[RSS] How "Strengthening Crypto" Broke Authentication: FreshRSS and bcrypt's 72-Byte Limit

https://pentesterlab.com/blog/freshrss-bcrypt-truncation-auth-bypass

@buherator There is some dubious information in this one. It says the salt part of the bcrypt hash is fixed per user and does not change when a user choses a different password. I did not check if it is actually implemented like this, but wouldn't you usually generate a new salt per password? Also the challenge-response part does not check out. It says the challenge response AND the users password hash is sent back to the server. This would defeat the whole purpose of the challenge response.

@Sandfish6811 I can't dive deeper into this rn, but the linked GHSA confirms the essence of the vulnerability and the way it was introduced.

I checked and you are right that the hash is not sent back during auth, I'll probably leave a comment about this on /r/ so they can clarify.

@buherator Yes, I agree that the essence of the vulnerability is there. But it falls a bit apart on the details. Thanks for following up!