You are here: Links of Interest » HEIG-VD » Summer University 2016 » Software Reverse Engineering » Lab 2 - Hash Collisions Galore
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
heig:su16:sre:lab2 [2016/07/11 12:19] – Laureline David | heig:su16:sre:lab2 [2018/01/30 16:39] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Lab 2 - Hash Collisions Galore ====== | ====== Lab 2 - Hash Collisions Galore ====== | ||
- | Upon its first execution the '' | + | Upon its first execution the '' |
- | + | ||
- | /* {{ : | + | |
Using this assumption we can assume that the binary computes a hash of the given password and check it against a reference hash. Moreover due to the need to provide multiple passwords, we can assume that this hash function is weak against collitions. | Using this assumption we can assume that the binary computes a hash of the given password and check it against a reference hash. Moreover due to the need to provide multiple passwords, we can assume that this hash function is weak against collitions. | ||
Line 9: | Line 7: | ||
==== Reverse Engineering ==== | ==== Reverse Engineering ==== | ||
- | {{ : | ||
The first step is to use IDA to disassemble the '' | The first step is to use IDA to disassemble the '' | ||
=== Algorithm Analysis === | === Algorithm Analysis === | ||
+ | {{ : | ||
The first block of code checks for the length of the string using the '' | The first block of code checks for the length of the string using the '' | ||
Line 48: | Line 46: | ||
print(" | print(" | ||
- | Note that the last two values are swapped from their order in the desired hash. The total number of passwords can be obtained by multiplying the size of the four sets and is **1781102812020000** (or 18.98Pb of data). | + | Note that the last two values are swapped from their order in the desired hash. The total number of passwords can be obtained by multiplying the size of the four sets and is **1781102812020000** (or 18.98Pb of data or 1.58Pb by compressing |