PHP session.hash_function is SHA

By
Nash N Sulthan
Published on
02 Jul 2018
1 min read
Vulnerability

The SHA-1 is a cryptographic hash function which input data and produces a 160-bit hash value/message digest. In 2005, SHA-1 was not considered as secure again expert attacks. Due to this reason, the SHA-1 function was considered as not secured. The SHA-1 was then replaced by SHA-2 and SHA-3. An attacker can perform collision attacks on SHA-1 function. There are many servers that use the SHA-1 algorithm for encrypting session hash function. The attacker can easily crack these hash value using real-world collision attacks. Many of the latest web browsers like Chrome, Firefox, Safari and many more browsers have blocked the sue SHA-1 for encryption. A collision attack is a hash function bug through which, there will be two inputs might have the same hash value. The attacker can utilise this bug to get sensitive information about the server.

Example

The following code is an example of SHA function.

        SHA1("The quick brown fox jumps over the lazy dog")
        gives hexadecimal: 2fd4e1c67a2d28fced849ee1bb76e7391b93eb12
        gives Base64 binary to ASCII text encoding: L9ThxnotKPzthJ7hu3bnORuT6xI=

    

Impact

The impact include:-

  • Collision attacks - This attack tries to find two input values with same hash value.

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Use Slow Password Hash such as BCrypt, PBKDF2, SCrypt etc
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Nash N Sulthan
Nash N Sulthan
Cyber Security Lead Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.