Details
-
Test
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
Description
By setting a easily identifiable (random) well known password we can gain some level of confidence that we do not accidentally leak it in a plaintext way be scaning all output (TRACE broker & client logs, STDOUT, STDERR, config files) for the occurrence of that password.
Additionally, we could scan for unsalted hashes (SHA1, SHA2, MD5).