Title :
The security analysis of PhpBB forum
Author :
Lijun Zhang ; Jia Fan
Author_Institution :
Sci. & Technol. on Commun. Security Lab., Chengdu, China
Abstract :
PhpBB forum is one of the widely applied network forums. In this paper, we investigate the security of this kind of forum. We analyze the whole process of security mechanism related to user´s password, including password checking in registration, password storage in database and password identification when users log in. Our research indicates that security of the earlier version is weak, and subsequent 3.0 version provides more secure cryptographic algorithm. However, in order to acquire the compatibility, the forum software retains the weak algorithm which brings the potential security threat. According to this vulnerability, we design the corresponding attack while we also propose the countermeasures.
Keywords :
cryptography; PhpBB forum; cryptographic algorithm; password checking; password identification; password storage; cryptographic algorithm; phpBB forum; security analysis;
Conference_Titel :
Cyberspace Technology (CCT 2014), International Conference on
Print_ISBN :
978-1-84919-928-5
DOI :
10.1049/cp.2014.1367
