We've joined Protect AIJoin us over there for bounties up to $50,000+ for vulnerabilities in AI/ML repos

Use of a Broken or Risky Cryptographic Algorithm in livehelperchat/livehelperchat

Valid

Reported on

Oct 1st 2021

Description

livehelperchat uses cryptographically insecure functions (microtime, mt_rand() and even rand) to generate sensitive information.

Proof of Concept

None provided, see the PHP documentation that specifies the cryptographic insecurity of the above functions.

Impact

This vulnerability is capable of allowing an attacker to deduce previously-generated (and future) passwords.

Occurrences

$str = substr(md5($str . microtime() . rand(1, 10000000)), 0, $lenght);

for ($i = 0; $i<$lenght; $i++) {
    $str .= substr($allchar, mt_rand(0, 36), 1);
}

mt_srand(( double) microtime() * 1000000);
We have contacted a member of the livehelperchat team and are waiting to hear back 2 years ago
Remigijus Kiminas validated this vulnerability 2 years ago
Michael Rowley has been awarded the disclosure bounty
The fix bounty is now up for grabs
Remigijus Kiminas marked this as fixed with commit 1b101a 2 years ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation