36ba46e5b53ae6d59 - Only the first string will be available in a hash-database. So you see - as long as a cracker only get's your salted hashes WITHOUT the used salt, it's pretty safe.. as long as you don't think about ignore collisions! Back to topic: - as mentioned before the biggest risk in authentication via .ht* files is that one can try to get these files via a bug in an application.. (e.g. ?read_file=.htaccess%00) - that's why you don't want to use plain text-passwords in .htaccess files. most used is the htdigest algorythm. Be sure to use a STRONG password: long string with letter, numbers and more chars. - if you're curious, get a copy of "John the Ripper password cracker" and try to decode your passwords.. that's what the bad guys use once they get your .htaccess file. Regards Regards -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How safe is a .htaccess file?
tedd wrote: tedd wrote: Hi gang: The subject line says it all. How secure is a .htaccess file to store passwords and other sensitive stuff? Can a .htaccess file be viewed remotely? Semi-safe, .htaccess is prevented from being served by configuration options (which come as default), however these can be overwritten so best to check by doing a GET on the resource URI. This doesn't prevent them from being exposed via other processes though, for instance a poorly coded 'download.php?path=/path/to/.htaccess' could still expose the file. Typically, its obviously better to store only a hash of a password rather than the pass in plain text, choosing the strongest algorithm you can; password security is of course relative though, a sha-512 of 'password1' is far from secure. A good way to approach encryption for files is to openssl_seal them using a public key which is only available to your application - this doesn't negate insecure code, but it at least ensures the raw files are encrypted securely enough to negate any of these worries. (just keep your private key safe, preferably in a pkcs12 w/a strong 64char+ pass) Best, Nathan Nathan: I keep in running in circles because I keep getting differing recommendations as to how to keep data secure. If you read Chris Shiflett's book on "Essential PHP Security" -- he says to keep everything in a database. This means keeping both encrypted data AND the keys for decryption in the database. I contacted Chris specifically and told him of what I was doing (all the steps) and he approved. However, he said the main weakness in all security practices is how one protects access to the database. So that is my quest. How can I protect the username and password for the database? Keep in mind that my scripts must also be able to read and use them in accessing the database. So they must be accessible to scripts. I figure using SetEnv to set the user and password in a .htaccess file is about as secure as I can make it, but now you say even that could be exposed. So specifically, how would you hide the username and password for access to a database WITHOUT using an "out of root" solution? Please be specific. Hi Tedd, Firstly, advising to keep the keys to your car in the ignition at all times is pretty bad advise - I'll let you relate that to Chris's advice yourself :-) If your stuck in an environment where third parties have access to the files on the file system and you need to put your username/password (real keys to the data) on that filesystem, then I have to point out that no file extension is more secure than another, there's no difference between doing `cat .htaccess` and `cat config.php` you'll still see the output - there's is a measure of difference however between putting it in a web source-viewable file and non-source-viewable file, but again your only a config setting away from being exposed to the world. Given the aforementioned and that the data is sensitive, I'd strongly recommend moving to a different hosting environment: - which is secure filesystem wise and only you have access to your files - where the db server (or data tier) is on a private lan (preventing the db server from public web attacks) - where access to the db server (or data tier) is via a secured connection [1] (encrypting data across the wire to prevent man in the middle attacks and packet inspection) In addition to application specific security measures such as encrypting all sensitive data *before* sending to the database and storing the encryption keys in a secure lockbox far away from the db or at least in a pcks12 password protected file outside of the web root. Now, to answer your specific question, specifically :p If available I would use ioncube or suchlike to encrypt the source of my PHP files (with the username pass in a php file as standard), and if I still didn't feel like that was secure enough then I would: create an pcks12 wrapped x509 certificate for my application: http://pastebin.com/THW00RHt (fill in lines 34+36 stick on web server, view in browser cert will dl) Then I'd store the produced certificate.p12 on the file system (preferably outside of web root, or with access restricted by .htaccess config) I'd then create a crypto class which provided methods to seal and open (encrypt/decrypt) data using the keys from the x509 certificate, and which could read the .p12 wrapped x509, like this: http://pastebin.com/4FSx1XDa I'd then instantiate the crypto class in my application as such: $crypto = ApplicationCrypto::instantiate( file_get_contents('certificate.p12'), 'PASSWORD-FOR-PKCS-HERE' ); Then I'd load my database settings in to an object, serialize it, encrypt the serialization and save it to a file on the filesystem as such: $dbSettings = (object)array( 'username' => 'dbuser', 'password' => 'dbpass', 'host' => 'dbhost', 'database' => 'dbname' ); $sealed = $crypto->
Re: [PHP] Re: How safe is a .htaccess file?
Hello Nathan, Sorry, could you provide any links to read for a security noob?) Actually, I know that the md5 is decryptable (there are bases with words encrypted in md5), but I thought the SHA1 was secure... -- With best regards from Ukraine, Andre Skype: Francophile Twitter: http://twitter.com/m_elensule Facebook: http://facebook.com/menelion - Original message - From: Nathan Rixham To: tedd Date: Thursday, August 19, 2010, 12:03:12 PM Subject: [PHP] Re: How safe is a .htaccess file? tedd wrote: > Hi gang: > > The subject line says it all. > > How secure is a .htaccess file to store passwords and other sensitive > stuff? > > Can a .htaccess file be viewed remotely? Semi-safe, .htaccess is prevented from being served by configuration options (which come as default), however these can be overwritten so best to check by doing a GET on the resource URI. This doesn't prevent them from being exposed via other processes though, for instance a poorly coded 'download.php?path=/path/to/.htaccess' could still expose the file. Typically, its obviously better to store only a hash of a password rather than the pass in plain text, choosing the strongest algorithm you can; password security is of course relative though, a sha-512 of 'password1' is far from secure. A good way to approach encryption for files is to openssl_seal them using a public key which is only available to your application - this doesn't negate insecure code, but it at least ensures the raw files are encrypted securely enough to negate any of these worries. (just keep your private key safe, preferably in a pkcs12 w/a strong 64char+ pass) Best, Nathan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: How safe is a .htaccess file?
tedd wrote: Hi gang: The subject line says it all. How secure is a .htaccess file to store passwords and other sensitive stuff? Can a .htaccess file be viewed remotely? Semi-safe, .htaccess is prevented from being served by configuration options (which come as default), however these can be overwritten so best to check by doing a GET on the resource URI. This doesn't prevent them from being exposed via other processes though, for instance a poorly coded 'download.php?path=/path/to/.htaccess' could still expose the file. Typically, its obviously better to store only a hash of a password rather than the pass in plain text, choosing the strongest algorithm you can; password security is of course relative though, a sha-512 of 'password1' is far from secure. A good way to approach encryption for files is to openssl_seal them using a public key which is only available to your application - this doesn't negate insecure code, but it at least ensures the raw files are encrypted securely enough to negate any of these worries. (just keep your private key safe, preferably in a pkcs12 w/a strong 64char+ pass) Best, Nathan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php