ZeroBox Vulnerability Database

MyBB是一款流行的Web论坛程序。

MyBB的口令重置实现在生成口令重置令牌和随机口令时使用了弱随机数，如果Web服务器重新使用了PHP进程的话攻击者就可以破解口令入侵任意账号。

MyBB在多处使用了mt_srand()函数对随机数生成器提供种子：

    // Setup a unique posthash for attachment management
    if(!$mybb->input[‘posthash’] && $mybb->input[‘action’] != "editdraft")
    {
       mt_srand((double) microtime() * 1000000);
       $posthash = md5($mybb->user[‘uid’].mt_rand());
    }

这种方式所提供的随机数种子只有100万个不同的种子值；此外第一个生成的随机数还会以posthash的形式泄露给用户。由于用户知道了自己的uid，就可以通过暴力猜测100万种可能性找到种子。普通的桌面PC可在一秒钟内完成这种攻击。

由于随机数生成器的状态被同一PHP进程所处理的请求所共享，因此之后的口令重置就会使用攻击者已知的状态。

口令重置首先会创建发送给用户的随机口令重置令牌。如果使用了这个令牌，口令重置的第二步就会生成新的随机口令，这两个随机字符串都是由以下函数生成的：

     function random_str($length="8")
     {
        $set =array("a","A","b","B","c","C","d","D","e","E","f","F",
                    "g","G","h","H","i","I","j","J","k","K","l","L",
                    "m","M","n","N","o","O","p","P","q","Q","r","R",
                    "s","S","t","T","u","U","v","V","w","W","x","X",
                "y","Y","z","Z","1","2","3","4","5","6","7","8","9");
        $str = ”;

        for($i = 1; $i <= $length; ++$i)
        {
           $ch = mt_rand(0, count($set)-1);
           $str .= $set[$ch];
        }

        return $str;
     }

这段代码的问题是使用了mt_rand()生成随机字符串且mt_rand()随机数生成器的状态是攻击者已知的，因此可以预测出所生成的口令重置令牌和新的口令。

MyBB
—-
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：