Agentpoint Posted November 19, 2017 Share Posted November 19, 2017 Our company is rolling out a internal single sign on system as we use quite a few different systems and most of them support SSO via SAML although the specific technology doesn't matter in this instance. I've been trying to implement this in WHMCS but I can't figure out the hashes to make this work. I see two ways of accomplishing this. 1. Injecting $_SESSION. This involves three variables: tkval - Random token, I believe it's purely random alpha numeric but could be wrong. adminid - Easy enough, the ID of the user in tbladmins. adminpw - A SHA1 hash which clearly depends on the password, but it also includes something else I can't figure out. I've tried many permuations. 2. Calculating the Remember Me cookie. Slightly less ideal but would still achieve the desired result. This is simply "<adminid>:<hash>" but same problem again, what the hash is actually of is unknown and I can't figure it out. I actually wrote a script to try various permutations of variables and separators and got zero results. Does anyone else have any insight? I can't figure out why this would be so opaque as having the exact formula of those hashes public doesn't decrease security at all. Link to comment Share on other sites More sharing options...
Recommended Posts