Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Insufficient Access when changing password with injection enabled #45

Open
frogydiak opened this issue Oct 13, 2015 · 1 comment
Open

Comments

@frogydiak
Copy link

On /libraries/ldap/ldap.php line 1098 where ldap_mod_replace() method is called to replace the password. I think as this stage it is binding using the user's credential and should be bind with proxy user.

Please check the details here:
http://forum.joomla.org/viewtopic.php?f=706&t=896103

@PhillyWebGuy
Copy link

PhillyWebGuy commented Nov 14, 2018

I ran into the same problem. I'm using Active Directory, and that seems to require both the old password and the new password. The plugin code only passes the new, so I was getting a failure. To get it to work, I changed line #697 of libraries/shmanic/user/adapters/ldap.php to look like this:

$this->client->replacePasswordAttribute($this->_dn, array($key => $password, 'oldpwd' => $old));

I then added this method, replacePasswordAttribute(), to libraries/shmanic/ldap/ldap.php. This assumes your password attribute is named unicodePwd and you are using MS ActiveDirectory.

public function replacePasswordAttribute($dn, $attributes) { $this->operationAllowed(); $oldpw = mb_convert_encoding('"' . $attributes['oldpwd'] . '"', 'UTF-16LE', 'UTF-8'); $newpw = $attributes['unicodePwd']; $attributes = [ [ "attrib" => "unicodePwd", "modtype" => LDAP_MODIFY_BATCH_REMOVE, "values" => [$oldpw], ], [ "attrib" => "unicodePwd", "modtype" => LDAP_MODIFY_BATCH_ADD, "values" => [$newpw], ] ]; $result = @ldap_modify_batch($this->resource, $dn, $attributes); if ($result === false) { throw new SHLdapException($this->getErrorCode(), 10151, JText::_('LIB_SHLDAP_ERR_10151')); } return $result; }

Now I can update passwords from the profile page.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants