Weak Password Recovery Mechanism for Forgotten Password (CWE-640)

Weak Password Recovery Mechanism for Forgotten Password

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

Weak password recovery mechanisms can be exploited to take over user accounts. Common issues include predictable reset tokens, security questions with easily guessable answers, or lack of verification.

보급률

높음

자주 악용됨

영향

높음

3개의 높은 심각도 규칙

예방

문서화됨

3개의 수정 예시

2 예방

이 취약점을 수정하는 방법

3개의 Shoulder 탐지 규칙을 기반으로 한 Weak Password Recovery 예방 전략.

🐹 Go 모두 보기 Go 자세히 →

Weak Password Reset Token HIGH

Use crypto/rand with 32+ bytes of entropy for password reset tokens

+11 -2 go

- func generateResetToken() string {
-     return fmt.Sprintf("%d", time.Now().Unix())
+ import (
+     "crypto/rand"
+     "encoding/hex"
+ )
+ 
+ func generateResetToken() (string, error) {
+     b := make([]byte, 32)
+     if _, err := rand.Read(b); err != nil {
+         return "", err
+     }
+     return hex.EncodeToString(b), nil
  }

🟨 JavaScript 모두 보기 JavaScript 자세히 →

Weak Password Reset Token HIGH

Use crypto.randomBytes() instead of Math.random() for security tokens

+2 -1 javascript

- user.resetToken = Math.random().toString(36);
+ const crypto = require('crypto');
+ user.resetToken = crypto.randomBytes(32).toString('hex');
  await user.save();

🐍 Python 모두 보기 Python 자세히 →

Weak Password Reset Token HIGH

Use the secrets module for cryptographically secure token generation

+4 -6 python

- import random
- 
- def create_reset_token():
-     chars = 'abcdef0123456789'
-     reset_token = ''.join(random.choice(chars) for _ in range(32))
-     return reset_token
+ import secrets
+ 
+ def create_reset_token():
+     return secrets.token_urlsafe(32)

3 탐지

코드에서 취약점 찾기

Shoulder를 사용하여 코드에서 Weak Password Recovery Mechanism for Forgotten Password 패턴을 스캔하세요. 3 규칙.

터미널

# Scan with Shoulder CLI
npx @shoulderdev/cli trust --cwe=640

# Or scan entire project
npx @shoulderdev/cli trust .

탐지 규칙 (3)

🐹 Go 1 rules

Weak Password Reset Token HIGH

Password reset token uses predictable values like timestamps or math/rand.

🟨 Javascript 1 rules

Weak Password Reset Token HIGH

Detects predictable random number generation (Math.random) used for password reset tokens.

🔷 Typescript 1 rules

Weak Password Reset Token HIGH

Detects predictable random number generation (Math.random) used for password reset tokens.

🐍 Python 1 rules

Weak Password Reset Token HIGH

Detects password reset tokens generated using weak or predictable methods like timestamps or non-cryptographic random.

4 경고 신호

코드 리뷰에서 주의할 점

이 패턴은 잠재적인 Weak Password Recovery Mechanism for Forgotten Password 취약점을 나타냅니다. 코드 리뷰와 보안 감사 중에 찾아보세요.

🟠

predictable random number generation (Math javascript-weak-password-reset-token

🟠

password reset tokens generated using weak or predictable methods like timestamps or non-cryptograph python-weak-reset-token

🔍

코드베이스를 스캔하세요: Weak Password Recovery Mechanism for Forgotten Password

Shoulder CLI는 전체 코드베이스에서 취약한 패턴을 찾아냅니다.

npx shoulder trust 모든 규칙 보기