作者: samiux 時間: 2015-5-7 16:45 標題: No more MD5 checksum
Please be informed that it is suggested that we no longer trust the MD5 checksum anymore. It is very easy to create two different binaries with the same MD5 checksum.
Samiux
作者: cnewshk 時間: 2015-5-7 17:03
We knew md5 or even sha1 are no longer trustable, but could you explain why you need to re-emphasise it today? Is there any new vulnerability was found recently?
作者: Databases 時間: 2015-5-7 17:41
提示: 作者被禁止或刪除 內容自動屏蔽
作者: samiux 時間: 2015-5-7 17:44
We knew md5 or even sha1 are no longer trustable, but could you explain why you need to re-emphasise ...
cnewshk 發表於 2015-5-7 17:03
A researcher find a very easy way to make same MD5 checksum on two different binaries. There are some download sites are still using MD5 checksum.
I just to alert.
Samiux
作者: rhino 時間: 2015-5-7 18:26
Is there any alternative method to do intergity check of a file?
作者: uganda_martyr 時間: 2015-5-7 18:31
本帖最後由 uganda_martyr 於 2015-5-7 19:06 編輯
Please be informed that it is suggested that we no longer trust the MD5 checksum anymore. It is ver ...
samiux 發表於 2015-5-7 16:45
So, what do you recommend?
Grateful for your advice.
作者: samiux 時間: 2015-5-7 20:33
@rhino and @uganda_martyr,
I may not be right but I suggest to use sha256sum for that purpose.
Samiux
作者: lazyfai 時間: 2015-5-7 21:47
In fact, checksum is important? Most important thing is NEVER download any software from untrusted source, eg. mainland forums pirate version, etc.
作者: samiux 時間: 2015-5-7 21:56
In fact, checksum is important? Most important thing is NEVER download any software from untrusted s ...
lazyfai 發表於 2015-5-7 21:47
May be you are right. However, I am sorry to tell you that do not trust what you are downloaded even you do not download from untrust sources.
Samiux
作者: lazyfai 時間: 2015-5-8 08:13
Yes, you are right too.
In fact, if a hacker can replace a file on a download site with another file, he should be able to change the md5 or even sha256sum listed on the site as well.
作者: secmaster 時間: 2015-5-8 09:07
application signing will be better than trusting the hash of the binaries
作者: IanW 時間: 2015-5-8 09:51
A researcher find a very easy way to make same MD5 checksum on two different binaries. There are ...
samiux 發表於 2015-5-7 17:44
If there is same recent finding, a link of such news is appreciated. Thx
作者: samiux 時間: 2015-5-8 10:31
Yes, you are right too.
In fact, if a hacker can replace a file on a download site with another file ...
lazyfai 發表於 2015-5-8 08:13
There is a method in the wild that the malicious code can be injected to the binaries while you are downloading. Due to security purpose, I will not disclose the link here as it includes the exploit code.
Samiux
作者: samiux 時間: 2015-5-8 10:58
本帖最後由 samiux 於 2015-5-8 11:25 編輯
@IanW,
Sorry, due to security purpose, I will not disclose the link here as it includes the exploit code.
@secmaster,
Yes, but not all the downloadable binaries are signed. Meanwhile, signing the binaries cannot prevent them from being injected malicious code. I just to alert you all for the matter.
Samiux
Update reason : modified the reply to @secmaster
作者: gilberta 時間: 2015-5-8 22:06
提示: 作者被禁止或刪除 內容自動屏蔽
作者: q_p 時間: 2015-5-8 22:28
回覆 13# samiux
can you explain the concept of the exploit if sharing the code is not advisable?
did you mean the untrusted source can inject/add malicious code to binary while maintaining its original MD5?
and so we should stay alert for download from unencrypted/authenticated http?
作者: toylet 時間: 2015-5-8 23:12
提示: 作者被禁止或刪除 內容自動屏蔽
作者: ykmran 時間: 2015-5-8 23:42
本帖最後由 ykmran 於 2015-5-8 23:44 編輯
唔好懶神祕唔放link得唔得...
http://natmchugh.blogspot.co.uk/ ... -with-same-md5.html
上面條link r/netsec 第一版已經有...
http://www.reddit.com/r/netsec/
作者: 白戶則道 時間: 2015-5-9 00:16
其實樓主都係想share下d料姐...唔洗咁串既....
人地只係講番自己個point of view姐,唔係唔放link....
其實看番樓主個blog就知....
作者: cal22cal 時間: 2015-5-9 07:31
md5 唔得, 好似好耐之前(幾年前, 5~6 ??),
己經提咗出嚟, if my memory still serve well,
好似係華人, 响啲唔記得嘅數學學術論壇, logically 即埸表演 break 佢
b2b 有啲可能仲係用緊 des, 全部都係數學問題
作者: fireeye 時間: 2015-5-9 16:10
What about SHA1?
作者: Databases 時間: 2015-5-9 17:36
提示: 作者被禁止或刪除 內容自動屏蔽
作者: Databases 時間: 2015-5-9 17:38
提示: 作者被禁止或刪除 內容自動屏蔽
作者: samiux 時間: 2015-5-9 19:12
本帖最後由 samiux 於 2015-5-9 19:27 編輯
Last Sunday, when I was hiking alone to Sai Kung, I met an alien by accident who asked me to download a confidential "data" from their "server". Due to curious, I nodded to him. I picked up my Android phone (Android 2.3.8) and noticed that it was not connecting to the internet. All of sudden, my phone was downloading something.
Upon the "data" was downloaded, the alien gave me a long serial number and said that it was to check the integrity of the "data". I double checked it and confirmed that it was a MD5 hash. Later, I confirmed the hash of the downloaded "data" was same as the alien gave me. The alien thanked me and flew away with his silver coloured round shape one-seat space ship.
I wondered that what the alien gave me. I was trying to extract the "data" but failed. It is no doubt that I am not an "expert" in computing science. Later, my evil mind told me that why not inject a trojan into the "data" that the alien gave me? Aha, good idea!
I fired up a debugger and loaded the "data" into it. After a while, I found some code caves. My encrypted trojan was injected to the "data" that the alien gave me.
Then I confirmed that the MD5 hash of the "injected data" and the original "data" were the same. Bingo! yeah!
I did a lot of experiments and confirmed that I could get the reverse shell from the "injected data".
I emailed the "data" along with my "injected data" to NASA, USA. I told them the story how I got this "data" and I also told them that I could duplicate the "data" on my Intel ATOM D510 with Ubuntu 14.04.2 LTS x86_64 computer. Hope they could inspect them as I could not extract the data from the "data".
Finger cross! I am waiting for the reverse shell from NASA. ^-^
Samiux
Update reason : fix typo
作者: q_p 時間: 2015-5-10 09:43
回覆 24# samiux
thank for your 外星人故仔
知你講乜了作者: q_p 時間: 2015-5-10 09:45
錯,係SHA2-256 Secure Hash Algorithm,
PS: 勿以為數字大等於更安全。不是的 ...
Databases 發表於 9/5/2015 05:38 PM
何解不是更安全? 除非成個communication channel已經被操縱, 連個hash都係假的.
作者: fireeye 時間: 2015-5-10 15:54
錯,係SHA2-256 Secure Hash Algorithm,
PS: 勿以為數字大等於更安全。不是的 ...
Databases 發表於 2015-5-9 17:38
SHA1仲末有注入工具出現.宜家用SHA1 check file真假仲可以的!
作者: samiux 時間: 2015-5-10 17:06
One of my colleague, Bob, in the office always think that he is an expert in Computer Science. He is the one who manages the firewall and servers as well as desktops in the company. He is also a web application programmer and a Linux engineer in the company. He sometimes act as Helpdesk too. However, he supports us in a rather rude manner that almost everyone in the company dislike him.
Today, my evil mind come up, "why not hack him for revenge?" Aha, good idea! Why not?
After a few seconds, his IP address has been identified and seeing that he always download files from the internet, such as .exe, .tar.gz, zip, rar, and etc. Meanwhile, the network is mis-configured.
Some of such download sites are running on SSL/TLS. Hmmm, not a problem at all. I fire up my arsenal and downgrade the download sites to HTTP. I intercepted the downloading traffic of Bob and injecting my encrypted trojan into the downloading files on the fly. I am sure that my trojans are Fully Undetectable (FUD) by any anti-virus program or scanner. No matter Bob is running Windows or Linux or Mac OSX, his downloaded files are infected without alert from any defending system that he installed.
Bingo! I get the reverse shell from Bob's Linux system in a minute. Yeah! The next step is to install and hide the rootkit from his system. Cool, cool, cool. I then wipe all my footprints from his system. Heheeee...
From now on, I am his worm in his stomach! ^-^
Samiux
Update reason : fix typo