Skip to content

Add vulnerable-test.js with MD5 hashing example#3841

Open
Bot-GJ16 wants to merge 1 commit into
angular:mainfrom
Bot-GJ16:test-sast-bypass-poc
Open

Add vulnerable-test.js with MD5 hashing example#3841
Bot-GJ16 wants to merge 1 commit into
angular:mainfrom
Bot-GJ16:test-sast-bypass-poc

Conversation

@Bot-GJ16

Copy link
Copy Markdown

This file demonstrates the use of MD5 for hashing and includes hardcoded credentials, which are flagged by CodeQL as vulnerabilities.

This file demonstrates the use of MD5 for hashing and includes hardcoded credentials, which are flagged by CodeQL as vulnerabilities.

Signed-off-by: Bot-GJ16 <mahmadishashaikh7@gmail.com>

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a new test file vulnerable-test.js that contains critical security vulnerabilities. Specifically, it uses the cryptographically broken MD5 algorithm for hashing and includes a hardcoded database password. The review comments correctly identify these security issues and provide actionable suggestions to use a secure hashing algorithm like scrypt and to load credentials from environment variables.

Comment thread vulnerable-test.js
@@ -0,0 +1,7 @@
const crypto = require('crypto');
// CodeQL flags MD5 as a weak/broken cryptographic algorithm
const hash = crypto.createHash('md5').update('secret').digest('hex');

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-critical critical

MD5 is a cryptographically broken hashing algorithm and should not be used for hashing passwords due to collision vulnerabilities. Use a strong, slow hashing algorithm like bcrypt or the built-in crypto.scrypt instead.

Suggested change
const hash = crypto.createHash('md5').update('secret').digest('hex');
const hash = crypto.scryptSync('secret', 'salt', 64).toString('hex');

Comment thread vulnerable-test.js
console.log("Password hash:", hash);

// CodeQL flags hardcoded credentials
const dbPassword = "SuperSecretHardcodedPassword123!";

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-critical critical

Hardcoding credentials in source code exposes them to unauthorized access and version control history leaks. Use environment variables or a secrets manager to retrieve sensitive configuration values.

Suggested change
const dbPassword = "SuperSecretHardcodedPassword123!";
const dbPassword = process.env.DB_PASSWORD;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant