Greetings fellows
I have a doubt with a md5 function. I know that the function is insecure and is not recomended. So the issue here is that they use for generate a token with date and they use rand that is not secure too and that is another finding
$token = md5(date('Y-m-d H:i:s') . mt_rand());
they also use this function to generate qr-id like this:
“idqr” => md5($user->ID)
Is any of these usages of the PHP functions md5 and mt_rand a vulnerability?
thanks your help is always very useful
I would mark the $token generation as a vulnerability, and not the userID hashing.
My thesis lies on the fact MD5 is now considered insecure due to collision issues (i.e. there are X and Y, with X != Y, for which MD5(X) = MD5(Y).), and a token might be more sensitive to a collision than an userID. What is the token used for?
ok the token is vulnerable. but is generated with a rand function which also is insecure. So therefore the question is being solved as insecure token generation. Due the context