[37660] in bugtraq
Re: MD5 To Be Considered Harmful Today
daemon@ATHENA.MIT.EDU (Pavel Machek)
Wed Dec 8 19:51:45 2004
Date: Wed, 8 Dec 2004 23:40:19 +0100
From: Pavel Machek <pavel@ucw.cz>
To: Dan Kaminsky <dan@doxpara.com>
Cc: bugtraq@securityfocus.com
Message-ID: <20041208224019.GB16124@elf.ucw.cz>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <41B77ECF.7030404@doxpara.com>
Hi!
> >:~/misc/md5$ cat msg1
> >I agree to sell you my horse ^Fita^, its saddle and harness for price
> >14000 dollars. Signed Bara
> >
> >
> >
> Except you can't do this, since the appended data needs to be identical
> between the two files. That's why I used the encrypted payload -- it
> ties the semantic meaning of the embedded commands to posession of
> vec1's series of bits, which is of course what a cipher is meant to do.
>
> Your payloads differ but the above line is incorrect. Your actual
> appended files:
>
> $ cat msg1
> [terminal garbage]I agree to sell you my horse ^Fita^, its saddle and
> harness for price 1 000 dollars. Signed Bara
>
> $ cat msg2
> [slightly different terminal garbage]I agree to sell you my horse
> ^Fita^, its saddle and harness for price 1 000 dollars. Signed Bara
Actually, no, it is not. Try catting it on linux console. It takes
the garbage, overwrites it with ^Hs, then writes ... "its saddle and
harness for price 1", then shifts cursor right (over 4 or `,
depending on first block), then continues with "000 dollars".
My trick does *not* work in Gnome Terminal (I've just verified
it). You need actuall linux console, press ctrl-alt-F1 on most distros
to get to one... but if you tell me what terminal you use, I can
probably create terminal sequence that works there...
Pavel
--
People were complaining that M$ turns users into beta-testers...
...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl!
