Galactic Internal app login issue #1
Description
Hi,
I am doing the last one blackbox challenge. I found that it is impossible to log in the Galactic_internal app.
the DB initial script is inserting admin user data with is_hashed true, but the inserted password is not hashed.
$conn->exec(" INSERT INTO users (username, password, is_hashed) VALUES ('admin', 'notvalid-todo', 1); ");
and then, in login validation, if the password with is_hashed: true. the login flow will go to this:
if ($row['is_hashed']) { // Calculate the SHA1 hash in PHP and compare $hashed_password = sha1($password); if ($hashed_password == $row['password']) { $_SESSION['loggedin'] = true; header("Location: calculator.php"); exit(); } else { $error = "Invalid credentials."; }
it will hash the password that user entered and then compare with the unhashed password in DB. so it couldn't login.
Not sure it is a rabbit hole. if so could you give any hints.