| Affected plugin | miniOrange |
| Active installs | 20,000+ |
| Vulnerable version | <= 5.5.82 |
| Audited version | 5.5.82 |
| Fully patched version | – |
| Recommended remediation | Removal of the plugin |
Description
The plugin uses a non-randomly-generated, eight-character string as OpenSSL encryption keys.
Proof of concept
The plugin uses OpenSSL to encrypt users’ TOTP secret keys in the database.
function mo_GAuth_set_secret($user_id,$secret){
global $Mo2fdbQueries;
$key=$this->random_str(8);
update_user_meta( $user_id, 'mo2f_get_auth_rnd_string', $key);
// EDITOR: $key is ultimately passed into openssl_encrpyt.
$secret=mo2f_GAuth_AESEncryption::encrypt_data_ga($secret,$key);
update_user_meta( $user_id, 'mo2f_gauth_key', $secret);
}The implementation of “random_str” uses PHP’s “rand” function, which is unacceptable in any cryptographic context.
function random_str($length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
{
$randomString = '';
$charactersLength = strlen($keyspace);
for ($i = 0; $i < $length; $i++) {
$randomString .= $keyspace[rand(0, $charactersLength - 1)];
}
return $randomString;
}Caution
https://www.php.net/manual/en/function.rand.php
This function does not generate cryptographically secure values, and should not be used for cryptographic purposes. If you need a cryptographically secure value, consider using random_int(), random_bytes(), or openssl_random_pseudo_bytes() instead.
Proposed patch
Use PHP’s random_int() function instead of rand to generate a “truly” random integer.
Timeline
| Vendor contacted | September 12, 2022 |
| First Response | September 16, 2022 |
| Fully patched at | – |
| Publicly disclosed | April 24, 2023 |
Leave a Reply