Skip to content

Security Cipher

Menu
  • Home
  • Blog
  • Services
  • About Us
  • Resources
    • Security Tools
    • Penetration Testing Tricks
    • Security Terminologies
    • Vulnerability Explain
    • Secure Code Explain
    • AWS Cloud Security Checklist
    • Web Application Security Quiz
  • My Resume
Contact Us

Penetration Testing Tricks

  • Subdomain Enumeration Tools
  • Graphql [Inprogress]
  • 2FA Bypass
  • Captcha Bypass

Vulnerability Explain

  • Cross-Site-Scripting (XSS)
  • SQL Injection
  • Server-Side Request Forgery (SSRF)

Security Resources

  • Search Engines for Hackers
  • Browser Extensions
  • Out-of-Band Exfiltration Tools
  • Wordlists
  • Input Sanitization Techniques for Secure Coding
  • HTTP Security Headers

Secure Code Explain

  • Insecure Password Storage
  • Host Header Injection
  • SQL Injection
  • Session Fixation
  • Home
  • Docs
  • Secure Code Explain
  • Insecure Password Storage

Insecure Password Storage

Here is an example of vulnerable code that is susceptible to an Insecure Password Storage Vulnerability :

🥺 Vulnerable Code #

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;

public class VulnerablePasswordStorage {
public static void main(String[] args) {
String username = "user123";
String plainPassword = "insecurePassword";

// Vulnerable: Storing plain text password in the database
storePasswordInsecurely(username, plainPassword);
}

public static void storePasswordInsecurely(String username, String password) {
try {
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/mydb", "username", "password");
String query = "INSERT INTO users (username, password) VALUES (?, ?)";
PreparedStatement pstmt = conn.prepareStatement(query);
pstmt.setString(1, username);
pstmt.setString(2, password); // Vulnerable: Storing plain text password

pstmt.executeUpdate();
pstmt.close();
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}

In the vulnerable code above, the plain text password is stored directly in the database, which is highly insecure. If an attacker gains access to the database, they can easily obtain the user’s passwords.

😎 Secure Code #

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.Base64;

public class SecurePasswordStorageWithSalt {
public static void main(String[] args) {
String username = "user123";
String plainPassword = "securePassword";

// Generate a random salt for the user
byte[] salt = generateSalt();

// Secure: Storing salted and hashed password in the database
storePasswordSecurely(username, salt, hashPassword(plainPassword, salt));
}

public static void storePasswordSecurely(String username, byte[] salt, String hashedPassword) {
try {
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/mydb", "username", "password");
String query = "INSERT INTO users (username, salt, password) VALUES (?, ?, ?)";
PreparedStatement pstmt = conn.prepareStatement(query);
pstmt.setString(1, username);
pstmt.setString(2, Base64.getEncoder().encodeToString(salt)); // Storing salt as a Base64 encoded string
pstmt.setString(3, hashedPassword); // Secure: Storing salted and hashed password

pstmt.executeUpdate();
pstmt.close();
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}

public static byte[] generateSalt() {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16]; 
random.nextBytes(salt);
return salt;
}

public static String hashPassword(String password, byte[] salt) {
try {
MessageDigest md = MessageDigest.getInstance("SHA-256");

// Combine the password and salt, then hash
md.update(salt);
byte[] hashedBytes = md.digest(password.getBytes());

// Convert bytes to hexadecimal representation
StringBuilder sb = new StringBuilder();
for (byte b : hashedBytes) {
sb.append(String.format("%02x", b));
}

return sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
return null;
}
}
}

In this Secure code, a random salt is generated for each user and stored alongside the hashed password in the database. When verifying a user’s login, you retrieve the salt from the database and use it to hash the provided password before comparing it to the stored hash. This combination of salting and hashing provides a strong defense against password attacks.

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
  • Pinterest

Leave a Reply Cancel reply

Table of Contents
  • 🥺 Vulnerable Code
  • 😎 Secure Code
logo name

Learn penetration Testing …

Instagram Twitter Youtube Telegram Linkedin

Useful Links

Blogs
About
Contact

Recent Post

  • Top Recon Tools for Bug Bounty Hunters
  • Mastering WordPress Penetration Testing: A Step-by-Step Guide
  • Enhance WordPress Security: Comprehensive Guide

Subscribe Now

Don’t miss our future updates! Get Subscribed Today!

Subscription Form

By entering your email, you agree to our terms & Conditions and Privacy policy.

©2023. Security Cipher. All Rights Reserved.

Privacy Policies
Terms & Conditions