Cryptographic Failure

this lab covers a lot of basic cwes like CWE-327, CWE-759, CWE-916, CWE-319, CWE-523

To better understand Cryptographic Failures, I will walk you through the Cryptographic Failures module in TryHackMe’s OWASP Top 10 room. In this scenario, we will analyze a vulnerable "Sense and Sensitivity" website.

View the source code of the login page.

The developer has left a comment revealing that the database is stored in the /assets directory.

Step 2: Navigate to /assets.

There is, in fact, a web application database (webapp.db) stored in the /assets directory. Databases stored as files are known as ‘flat-file’ databases.

Step 3: Inspect the database file.

Click on the file to download it.

Determine the file type.

file webapp.db

The database is a SQlite database

Dump the database

sqlite3 webapp.db

Dump the tables.

.tables

Dump users.

PRAGMA table_info(users);
SELECT * FROM users;

We now have access to usernames and password hashes. Following the order, the second column contains the usernames, and the third column contains the password hashes.

Username:admin 
Password Hash:6eea9b7ef19179a06954edd0f6c05ceb

Step 4: Crack the hash

Crack the hash using CrackStation.

The hash has been identified as an MD5 hash and successfully cracked to reveal the plaintext password ‘qwertyuiop’.

Navigate back to the login page and use the credentials.

Username: admin
Password: qwertyuiop

We now have admin access and can perform actions, including adding and deleting users.

Cryptographic flaws, including the use of weak algorithms such as MD5, coupled with data exposure, can result in the compromise of sensitive information and systems.

PreviousCryptographic Failures NextWeak Encoding for Password

Last updated 2 months ago

Step 1: Navigate through the login page.

Step 2: Navigate to /assets.

Step 3: Inspect the database file.

Step 4: Crack the hash

Step 5: Login with the derived credentials.