PHP Hash Comparison Weakness A Threat To Websites, Researcher Says

Flaw could allow attackers to compromise user accounts, WhiteHat Security's Robert Hansen -- aka "RSnake" -- says in new finding on 'Magic Hash' vulnerability.

A weakness in the manner in which PHP handles hashed strings in certain situations gives attackers an opportunity to try and compromise authentication systems, passwords, and other functions involving hash comparisons in PHP, a researcher from WhiteHat Security says.

Robert Hansen, vice president of WhiteHat, describes the issue as one that affects any website that uses two specific types of operators for comparing hashes in PHP.

The issue mostly affects authentication, but it could also effect "forgot password" flows, nonces, binary checking, cookies, and passwords, among other things, Hansen, aka RSnake, told Dark Reading. "It totally depends on the website, and how it's constructed."

The problem exists in the manner in which PHP handles hashed strings when either the double equal (==) or "!=" operators are used to compare them. When either of these two operators is used for comparing hashes, PHP interprets any hashed value beginning with ‘0e’ as having the value 0.

So if two different passwords are hashed and both their hashed values begin with ‘0e’ followed by numerals, PHP will interpret both as having the value 0. Even though the hash values for both passwords are completely different, PHP would treat them both as the number zero if both begin with 0e and when either ‘==’ or ‘!=’ are used.

“Think of "0e..." as being the scientific notation for "0 to the power of some value" and that is always "0", Hansen noted in a blog post Friday. “PHP interprets the string as an Integer.”

The implications are huge because it gives attackers a way to try and compromise user accounts by entering a string that when hashed gets equated to zero by PHP. If a password in the database is represented the same way, the attacker will get access to the account, Hansen said.

The problem itself has been known for at least a year, Hansen said. But what hasn’t been available are examples of hash types that when hashed begin with the ‘0e’ format that ends up getting equated to zero, he said.

In a blog, Hansen listed several "magic" numbers that he found could be used as passwords, which when hashed, end up being treated as 0 by PHP.

When such hashes are compared against the hashes of actual password, values that are also treated as 0 by PHP they end up getting evaluated as being equivalent, or true. In such cases attackers will be able to log into the account without the valid password, he said.

To find the strings, Hansen iterated over 1 billion hashed integers of different hash types like MD5 and SHA1. Though the technique was inefficient it was reasonably effective at finding strings that triggered the weakness for most hash algorithms with a length of 32 characters or less, Hansen said in his blog.

Hansen said he estimated the chances of a 32-character hash triggering the issue was somewhere in the range of 1 in 200 million. While that might seem like an extremely low probability, it is often enough for attackers to want to try and trigger the flaw especially on a high volume website or one with a lot of credentials.

Addressing the problem is very simple, he said. Websites using PHP should analyze their code for hash comparisons in PHP using ‘==’ or ‘!= and change them to ‘===’ or ‘!==’ respectively, he said.

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

Recommended Reading: