PHP Snippet #08
This challenge covers the review of a snippet of code written in PHP
The Code Review Snippet challenge in PentesterLab provides a small snippet of PHP code with a vulnerability. This particular lab involves a function that signs data using hash_hmac with SHA-256. The code checks if a provided data parameter and its corresponding signature match using a strict comparison.
The vulnerability arises because hash_hmac returns NULL when the input data is an array. An attacker can exploit this by passing an array as the data parameter and omitting the signature parameter, leading to a NULL === NULL comparison. This bypasses the signature verification, allowing unauthorized access. A more secure approach would be to use a constant-time comparison function to prevent brute-force attacks on the signature.