[wp-trac] [WordPress Trac] #55536: Make sure wp_generate_password() never generates a string containing 0x to prevent blocking from mod_security

WordPress Trac noreply at wordpress.org
Fri Apr 8 12:02:02 UTC 2022


#55536: Make sure wp_generate_password() never generates a string containing 0x to
prevent blocking from mod_security
--------------------------+------------------------------
 Reporter:  ReneHermi     |       Owner:  (none)
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Security      |     Version:
 Severity:  normal        |  Resolution:  invalid
 Keywords:                |     Focuses:
--------------------------+------------------------------

Comment (by ReneHermi):

 I am not able to break the login even with this particular password
 combination which is good but can reproduce and cause always a "fatal
 error" on the client website by adding a URL with this character
 combination into the URL bar:

 https://example.com/?test=0xa4detc
 while changing the 0x to something different always returns the site
 properly:
 https://example.com/?test=1xa4detc

 The fatal error is 418 which indicates it has been generated by
 mod_security:
 [[Image(https://d1ro8r1rbfn3jf.cloudfront.net/ms_70361/lcPLMfZVIjBuMHd8oA9K7kxaLn8GWy/Monosnap%2BFile%2B-%2BGoogle%2BChrome%2B2022-04-08%2B13.48.10.png?Expires=1649419200&Signature=Ha8Xfgp2pMNF7J9Oe4z7H7kyTNZtbdyOaDGdfBNS2Irv8Pzx~AmaxcPMsF0jDJIn1zRePV4DWejs9bo5ehqoq2jzqjzKMe2PoAa
 ~BdRYPcW3GKwPpdO-GJpJ-12ZkoNNZ-o3FHCN2ZI6lv1sVhCy-
 yFOkRv4KMjr0lOP0JCW8bfkgIvWcmUmihNUaGaq7BZGG2DIg3B63JX9
 -~eGJLJfNNBXHBZjkZ51r9eRdiQeZf4s78oBO6fwyftTalmuQ1kEtAhxq7XO-
 sJnAMYUj76Q5-Zr07E00q7ynegApnwGo5ZzVlsNgkQ2igmdwRHrvCWgmCtIPhSz7Ga8YGF7QEKr5g__
 &Key-Pair-Id=APKAJBCGYQYURKHBGCOA)]]

 I could imagine that this behavior could lead to further implications,
 (even though its very specific), maybe with the REST API and other public
 endpoints so could be worth watching this more closely whenever a server
 responds with something unexpected.

 If you want me to test something more, just let me know.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/55536#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list