Results 1 to 11 of 11

Thread: Exploiting MD5

  1. #1
    Registered User
    Join Date
    Aug 2005
    Location
    Italy
    Posts
    133
    Blog Entries
    31

    Exploiting MD5

    Here an intersting article that explains how to "exploit" MD5's collisions

    http://www.codeproject.com/useritems/HackingMd5.asp

    There is also an intersting demo application written in C#

    Hope could interest someone

    Have a nice day

    http://evilcry.netsons.org (Repository)
    http://evilcodecave.blogspot.com
    http://evilcodecave.wordpress.com

  2. #2
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Thanks for the tip.

  3. #3
    son of Bungo & Belladonna bilbo's Avatar
    Join Date
    Mar 2004
    Location
    Rivendell
    Posts
    310
    Finally some code to play with, after Chinese exploits!
    Thanks, bilbo
    Non quia difficilia sunt, non audemus, sed quia non audemus, difficilia sunt.[Seneca, Epistulae Morales 104, 26]

  4. #4
    thanks for the tip !

    starting from that page one could get a huge amount of information

    but i was a bit disappointed by the presented code - that is just an implementation of the "exploit" which imho does not show anything.

    the most valuable info (personal opinion!! ) i still found here:

    http://www.infosec.sdu.edu.cn/paper/md5-attack.pdf

    as it describes the approach on how to find collisions.
    i am quite sure this doc was allready posted

    the info

    if H(a) == H(b) then applies H(a+x) == H(b+x)

    whereby x is your real data and a,b is a collision vector

    is imho the most relevant on the topic and colission vectors are present on the internet (also in the mentioned source)
    the art then is to find a way dealing with the different binary formats to incorporate the collision. as you have to prepend something (the one "plaintext" of your collision) to your data which can be tricky (the resulting file should still work with your data)

    what i find really cool is this effort which also spread in the news

    http://www.win.tue.nl/~bdeweger/CollidingCertificates/CollidingCertificates.pdf

    this combined technique should be most shocking as it is applied onto X.509 certificates hehehe

    cheers, 0xf001

  5. #5
    Very nice discovery. And a few years ago we all thought it was impossible to generate MD5 collisions within a short amount of time. I predict that within the next few years MD5 will be as secure as CRC32 is today, with the speed of computer hardware increasing at its present rate.

    What would really be interesting would be arbitary binary data that MD5'd to some 16-byte long ASCII message. However at the moment it is still nearly impossible to reverse MD5. All we can do is generate collisions quickly.

  6. #6
    Registered User
    Join Date
    Aug 2005
    Location
    Italy
    Posts
    133
    Blog Entries
    31
    Really intersing links 0xf001
    thanks

    http://evilcry.netsons.org (Repository)
    http://evilcodecave.blogspot.com
    http://evilcodecave.wordpress.com

  7. #7
    Not sure if this is worth a separate thread, but the source code of finding md5 collision has been published. The story was covered on slashdot. It takes roughly 50 minutes on modern PC to find MD5 collisions.

  8. #8
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Location
    Ring -1
    Posts
    4,206
    Blog Entries
    5
    Yep:

    http://www.stachliu.com/collisions.html

  9. #9
    Quote Originally Posted by dELTA
    Yep:

    http://www.stachliu.com/collisions.html
    Wow. 45 minutes on a 1.6GHz P4, and my machine is ~2.5x that speed (4.17GHz P4). What's even more interesting is the MD4 collision finder below that - "Average runtime on 1.6GHz P4 - 5 seconds" Going to try these out on my machine... thanks for the link

    This is the type of software that should be written in very highly optimised Asm, not standard C.
    Last edited by LLXX; November 17th, 2005 at 01:27.

  10. #10
    If you've read the source code, there is not much to do in the algorithm section of the code in terms of highly optimized asm.

  11. #11
    Registered User
    Join Date
    Aug 2005
    Location
    Italy
    Posts
    133
    Blog Entries
    31
    Here the win21 porting for MD5
    http://pub1.positivenetworks.net/~dispensa/md5coll.zip



    and now all MD5 implementations need to be rewritten

    Have a nice day!

    http://evilcry.netsons.org (Repository)
    http://evilcodecave.blogspot.com
    http://evilcodecave.wordpress.com

Similar Threads

  1. Replies: 6
    Last Post: July 23rd, 2011, 01:07
  2. Exploiting Tomorrow's Internet Today: Penetration testing with IPv6
    By Uninformed Journal in forum Blogs Forum
    Replies: 0
    Last Post: October 19th, 2008, 01:01
  3. Exploiting 802.11 Wireless Driver Vulnerabilities on Windows
    By Uninformed Journal in forum Blogs Forum
    Replies: 0
    Last Post: October 22nd, 2007, 12:22
  4. Exploiting the Otherwise Non-Exploitable on Windows
    By Uninformed Journal in forum Blogs Forum
    Replies: 0
    Last Post: October 22nd, 2007, 12:22
  5. Exploiting with linux-gate.so.1
    By 0xf001 in forum Linux RCE
    Replies: 2
    Last Post: May 31st, 2006, 12:52

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •