Have a production scriptcase system which I have been using for some months now. Suddenly, all users could not login and on checking the sec_users table in the database, all users had the same password hash. Copied the hash for a known password from my test server and regained access, but would could have happened? Could the scriptcase app have been compromised?
Databases don’t change by their own initiative. If all items where changed than it’s most likely that your database has been compromised. If that was through Scriptcase, phpMyAdmin or any other tool is hard to tell. Since SC in general work record-based, I doubt if this was the cause, but you can never be sure.
Thanks Albert for the feedback. Strangely enough it is the MD5 hashes of the sc_users database table passwords field which were altered only.
Tried to change one record and forgot the where clause?
No not at all, from sc_log there were a series of failed attempts also with usernames that included strange characters and also SQL statements and then from that stage on all sc_users passwords were all set to the same hash.
If you had updated your login app with the sc_encode macro instead to php’s md5 method may be that the trouble, because they both hashes are different.
So the stock login application has to be modified with sc_encode instead?
Not necessarilly, you have several application that modified the password, the app that creates users, the change password application, for example, if you have sc_encode macro in the creation app, and md5 function in other the change password app, that may lead to troubles when user tries to log in.
I am having the same problem, after awhile all users account unable to login and system keep saying “The username/password combination is invalid!”. I created login page using control app
I have the same problem. I was working on the project today. It was all working fine. suddenly I cannot longer login. At the moment I only have about 5-6 users (for testing) but none of them can login anymore, despite I have made no changes to any SEC app or code and the password/use in database table is correct. Very very strange
Any clues ?