From feb5cbc7f38da921485a8fd60ab201f679100bbb Mon Sep 17 00:00:00 2001 From: David Goodwin Date: Wed, 4 Aug 2021 16:56:37 +0100 Subject: [PATCH] see https://github.com/postfixadmin/postfixadmin/issues/523 - improve randomness when creating the PFA_token field; reported by @michaellrowley via huntr.dev. --- functions.inc.php | 3 ++- public/users/login.php | 3 +-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/functions.inc.php b/functions.inc.php index 7522762f..80cc134a 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -103,7 +103,8 @@ function init_session($username, $is_admin = false) { $_SESSION['sessid']['roles'] = array(); $_SESSION['sessid']['roles'][] = $is_admin ? 'admin' : 'user'; $_SESSION['sessid']['username'] = $username; - $_SESSION['PFA_token'] = md5(uniqid("", true)); + + $_SESSION['PFA_token'] = md5(random_bytes(8) . uniqid('pfa', true)); return $status; } diff --git a/public/users/login.php b/public/users/login.php index 4cb11067..4933b3dc 100644 --- a/public/users/login.php +++ b/public/users/login.php @@ -70,8 +70,7 @@ session_start(); if ($error) { flash_error($error); } - -$_SESSION['PFA_token'] = md5(uniqid('pfa' . rand(), true)); +$_SESSION['PFA_token'] = md5(random_bytes(8) . uniqid('pfa', true)); $smarty->assign('language_selector', language_selector(), false); $smarty->assign('smarty_template', 'login');