Security Nightmare: Database Encryption in Password Manager Pro is useless by default or when using HA
By default the bundled mysql database in Password Manager Pro is using mysql binlogs, so every sql statement of the application is written in plaintext on the disk ("mysql-bin.*" files in mysql data directory).
Unfortunately Password Manager Pro doesn't encrypt the user accounts and passwords in the application, but encrypt the data with the AES_ENCRYPT() function in mysql.
In combination with activated mysql binlogs (active by default and needed for HA*) that means every user account and password is written in PLAINTEXT into the binlogs! Furthermore the secret key for AES encryption is also written in the binlogs:
cd /opt/PMP/mysql/data/strings mysql-bin.* | grep -R "AES_ENCRYPT"
INSERT INTO `Ptrx_Resource` (`RESOURCEID`,`PASSWDRULEID`,`RESOURCENAME`,`DOMAINNAME`,`RESOURCEDESC`,`LOCATION`,`DEPARTMENT`,`IPADDRESS`,`RESOURCEURL`,`LASTMONITORSYNCTIME`,`COLUMN_LONG1`,`COLUMN_LONG2`,`COLUMN_LONG3`,`COLUMN_LONG4`,`COLUMN_CHAR1`,`COLUMN_CHAR2`,`COLUMN_CHAR3`,`COLUMN_CHAR4`,`COLUMN_CHAR5`,`COLUMN_CHAR6`,`COLUMN_CHAR7`,`COLUMN_CHAR8`,`COLUMN_CHAR9`,`COLUMN_SCHAR1`,`COLUMN_SCHAR2`,`COLUMN_SCHAR3`,`COLUMN_DATE1`,`COLUMN_DATE2`,`COLUMN_DATE3`,`COLUMN_DATE4`) VALUES (12345,5,AES_ENCRYPT('new ressource', 'secretaeskey123'),'','Admin-Webpanel','','','www.ressource.com','https://www.ressource.com/admin',0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,AES_ENCRYPT(NULL, 'secretaeskey123'),AES_ENCRYPT(NULL, 'secretaeskey123'),AES_ENCRYPT(NULL, 'secretaeskey123'),NULL,NULL,NULL,NULL)
INSERT INTO `Ptrx_Account` (`ACCOUNTID`,`RESOURCEID`,`PASSWDID`,`DESCRIPTION`,`LOGINNAME`,`DOMAINNAME`,`COMPLIANTSTATUS`,`COMPLIANTICON`,`COMPLIANTREASON`,`EXPIRYSTATUS`,`PASSWRDSYNCSTATUS`,`TIMESTAMP`,`APPICATIONPORT`,`RESTARTSERVICE`,`RESETLOCALSERVICE`,`MONITORSTATUS`,`COLUMN_LONG1`,`COLUMN_LONG2`,`COLUMN_LONG3`,`COLUMN_LONG4`,`COLUMN_CHAR1`,`COLUMN_CHAR2`,`COLUMN_CHAR3`,`COLUMN_CHAR4`,`COLUMN_CHAR5`,`COLUMN_CHAR6`,`COLUMN_CHAR7`,`COLUMN_CHAR8`,`COLUMN_CHAR9`,`COLUMN_SCHAR1`,`COLUMN_SCHAR2`,`COLUMN_SCHAR3`,`COLUMN_DATE1`,`COLUMN_DATE2`,`COLUMN_DATE3`,`COLUMN_DATE4`) VALUES (12345,12345,12345,NULL,AES_ENCRYPT('admin', 'secretaeskey123'),'Domain Name','Compliant','/themes/passtrix/images/applicable.gif','-','Valid','NotChecked','2010-10-26 13:48:37',NULL,0,0,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,AES_ENCRYPT(NULL, 'secretaeskey123'),AES_ENCRYPT(NULL, 'secretaeskey123'),AES_ENCRYPT(NULL, 'secretaeskey123'),NULL,NULL,NULL,NULL)
INSERT INTO `Ptrx_PassBasedAuthen` (`PASSWDID`,`PASSWORD`,`ALGORITHM`,`SALT`) VALUES (12345,AES_ENCRYPT('secretpassword', 'secretaeskey123'),NULL,NULL)
Encrypting the user accounts and passwords in the database while writing it in plaintext into the binlogs in the same directory makes no sense, right? IMHO this is a
security nightmare for this type of application!