PHP Snippet #08
Bookmarked!This challenge covers the review of a snippet of code written in PHP
The Code Review Snippet challenge in PentesterLab provides a small snippet of PHP code with a vulnerability. This particular lab involves a function that signs data using hash_hmac
with SHA-256. The code checks if a provided data parameter and its corresponding signature match using a strict comparison.
The vulnerability arises because hash_hmac
returns NULL
when the input data is an array. An attacker can exploit this by passing an array as the data parameter and omitting the signature parameter, leading to a NULL === NULL
comparison. This bypasses the signature verification, allowing unauthorized access. A more secure approach would be to use a constant-time comparison function to prevent brute-force attacks on the signature.