Ticket Information - ID: #1240
| ID: | Category: | Severity | Reproducibility | Date Submitted | Updated By: |
|---|---|---|---|---|---|
| 0001240 | Bug Reporting | normal | always | 11/27/22 06:38PM | Jerl |
|
|
| Summary: | Login Captcha Bypass |
| Description: | Your able to bypass the login captcha and any ratelimiting on that form by manually setting the pass_hash and user_id headers. You can use the "/index.php?page=account&s=profile&uname=USERNAME" to get the user_id from the username and then you can calculate the pass hash yourself. You can then just send a request to any other page and check the Set-Cookie headers to see if the login succeeds or fails. |
| Additional Info: | Since this is a bug inherent with using pass_hash for an auth cookie, I don't expect this to be easy to fix. |
Jerl replied at 2022-11-27 22:23:40  |
| We do not require a captcha for logging in. Any sites which require a captcha for login have implemented it themselves, and as such we are unable to fix any bugs in it. |
