[wp-hackers] Rethinking check_admin_referer()
wp-hackers at paul-mitchell.me.uk
Fri Apr 21 23:45:47 GMT 2006
Robert Deaton wrote:
> Still, all of this is irrelevant to the discussion, which has nothing
> to do with cracking md5s or finding their collisions.
Quite. My interest is rather more simple.
Given that WordPress is multi-user, nonces will be available to anyone
entrusted with access to so-protected admin functions by the blog owner,
who is presumably also the sole knower of the database password.
I probably don't appreciate the scale of effort required to extracting
data from nonces, but was the blog database password subject to
cryptographic attack, theoretical or otherwise, prior to the
introduction of the nonce? It was the use of the database password for
something other than connecting to the database that caught my eye in
the first place.
More information about the wp-hackers