Hexpand - hash key legth attack for Window

Aici puteti posta software nou dezvoltat de dumneavoastra.
Software news and new software launch.

Hexpand - hash key legth attack for Window

Post Number:#1  Postby CodeCracker » 15 Jan 2019 13:58

Hexpand - hash key legth attack for Window

Original source location:
https://github.com/amlweems/hexpand
This version is ported to Windows.

Version of OPENSSL used:
OpenSLL 1.1.0e 16 Feb 2017
The fallowing files should be present:
libcryptoMD.dll
libcryptoMDd.dll
libsslMD.dll
libsslMDd.dll
These filess are present in SSL_DLLS.rar rar archive!

I've used Visual Studio 2008 Command Prompt
for compling source code with nmake.exe
see Compile.bat

Hexpand is a tool for automating hash length extension attacks.

## What's a length extension attack? ##

Hash length extension attacks allow an attacker to construct the `H(secret|message|append)`
given only `H(secret|message)` and the length of `secret|message`.
The attack uses the output hash to reconstruct the internal state of the hash function.
From there, it is trivial to feed the hash function the data to be appended and output the new hash.

How this works?
We continue hashing for we "left" by setting hash internal state:
SHA512_CTX.h[] for SHA and MD5_CTX.a, MD5_CTX.b, MD5_CTX.c, MD5_CTX.d for MD5
The data to be append is standard padding of the hash algorithms!
Plus of course the message to be append!

Missing dlls (OpenSLL), should be placed on hexpand.exe location:
https://www107.zippyshare.com/v/3Wm5yfYB/file.html
Attachments
hexpandw.zip
(49.1 KiB) Downloaded 42 times
CodeCracker
Mediu
Mediu
Progress to next rank:
32%
 
Status: Offline
Posts: 66
Joined: 06 Feb 2016 14:04
Referred by: giv

Invitations sent: 0
Referrals: 2
Local time: 21 Aug 2019 21:53
Has thanked: 0 time
Been thanked: 74 times

Return to Lansari de software

Who is online

Users browsing this forum: No registered users and 24 guests

cron