Juicy Shop
Weak Password Hashing
Vulnerability
Passwords are stored as a plain SHA-256 digest with no salt and no work factor. SHA-256 is designed to be fast, so an attacker who steals the database can try billions of guesses per second on a GPU, and because there is no per-user salt, identical passwords share a hash and precomputed rainbow tables apply directly. The result is that a database leak effectively exposes most users' passwords.
Exploit Steps
- Obtain the stored password hashes (e.g. via another vulnerability or a backup)
- Identify the algorithm as unsalted SHA-256 by the digest length and format
- Run a GPU cracker (hashcat) or a rainbow table against the hashes
- Recover plaintext passwords for any weak or reused credentials within minutes
Tools: hashcat, John the Ripper, rainbow tables
Mitigation & Solution
Use a slow, salted, memory-hard password hash — Argon2id (preferred), scrypt, or bcrypt — with a per-user random salt and a tuned work factor. Never use fast general-purpose hashes (MD5/SHA-1/SHA-256) for passwords. Re-evaluate the work factor as hardware improves.
Coding Challenge
Find It
File: apps/juicy-shop/src/security-examples/weak-password-hash.ts
Click the line that contains the vulnerability: