Editing Ayase/MD5 Collisions
From Bibliotheca Anonoma
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 5: | Line 5: | ||
= MD5 Vulnerabilities = | = MD5 Vulnerabilities = | ||
There are two forms of the MD5 collision exploit discovered so far: a | There are two forms of the MD5 collision exploit discovered so far: a fixed-prefix and a unfixed-prefix collision mechanism. | ||
* The " | * The "unfixed-prefix" style of exploit inserts "collision blocks" within otherwise identical files to generate md5 collisions. Files generated with this style of collision have been demonstrated to pass through any 4chan post-processing steps without alteration. 4chan and its archives are vulnerable to at least gif md5 collisions, and probably to exploits crafted for other file formats as well. For more information on unfixed-prefix collisions, see [hashclash], [this exploitation of hashclash], and [this article] on md5 collisions in image formats. | ||
* The " | * The "fixed-prefix" exploit allows for an arbitrary pair of chosen files to be appended with "collision blocks" until they share the same md5. More info on this style of collision can be found here: [https://natmchugh.blogspot.com/2014/10/how-i-created-two-images-with-same-md5.html] . This style of exploit can be countered on the backend by removing bytes past the media file trailer (a pattern signifying the end of the file), and it seems that this is part of the post-processing 4chan does on media upload. | ||
The existing types of md5 collision exploits are not known to pose a major risk to either the main site or its archives, because they can only be performed intentionally by an "attacker" who must generate and post both pieces of media. However, they do introduce a quirk which has a minor impact on the integrity of the archive: | The existing types of md5 collision exploits are not known to pose a major risk to either the main site or its archives, because they can only be performed intentionally by an "attacker" who must generate and post both pieces of media. However, they do introduce a quirk which has a minor impact on the integrity of the archive: |