Sandboxie-Plus Password Hash Entropy Loss Vulnerability

A vulnerability exists in Sandboxie-Plus versions through 1.17.2, where the SbieIniServer::HashPassword function incorrectly converts SHA-1 digests to hexadecimal. The high nibble of each byte is shifted right by 8 bits instead of 4, resulting in the loss of the high nibble and reducing the effective entropy of the EditPassword hash from 160 bits to 80 bits. This flaw, combined with the use of an unsalted SHA-1 hashing scheme, makes leaked or backed-up password hashes significantly easier to brute-force.

Impact

This vulnerability weakens the protection of the EditPassword feature against offline guessing attacks, making it easier to brute-force leaked or backed-up password hashes. It also breaks the assumption that the stored password verifier contains the full SHA-1 output, leading to a false sense of security.

Reproduction

The vulnerability can be observed by inspecting any stored EditPassword hash. Each odd-positioned hexadecimal character will be '0', indicating the loss of the high nibble due to the incorrect hashing process.

Remediation

Users should update to Sandboxie-Plus version 1.17.3, which addresses the hashing error. Additionally, it is recommended to migrate existing stored hashes to the new format, as correcting the bug will otherwise invalidate all current EditPassword entries.