So I want to study the exe files on the final url,
do you have ever backup them?
Thank you.
Quote:
Originally Posted by Shub-Nigurrath
Essential literature for MD5 and other collisions is quite simple
First episode: Instantaneous generation of colliding MD5
rodevitoyem: eprint.iacr.org/2006/104.pdf
Poter omgpet: eprint.iacr.org/2006/105.pdf
The used method is called "bit tunneling��
*nix source: web.mit.edu/AFS/sipb/project/fastcoll/
win32 source: www.win.tue.nl/hashclash/fastcoll_v1.0.0.5_source.zip
win32 binary: www.win.tue.nl/hashclash/fastcoll_v1.0.0.5.exe.zip
Real-time generation of different files with the same MD5
Quite useless still because the files are fuzzy bloat of bits.
Second episode: Also other hash algorithms are colliding (2005)
How to Break MD5 and Other Hash Functions(Xiaoyun Wang and Hongbo Yu)
http://www.iacr.org/cryptodb/archive/2005/EUROCRYPT/2868/2868.pdf
Colliding X.509 Certificates (Arjen Lenstra, Xiaoyun Wang and Benne de Weger)
www.win.tue.nl/~bdeweger/CollidingCertificates/CollidingCertificates.pdf
Third Episode:different exe with the same MD5, CRC32, cksum16 e cksum32 (2005/2006)
EXEs with the same CRC32, and also 8 different files with the same MD5.
These are real exe with different functions
hexale.blogspot.com/2005/12/taking-advantage-of-md5-for-real.html
final url seems to not be anymore available anyway.. there were two interesting PoC launchers also provided
Fourth episode: the list of colliding things gets longer .. see attach
|