From: Nathan Rixham on
tedd wrote:
>> tedd wrote:
>>> Hi gang:
>>>
>>> The subject line says it all.
>>>
>>> How secure is a .htaccess file to store passwords and other sensitive
>>> stuff?
>>>
>>> Can a .htaccess file be viewed remotely?
>>
>> Semi-safe,
>>
>> .htaccess is prevented from being served by configuration options
>> (which come as default), however these can be overwritten so best to
>> check by doing a GET on the resource URI.
>>
>> This doesn't prevent them from being exposed via other processes
>> though, for instance a poorly coded
>> 'download.php?path=/path/to/.htaccess' could still expose the file.
>>
>> Typically, its obviously better to store only a hash of a password
>> rather than the pass in plain text, choosing the strongest algorithm
>> you can; password security is of course relative though, a sha-512 of
>> 'password1' is far from secure.
>>
>> A good way to approach encryption for files is to openssl_seal them
>> using a public key which is only available to your application - this
>> doesn't negate insecure code, but it at least ensures the raw files
>> are encrypted securely enough to negate any of these worries. (just
>> keep your private key safe, preferably in a pkcs12 w/a strong 64char+
>> pass)
>>
>> Best,
>>
>> Nathan
>
> Nathan:
>
> I keep in running in circles because I keep getting differing
> recommendations as to how to keep data secure.
>
> If you read Chris Shiflett's book on "Essential PHP Security" -- he says
> to keep everything in a database. This means keeping both encrypted data
> AND the keys for decryption in the database.
>
> I contacted Chris specifically and told him of what I was doing (all the
> steps) and he approved. However, he said the main weakness in all
> security practices is how one protects access to the database.
>
> So that is my quest. How can I protect the username and password for the
> database? Keep in mind that my scripts must also be able to read and use
> them in accessing the database. So they must be accessible to scripts.
>
> I figure using SetEnv to set the user and password in a .htaccess file
> is about as secure as I can make it, but now you say even that could be
> exposed.
>
> So specifically, how would you hide the username and password for access
> to a database WITHOUT using an "out of root" solution? Please be specific.

Hi Tedd,

Firstly, advising to keep the keys to your car in the ignition at all
times is pretty bad advise - I'll let you relate that to Chris's advice
yourself :-)

If your stuck in an environment where third parties have access to the
files on the file system and you need to put your username/password
(real keys to the data) on that filesystem, then I have to point out
that no file extension is more secure than another, there's no
difference between doing `cat .htaccess` and `cat config.php` you'll
still see the output - there's is a measure of difference however
between putting it in a web source-viewable file and non-source-viewable
file, but again your only a config setting away from being exposed to
the world.

Given the aforementioned and that the data is sensitive, I'd strongly
recommend moving to a different hosting environment:
- which is secure filesystem wise and only you have access to your files
- where the db server (or data tier) is on a private lan (preventing the
db server from public web attacks)
- where access to the db server (or data tier) is via a secured
connection [1] (encrypting data across the wire to prevent man in the
middle attacks and packet inspection)

In addition to application specific security measures such as encrypting
all sensitive data *before* sending to the database and storing the
encryption keys in a secure lockbox far away from the db or at least in
a pcks12 password protected file outside of the web root.

Now, to answer your specific question, specifically :p

If available I would use ioncube or suchlike to encrypt the source of my
PHP files (with the username pass in a php file as standard), and if I
still didn't feel like that was secure enough then I would:

create an pcks12 wrapped x509 certificate for my application:
http://pastebin.com/THW00RHt
(fill in lines 34+36 stick on web server, view in browser cert will dl)

Then I'd store the produced certificate.p12 on the file system
(preferably outside of web root, or with access restricted by .htaccess
config)

I'd then create a crypto class which provided methods to seal and open
(encrypt/decrypt) data using the keys from the x509 certificate, and
which could read the .p12 wrapped x509, like this:
http://pastebin.com/4FSx1XDa

I'd then instantiate the crypto class in my application as such:

$crypto = ApplicationCrypto::instantiate(
file_get_contents('certificate.p12'),
'PASSWORD-FOR-PKCS-HERE'
);

Then I'd load my database settings in to an object, serialize it,
encrypt the serialization and save it to a file on the filesystem as such:

$dbSettings = (object)array(
'username' => 'dbuser',
'password' => 'dbpass',
'host' => 'dbhost',
'database' => 'dbname'
);

$sealed = $crypto->seal(
json_encode( $dbSettings )
);

file_put_contents( 'dbconfig.x' , json_encode($sealed) );

Then to get the database settings back and use them I'd do the following:

$crypto = ApplicationCrypto::instantiate(
file_get_contents('certificate.p12'),
'PASSWORD-FOR-PKCS-HERE'
);

$sealed = json_decode( file_get_contents('dbconfig.x') );

$dbSettings = json_decode(
$crypto->open( $sealed->sealed , $sealed->key )
);

Further steps are possible, such as storing $sealed->key in a different
file or file system (as it's double key encryption, both the private key
from the certificate and a unique per item key is used).

But honestly, that's what I'd do - as a side note, generally the code
sealed information is encrypted strongly enough to be made public since
you need both keys, the decryption process, and the certificate wrapped
in a password protected p12 to turn it back in to anything readable.

Hope that helps a little,

Best,

Nathan

[1] http://dev.mysql.com/doc/refman/5.1/en/secure-connections.html
From: "Jan G.B." on
2010/8/19 Andre Polykanine <andre(a)oire.org>:
> Hello Nathan,
>
> Sorry, could you provide any links to read for a security noob?)
> Actually, I know that the md5 is decryptable (there are bases with
> words encrypted in md5), but I thought the SHA1 was secure...
> --
> With best regards from Ukraine,
> Andre
> ----- Original message -----
> From: Nathan Rixham <nrixham(a)gmail.com>
> To: tedd <tedd(a)sperling.com>
> Date: Thursday, August 19, 2010, 12:03:12 PM
> Subject: [PHP] Re: How safe is a .htaccess file?
>
> tedd wrote:
>> Hi gang:
>>
>> The subject line says it all.
>>
>> How secure is a .htaccess file to store passwords and other sensitive
>> stuff?
>>
>> Can a .htaccess file be viewed remotely?
>
> Semi-safe,
>
> .htaccess is prevented from being served by configuration options (which
> come as default), however these can be overwritten so best to check by
> doing a GET on the resource URI.
>
> This doesn't prevent them from being exposed via other processes though,
> for instance a poorly coded 'download.php?path=/path/to/.htaccess' could
> still expose the file.
>
> Typically, its obviously better to store only a hash of a password
> rather than the pass in plain text, choosing the strongest algorithm you
> can; password security is of course relative though, a sha-512 of
> 'password1' is far from secure.
>
> A good way to approach encryption for files is to openssl_seal them
> using a public key which is only available to your application - this
> doesn't negate insecure code, but it at least ensures the raw files are
> encrypted securely enough to negate any of these worries. (just keep
> your private key safe, preferably in a pkcs12 w/a strong 64char+ pass)
>
> Best,
>
> Nathan
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Hi Nathan,

I'm not a crypto expert.. but I'll try to explain it:

The weakness of MD5 is mainly because MD5 collisions are possible.
That means, that different strings can have the same MD5-hash...

When you use "test" as a secret password, then no hashing algorythm at
can be considered as "safe". The first two passwords a cracker will
try might be "1234" and "test".. No big deal.

Databases of MD5-hashes exists. And so can exist Databases of SHA-*
hashes. To get around these databases you can just "salt" your hash..
that way the Hash of the word "test" will not be the same as the hash
in the database without *your* salt. No matter if you use MD5 or
SHA256

$ echo -ne test | md5sum
098f6bcd4621d373cade4e832627b4f6 -
$ echo -ne test-mySecretSalt | md5sum
c62fb41567c476e36ba46e5b53ae6d59 -

Only the first string will be available in a hash-database.

So you see - as long as a cracker only get's your salted hashes
WITHOUT the used salt, it's pretty safe.. as long as you don't think
about ignore collisions!



Back to topic:
- as mentioned before the biggest risk in authentication via .ht*
files is that one can try to get these files via a bug in an
application.. (e.g. ?read_file=.htaccess%00)
- that's why you don't want to use plain text-passwords in .htaccess
files. most used is the htdigest algorythm. Be sure to use a STRONG
password: long string with letter, numbers and more chars.
- if you're curious, get a copy of "John the Ripper password cracker"
and try to decode your passwords.. that's what the bad guys use once
they get your .htaccess file.


Regards



Regards
From: "Brad Broerman" on
One thing I would do, and I have done this in many of my applications:

a) Store the username / password in a database.
b) Encrypt passwords (with a salt) with AES-256 using a key stored in a
file OUTSIDE the document path.
c) Add code to the beginning of the included file to ensure it is only
executed by approved files.

<?php

if( 0 == preg_match( "/maplerunfarm-secure\/admin.php/",
$_SERVER["SCRIPT_FILENAME"] ) )
{
exit("Error: invalid inclusion of file. Please contact your system
administrator");
}


$CONST_SECURE_KEY = "DKTAZ+2EFaSHexdE0hbKJKiO/mQeF1hd";

?>

-----Original Message-----
From: Jan G.B. [mailto:ro0ot.w00t(a)googlemail.com]
Sent: Tuesday, August 24, 2010 9:09 AM
To: Andre Polykanine
Cc: Nathan Rixham; tedd; php-general(a)lists.php.net
Subject: Re: [PHP] Re: How safe is a .htaccess file?

2010/8/19 Andre Polykanine <andre(a)oire.org>:
> Hello Nathan,
>
> Sorry, could you provide any links to read for a security noob?)
> Actually, I know that the md5 is decryptable (there are bases with
> words encrypted in md5), but I thought the SHA1 was secure...
> --
> With best regards from Ukraine,
> Andre
> ----- Original message -----
> From: Nathan Rixham <nrixham(a)gmail.com>
> To: tedd <tedd(a)sperling.com>
> Date: Thursday, August 19, 2010, 12:03:12 PM
> Subject: [PHP] Re: How safe is a .htaccess file?
>
> tedd wrote:
>> Hi gang:
>>
>> The subject line says it all.
>>
>> How secure is a .htaccess file to store passwords and other sensitive
>> stuff?
>>
>> Can a .htaccess file be viewed remotely?
>
> Semi-safe,
>
> .htaccess is prevented from being served by configuration options (which
> come as default), however these can be overwritten so best to check by
> doing a GET on the resource URI.
>
> This doesn't prevent them from being exposed via other processes though,
> for instance a poorly coded 'download.php?path=/path/to/.htaccess' could
> still expose the file.
>
> Typically, its obviously better to store only a hash of a password
> rather than the pass in plain text, choosing the strongest algorithm you
> can; password security is of course relative though, a sha-512 of
> 'password1' is far from secure.
>
> A good way to approach encryption for files is to openssl_seal them
> using a public key which is only available to your application - this
> doesn't negate insecure code, but it at least ensures the raw files are
> encrypted securely enough to negate any of these worries. (just keep
> your private key safe, preferably in a pkcs12 w/a strong 64char+ pass)
>
> Best,
>
> Nathan
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Hi Nathan,

I'm not a crypto expert.. but I'll try to explain it:

The weakness of MD5 is mainly because MD5 collisions are possible.
That means, that different strings can have the same MD5-hash...

When you use "test" as a secret password, then no hashing algorythm at
can be considered as "safe". The first two passwords a cracker will
try might be "1234" and "test".. No big deal.

Databases of MD5-hashes exists. And so can exist Databases of SHA-*
hashes. To get around these databases you can just "salt" your hash..
that way the Hash of the word "test" will not be the same as the hash
in the database without *your* salt. No matter if you use MD5 or
SHA256

$ echo -ne test | md5sum
098f6bcd4621d373cade4e832627b4f6 -
$ echo -ne test-mySecretSalt | md5sum
c62fb41567c476e36ba46e5b53ae6d59 -

Only the first string will be available in a hash-database.

So you see - as long as a cracker only get's your salted hashes
WITHOUT the used salt, it's pretty safe.. as long as you don't think
about ignore collisions!



Back to topic:
- as mentioned before the biggest risk in authentication via .ht*
files is that one can try to get these files via a bug in an
application.. (e.g. ?read_file=.htaccess%00)
- that's why you don't want to use plain text-passwords in .htaccess
files. most used is the htdigest algorythm. Be sure to use a STRONG
password: long string with letter, numbers and more chars.
- if you're curious, get a copy of "John the Ripper password cracker"
and try to decode your passwords.. that's what the bad guys use once
they get your .htaccess file.


Regards



Regards

From: Peter Lind on
On 24 August 2010 15:43, Gary <php-general(a)garydjones.name> wrote:
> Jan G.B. wrote:
>
>> The weakness of MD5 is mainly because MD5 collisions are possible.
>> That means, that different strings can have the same MD5-hash...
>
> http://en.wikipedia.org/wiki/MD5#cite_note-1

It's worth noting that that essentially does not touch upon whether or
not MD5 can be considered safe or not as a means to store password
information. The researchers have discovered ways of crafting inputs
to easily find colliding hashes - they have not discovered any easy
means to craft an input that will collide with a given hash.

Regards
Peter

--
<hype>
WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
BeWelcome/Couchsurfing: Fake51
Twitter: http://twitter.com/kafe15
</hype>
From: "Bob McConnell" on
From: Peter Lind

> On 24 August 2010 15:43, Gary <php-general(a)garydjones.name> wrote:
>> Jan G.B. wrote:
>>
>>> The weakness of MD5 is mainly because MD5 collisions are possible.
>>> That means, that different strings can have the same MD5-hash...
>>
>> http://en.wikipedia.org/wiki/MD5#cite_note-1
>
> It's worth noting that that essentially does not touch upon whether or
> not MD5 can be considered safe or not as a means to store password
> information. The researchers have discovered ways of crafting inputs
> to easily find colliding hashes - they have not discovered any easy
> means to craft an input that will collide with a given hash.

That's a simple matter of brute force, which can be done once and saved
for instant use later. However, putting a salt into your algorithm
pretty much eliminates the chances of success using that attack.

Bob McConnell