Logo
  • PHP
    • HipHop / HHVM
    • Modern PHP
    • PHPStorm
    • LAMP
    • Laravel
    • Composer
    • PDO
  • JavaScript
    • node.js
    • AngularJS
  • CSS
    • SASS
    • “CSS4” (CSS level 4)
  • HTML
  • Git
  • LAMP
  • Vagrant
  • UI / UX
  • Architecture of …
  • Off-Topic
With ♥ from Berlin
May 3, 2014
Chris
Login, Security
2

Serious hard-to-fix bug in OAuth and OpenID discovered, lots of major sites affected

PreviousNext

Just a short notice rather than a real article, full story later (I need to check the facts): Several sources are posting about a recently discovered hard-to-fix bug in the extremely popular open-source authentication libraries/services OAuth and OpenID, used by lots of AAA-level sites, from PayPal to Facebook.

 

Articles:
cnet – Serious security flaw in OAuth, OpenID discovered
lifehacker – Security Flaw Found in OAuth and OpenID, Here’s What It Means for You
(german) zdnet – Schwere Sicherheitslücke in OAuth und OpenID entdeckt


Huge info-page by Wang Jing, the guy who has discovered the bug:
http://tetraph.com/covert_redirect/oauth2_openid_covert_redirect.html


YouTube channel (of Wang Jing), showing reproduceable examples (on Facebook, LinkedIn and Google):
https://www.youtube.com/user/tetraph


Info video:

https://www.youtube.com/watch?v=HUE8VbbwUms


Reproduceable examples (taken from the above YouTube channel)

https://www.youtube.com/watch?v=iif6eq2cvso

https://www.youtube.com/watch?v=Y2-2Scp0pbs

https://www.youtube.com/watch?v=GyNGBuHNoJ0

 

This article was written quite a while ago (8 years), please keep this in mind when using the information written here. Links, code and commands might be outdated or broken.

Random articles

  • Need motivation ? Check out these 2 awesome “FORBES 30 under 30” lists (web, UI, games)Need motivation ? Check out these 2 awesome “FORBES 30 under 30” lists (web, UI, games)
  • Migrating Wikipedia to HHVM (@Scale Conference 2014)Migrating Wikipedia to HHVM (@Scale Conference 2014)
  • How to show memory usage (Ubuntu)How to show memory usage (Ubuntu)
  • Free $10 coupon for DigitalOcean SSD cloud VPS hostingFree $10 coupon for DigitalOcean SSD cloud VPS hosting
  • Which server OS version to choose ? Some EOL lists of Debian, Ubuntu and CentOSWhich server OS version to choose ? Some EOL lists of Debian, Ubuntu and CentOS
  • How blind people use websites (video with Sina Bahram, blind accessibility researcher)How blind people use websites (video with Sina Bahram, blind accessibility researcher)
  • An introduction into Atomic Design, a super-clean way to style web applicationsAn introduction into Atomic Design, a super-clean way to style web applications
  • Create a fast, perfect and bootable 1:1 Windows backup (full clone of HDD) for SSD migrationCreate a fast, perfect and bootable 1:1 Windows backup (full clone of HDD) for SSD migration
  • “Fuck you. Pay Me.” How to deal with clients, the professional way. An excellent talk with Mike Monteiro.“Fuck you. Pay Me.” How to deal with clients, the professional way. An excellent talk with Mike Monteiro.
Share this

2 Comments

  • slbmeh
    May 9, 2014 6:43 am

    I wouldn’t quite consider it a security issue or a bug. The standards OAuth puts in place performs a request based on a signature prepared by the application generating the URL. Any access being granted is to the application initially signing the request.

    It is indeed a phishing risk, and potentially a design flaw in the spec of the oauth standard. But it’s a simple fix. Add the redirect url to the hmac signature and if the request uri doesn’t match the redirect parameter then bail with a message notifying the user that the signature could not be verified.

    Reply
    • Chris
      May 9, 2014 11:47 am

      Thanks, good info in here! Btw I’ve written this before reading into the topic. Most good sources also say it’s not a bug, it’s simply bad implementation of the according companies / developers.

      Reply

Leave A Comment Cancel reply

angular js

Learn AngularJS in 20 (or 90) minutes with Dan Wahlin

Definitly two of the best and most up-to-date short-introductions into AngularJS: Dan Wahlin shows how to build a full little

php

PHP 5.7 gets refactored core, is 10%-30% faster than PHP 5.5! Wow!

What an announcement! The awesome PHP core guys have refactored the Zend Engine (which drives PHP) and could successfully speed

Migrating Wikipedia to HHVM (@Scale Conference 2014)

Awesome topic, superfresh, directly from Scale Conference 2014. The title says everthing. Full quote from video’s description: As a top

You made a mess with Git ? Here’s a flowchart guideline on how to fix

Extremely useful. Originally created by Justin Hileman in the presentation Changing History, or How to Git pretty. You’ll also find

(Links) How to fix an extremely slow Symfony inside a Vagrant box

When you work with Vagrant (if not – try it!) on a Windows or Mac machine (which is an excellent

css3-chrome-font

[Link] Retinafy your Site / Device by Nijiko Yonskai

A simple one-page Gist with all the information you need to make your sites retina-ready: Nijiko Yonskai – Retinafy your

nginx php 5.5

[Link] Set up Nginx with PHP 5.5 easily

As there are surprisingly no good tutorials on how to set up NGINX with PHP 5.5 properly, here’s an excellent

Soundcloud’s “VP of Engineering” about using SSDs

Excellent [german] statement from Alexander Grosse (Soundcloud’s Vice President of Engineering) about using SSDs for the main application (music data

mod-rewrite-ubuntu-14-04-lts

EOL lists of Ubuntu, Debian and CentOS for your server plannings

Chosing the right server operating system will probably save your life and avoid a lot of stress with your clients.

What’s new in PHPStorm 9

PHPStorm 9 has just been released a few days ago, and as a PHP developer you should definitly give it

1/4

Categories

Search

GitHub finally introduces repo traffic stats
JavaScript ECMAScript6 – A short video introduction (5min)
phpstorm 7.0 php
How to install GitHub’s, NetBeans’s and Sublime2’s syntax highlighting code colours theme in PHPStorm 6/7
sass laravel
Extremely easy SASS in Laravel (with pure PHP)
shadow dom
Crossbrowser-safe HTML5 video (IE6+) with a few lines of code and just one .mp4 video file
Frontend Ops Conf 2014 – Rebooting Flickr On A Node.js Stack, One Page At A Time (from PHP) by Bertrand Fan
october cms
[Link] How To Install October CMS on a VPS running Ubuntu 14.04
How Instagram.com works
How Snapchat wants to earn money (by establishing vertical videos)
php
PHP.net hacked, but most things are fine again
october cms
October CMS, built on top of Laravel, is beautiful, clever and on the way to be the new #1 CMS
frontend-workflow
[german] Modernes Frontend-Development mit Bower, Grunt, Yeoman (45min Video, Thorsten Rinne auf der IPC2013)
composer
Composer problems ? Try full reset !
hiphop php
[Link] How to set up HipHop, Nginx and Laravel in Ubuntu 12.04 LTS (in a Vagrant box)
How to setup a config-free WordPress, PHP and MySQL (for local development) in Windows 7 / 8 in under 3 minutes

Tags

apache bash centos composer conference coupon CSS debian fonts framework git GitHub hack HHVM HipHop HTML HTML5 IDE JavaScript JS LAMP laravel linux mod_rewrite MVC MySQL Nginx optimization PHP PHP 5.5 PHP 5.6 phpmyadmin PHPStorm security server SSD Ubuntu UI UX vagrant video virtual machine voucher VPS wordpress
Side-Project: Wordle-Solver:
www.wordle-helper.info

Pages

  • Privacy Policy
 
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT