guinness Posted September 20, 2013 Share Posted September 20, 2013 Interesting discussion though. UDF List: _AdapterConnections() • _AlwaysRun() • _AppMon() • _AppMonEx() • _ArrayFilter/_ArrayReduce • _BinaryBin() • _CheckMsgBox() • _CmdLineRaw() • _ContextMenu() • _ConvertLHWebColor()/_ConvertSHWebColor() • _DesktopDimensions() • _DisplayPassword() • _DotNet_Load()/_DotNet_Unload() • _Fibonacci() • _FileCompare() • _FileCompareContents() • _FileNameByHandle() • _FilePrefix/SRE() • _FindInFile() • _GetBackgroundColor()/_SetBackgroundColor() • _GetConrolID() • _GetCtrlClass() • _GetDirectoryFormat() • _GetDriveMediaType() • _GetFilename()/_GetFilenameExt() • _GetHardwareID() • _GetIP() • _GetIP_Country() • _GetOSLanguage() • _GetSavedSource() • _GetStringSize() • _GetSystemPaths() • _GetURLImage() • _GIFImage() • _GoogleWeather() • _GUICtrlCreateGroup() • _GUICtrlListBox_CreateArray() • _GUICtrlListView_CreateArray() • _GUICtrlListView_SaveCSV() • _GUICtrlListView_SaveHTML() • _GUICtrlListView_SaveTxt() • _GUICtrlListView_SaveXML() • _GUICtrlMenu_Recent() • _GUICtrlMenu_SetItemImage() • _GUICtrlTreeView_CreateArray() • _GUIDisable() • _GUIImageList_SetIconFromHandle() • _GUIRegisterMsg() • _GUISetIcon() • _Icon_Clear()/_Icon_Set() • _IdleTime() • _InetGet() • _InetGetGUI() • _InetGetProgress() • _IPDetails() • _IsFileOlder() • _IsGUID() • _IsHex() • _IsPalindrome() • _IsRegKey() • _IsStringRegExp() • _IsSystemDrive() • _IsUPX() • _IsValidType() • _IsWebColor() • _Language() • _Log() • _MicrosoftInternetConnectivity() • _MSDNDataType() • _PathFull/GetRelative/Split() • _PathSplitEx() • _PrintFromArray() • _ProgressSetMarquee() • _ReDim() • _RockPaperScissors()/_RockPaperScissorsLizardSpock() • _ScrollingCredits • _SelfDelete() • _SelfRename() • _SelfUpdate() • _SendTo() • _ShellAll() • _ShellFile() • _ShellFolder() • _SingletonHWID() • _SingletonPID() • _Startup() • _StringCompact() • _StringIsValid() • _StringRegExpMetaCharacters() • _StringReplaceWholeWord() • _StringStripChars() • _Temperature() • _TrialPeriod() • _UKToUSDate()/_USToUKDate() • _WinAPI_Create_CTL_CODE() • _WinAPI_CreateGUID() • _WMIDateStringToDate()/_DateToWMIDateString() • Au3 script parsing • AutoIt Search • AutoIt3 Portable • AutoIt3WrapperToPragma • AutoItWinGetTitle()/AutoItWinSetTitle() • Coding • DirToHTML5 • FileInstallr • FileReadLastChars() • GeoIP database • GUI - Only Close Button • GUI Examples • GUICtrlDeleteImage() • GUICtrlGetBkColor() • GUICtrlGetStyle() • GUIEvents • GUIGetBkColor() • Int_Parse() & Int_TryParse() • IsISBN() • LockFile() • Mapping CtrlIDs • OOP in AutoIt • ParseHeadersToSciTE() • PasswordValid • PasteBin • Posts Per Day • PreExpand • Protect Globals • Queue() • Resource Update • ResourcesEx • SciTE Jump • Settings INI • SHELLHOOK • Shunting-Yard • Signature Creator • Stack() • Stopwatch() • StringAddLF()/StringStripLF() • StringEOLToCRLF() • VSCROLL • WM_COPYDATA • More Examples... Updated: 22/04/2018 Link to comment Share on other sites More sharing options...
czardas Posted September 20, 2013 Share Posted September 20, 2013 Yes it is. I'm glad I saw this and I'm also glad I didn't use SHA-1 as a password. operator64 ArrayWorkshop Link to comment Share on other sites More sharing options...
MindlessGenius Posted September 20, 2013 Author Share Posted September 20, 2013 (edited) Much sensationalism here. Little practical results. Drifting away from SHA-1 is understandable but still not a hurry in most use cases. Avoiding NSA-compromised PRNG is certainly a bit more urgent, let it be only for showing they did the wrong move (again). Speaking of Collisions... Impersonation (Much Sensationalism) Here is an example you can taste.... 17/09/2013 14:43:36 C:\Windows\System32\kernel32.dll Date : 01/08/2013 Size : 1114112 Version: 6.1.7601.18229 MD5 : 365A5034093AD9E04F433046C4CDF6AB SHA1 : 7244AE695F8E5A730857781635ACB2969F15C594 and another even better: 17/09/2013 14:48:13 C:\Windows\System32\KERNELBASE.dll Date : 01/08/2013 Size : 274944 Version: 6.1.7601.18229 MD5 : 1B7343C3765638D4D17CB925F84F8ABE SHA1 : B001F04386EBE09DDAC86297FA7B18AF37ABAFFF This is how you test... First checks the MD5 Here: https://www.virustotal.com/en/#search Then check the SHA-1 same way but in another window... Then compare all the signatures.... and Poof Impersonation discovered! Not sensationalism... simple hack by highly funded and technically adept professionals... They can spoof almost anything... but there is a catchf! They cant spoof the two in tandem! They can spoof the MD5 or the Sha-1 but not both... So get vigilant and do some comparission and you will identify all off their attempts many will blow your mind! Once you identify the impersonation, you then simply use the target to reverse engineer and aquire the code, method etc... You can use this tool to find the impersonations Advanced Process Analysis and Identification System (It's what I use: https://hermes-computers.ca//apais_1.php ) oh... and yes I wrote it, and it's in Autoit! Cheers! Edited September 20, 2013 by MindlessGenius Link to comment Share on other sites More sharing options...
czardas Posted September 20, 2013 Share Posted September 20, 2013 Unless your hash contains all the data, it will always be possible to fool it. operator64 ArrayWorkshop Link to comment Share on other sites More sharing options...
jchd Posted September 20, 2013 Share Posted September 20, 2013 Look: czardas himself admitted volontarily that even his use of SHA-1 would be overkill in his use case. That's true for still many everyday use cases. Targets are simply not worth the effort, as -- as you say : "simple hack by highly funded and technically adept professionals..." You know that people in charge of protecting really valuableor sensitive data have been using other hashes, or combination of distinct hashes for very long time. This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now