Laureline's Wiki

Laureline's Wiki

You are here: Links of Interest » HEIG-VD » Summer University 2016 » Software Reverse Engineering » Lab 2 - Hash Collisions Galore

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Last revisionBoth sides next revision
heig:su16:sre:lab2 [2016/07/11 16:41] Laureline Davidheig:su16:sre:lab2 [2018/01/30 15:39] – [Lab 2 - Hash Collisions Galore] Laureline David
Line 1: Line 1:
 ====== Lab 2 - Hash Collisions Galore ====== ====== Lab 2 - Hash Collisions Galore ======
  
-Upon its first execution the ''L2'' binary asks the user to generate 1024 passwords. With this information we can assume than the password is not directly hardcoded in the binary but will be processed and compared against a reference value and that this process will map at least 1024 passwords to this value.+Upon its first execution the ''L2'' binary asks the user to generate 1024 passwords. With this information we can assume that the password is not directly hardcoded in the binary but will be processed and compared against a reference value and that this process will map at least 1024 passwords to this value.
  
 Using this assumption we can assume that the binary computes a hash of the given password and check it against a reference hash. Moreover due to the need to provide multiple passwords, we can assume that this hash function is weak against collitions. Using this assumption we can assume that the binary computes a hash of the given password and check it against a reference hash. Moreover due to the need to provide multiple passwords, we can assume that this hash function is weak against collitions.