SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    Non-Member
    Join Date
    Oct 2007
    Location
    United Kingdom
    Posts
    623
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    Exclamation Discussion - The PHP Session ID is Vulnrable to Brute Force Attack

    Hello,

    I'm just getting back into PHP since I left it 3 years ago, and while going over sessions again, I noticed that the session key is only 32 bits long. This seems to leave websites susceptible to brute force attacks where the session id can be guessed by a cracker. Using the following equation highlights the apparent problem:

    ((2^NumberOfBits)+1)/(2*NumberOfGuessesPerSecond*NumberOfActiveSessionsAtOneTime) = expected number of seconds required to guess a valid session identifier
    As defined here: https://www.owasp.org/index.php/Insu...sion-ID_Length

    Active Sessions Seconds to guess with 1000 guesses per second Represented in Hours in Days in Weeks in Months in Years
    1 2147483.6 35791.4 1491.3 213.0 53.3 4.4
    2 1073741.8 17895.7 745.7 106.5 26.6 2.2
    4 536870.9 8947.8 372.8 53.3 13.3 1.1
    8 268435.5 4473.9 186.4 26.6 6.7 0.6
    16 134217.7 2237.0 93.2 13.3 3.3 0.3
    32 67108.9 1118.5 46.6 6.7 1.7 0.1
    64 33554.4 559.2 23.3 3.3 0.8 0.1
    128 16777.2 279.6 11.7 1.7 0.4 0.0
    256 8388.6 139.8 5.8 0.8 0.2 0.0
    512 4194.3 69.9 2.9 0.4 0.1 0.0
    1024 2097.2 35.0 1.5 0.2 0.1 0.0
    2048 1048.6 17.5 0.7 0.1 0.0 0.0
    4096 524.3 8.7 0.4 0.1 0.0 0.0
    8192 262.1 4.4 0.2 0.0 0.0 0.0
    16384 131.1 2.2 0.1 0.0 0.0 0.0
    32768 65.5 1.1 0.0 0.0 0.0 0.0
    65536 32.8 0.5 0.0 0.0 0.0 0.0
    131072 16.4 0.3 0.0 0.0 0.0 0.0
    262144 8.2 0.1 0.0 0.0 0.0 0.0
    524288 4.1 0.1 0.0 0.0 0.0 0.0
    1048576 2.0 0.0 0.0 0.0 0.0 0.0
    2097152 1.0 0.0 0.0 0.0 0.0 0.0

    I'm guessing the security community are already well aware of this, as a result, is there an easy fix other than not using native PHP sessions?

    I'm interested to see what people think about this.

    Thanks,
    ro0bear

  2. #2
    Non-Member
    Join Date
    Oct 2007
    Location
    United Kingdom
    Posts
    623
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Just realised, the forum where I read that it was 32 bits long was wrong, he meant 32 bytes long, or 128 bits.

  3. #3
    Non-Member
    Join Date
    Oct 2007
    Location
    United Kingdom
    Posts
    623
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    The same table as in the original post except using 128 bits instead of 32 and ignoring seconds, days, weeks, and months is the following:

    Active Sessions Years to guess with 1000 guesses per second
    1 351647617932517000000000000000.0
    2 175823808966259000000000000000.0
    4 87911904483129400000000000000.0
    8 43955952241564700000000000000.0
    16 21977976120782300000000000000.0
    32 10988988060391200000000000000.0
    64 5494494030195580000000000000.0
    128 2747247015097790000000000000.0
    256 1373623507548900000000000000.0
    512 686811753774448000000000000.0
    1024 343405876887224000000000000.0
    2048 171702938443612000000000000.0
    4096 85851469221806000000000000.0
    8192 42925734610903000000000000.0
    16384 21462867305451500000000000.0
    32768 10731433652725800000000000.0
    65536 5365716826362880000000000.0
    131072 2682858413181440000000000.0
    262144 1341429206590720000000000.0
    524288 670714603295359000000000.0
    1048576 335357301647680000000000.0
    2097152 167678650823840000000000.0
    Much safer!

  4. #4
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Here are some settings from php.ini that will help make the Session ID a lot stronger: (Entropy length and file are the most important, depending on the system they will use a CSPRNG)
    Code:
    ; How many bytes to read from the file.
    ; http://php.net/session.entropy-length
    session.entropy_length = 1024
    
    
    ; Specified here to create the session id.
    ; http://php.net/session.entropy-file
    ; Defaults to /dev/urandom
    ; On systems that don't have /dev/urandom but do have /dev/arandom,
    ; this will default to /dev/arandom
    ; If neither are found at compile time, the default is no entropy file.
    ; On windows, setting the entropy_length setting will activate the
    ; Windows random source (using the CryptoAPI)
    session.entropy_file = /dev/urandom
    
    ; Select a hash function for use in generating session ids.
    ; Possible Values
    ;   0  (MD5 128 bits)
    ;   1  (SHA-1 160 bits)
    ; This option may also be set to the name of any hash function supported by
    ; the hash extension. A list of available hashes is returned by the hash_algos()
    ; function.
    ; http://php.net/session.hash-function
    session.hash_function = 1 ; or sha256 sha512 etc
    
    
    ; Define how many bits are stored in each character when converting
    ; the binary hash data to something readable.
    ; Possible values:
    ;   4  (4 bits: 0-9, a-f)
    ;   5  (5 bits: 0-9, a-v)
    ;   6  (6 bits: 0-9, a-z, A-Z, "-", ",")
    ; Default Value: 4
    ; Development Value: 5
    ; Production Value: 5
    ; http://php.net/session.hash-bits-per-character
    session.hash_bits_per_character = 6
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.


  5. #5
    Non-Member
    Join Date
    Oct 2007
    Location
    United Kingdom
    Posts
    623
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by logic_earth View Post
    Here are some settings from php.ini that will help make the Session ID a lot stronger: (Entropy length and file are the most important, depending on the system they will use a CSPRNG)
    Code:
    ; How many bytes to read from the file.
    ; http://php.net/session.entropy-length
    session.entropy_length = 1024
    
    
    ; Specified here to create the session id.
    ; http://php.net/session.entropy-file
    ; Defaults to /dev/urandom
    ; On systems that don't have /dev/urandom but do have /dev/arandom,
    ; this will default to /dev/arandom
    ; If neither are found at compile time, the default is no entropy file.
    ; On windows, setting the entropy_length setting will activate the
    ; Windows random source (using the CryptoAPI)
    session.entropy_file = /dev/urandom
    
    ; Select a hash function for use in generating session ids.
    ; Possible Values
    ;   0  (MD5 128 bits)
    ;   1  (SHA-1 160 bits)
    ; This option may also be set to the name of any hash function supported by
    ; the hash extension. A list of available hashes is returned by the hash_algos()
    ; function.
    ; http://php.net/session.hash-function
    session.hash_function = 1 ; or sha256 sha512 etc
    
    
    ; Define how many bits are stored in each character when converting
    ; the binary hash data to something readable.
    ; Possible values:
    ;   4  (4 bits: 0-9, a-f)
    ;   5  (5 bits: 0-9, a-v)
    ;   6  (6 bits: 0-9, a-z, A-Z, "-", ",")
    ; Default Value: 4
    ; Development Value: 5
    ; Production Value: 5
    ; http://php.net/session.hash-bits-per-character
    session.hash_bits_per_character = 6


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •