Sign in to follow this  
Followers 0
FuryCell

Updated FileHash UDFs

24 posts in this topic

#1 ·  Posted (edited)

Here are my updated filehash UDFs. I added FileHashTiger() and FileHashWhrilPool() (both thanks to b1t5tR3@m) and updated

To use them you need the MD5Deep command line utility which can be found here

Enjoy.

SolidSnake.

Edit:Updated FileHashSha256() again. (I fixed another bug.) Also they are now distributed in a zip file containing all of them.

The functions contained in the zip are as follows:

_FileHashMD5()

_FileHashSHA1()

_FileHashSHA256()

_FileHashTiger()

_FileHashWhirlPool()

To use them you need the MD5Deep command line utility which can be found here

Enjoy.

SolidSnake.

Edit:Oops! Put StartUpSentinel here by accident.Will put up the proper zip as soon as I can get to my home pc. B)

Edit:Put file back up.

Edit:These functions have been replaced by my _FileHash and _StringHash functions. These new functions can be downloaded here.

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites



Just out of curiousity, why do other checksum methods exist? The only one I've heard of here is MD5.

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Just out of curiousity, why do other checksum methods exist? The only one I've heard of here is MD5.

Probably the same reason there are different Audio formats (MP3,WMA,M4A) which IMO is that they are all competing with each other over which is the best.

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

Isn't Microsoft supposedly moving from MD5 and SHA1 for their 'insecurities.' If I remember correctly, they wish to move to SHA256, however, they are building their next platform with hot-swappable checksum code possible (or something to that effect)


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

Isn't Microsoft supposedly moving from MD5 and SHA1 for their 'insecurities.' If I remember correctly, they wish to move to SHA256, however, they are building their next platform with hot-swappable checksum code possible (or something to that effect)

Not sure exactly what MS is doing, but NIST (National Institute of Standards and Technology) is moving away from MD5 and even SHA-1 (even though SHA-1 has not yet been compromised).

"At the recent Crypto2004 conference, researchers announced that they had discovered a way to "break" a number of hash algorithms, including MD4, MD5, HAVAL-128, RIPEMD and the long superseded Federal Standard SHA-0 algorithm. The current Federal Information Processing Standard SHA-1 algorithm, which has been in effect since it replaced SHA-0 in 1994, was also analyzed, and a weakened variant was broken, but the full SHA-1 function was not broken and no collisions were found in SHA-1. The results presented so far on SHA-1 do not call its security into question. However, due to advances in technology, NIST plans to phase out of SHA-1 in favor of the larger and stronger hash functions (SHA-224, SHA-256, SHA-384 and SHA-512) by 2010."

http://csrc.nist.gov/news-highlights/NIST-...SHA1-attack.pdf

http://csrc.nist.gov/hash_standards_comments.pdf

Between them Eli Biham, FariChen, Antoine Joux, XiaoyungWang, XuejiaLai, Dengguo Feng, and Hongbo Yu presented successful full collision attacks on MD4, MD5, HAVAL-128, HAVAL-160, RIPEND and SHA-0 at Crypto 2004.

Of these only MD5 is widely used in the US today

All these algorithms are broken now and should not be used to generate signatures.

Take this seriously:

Dont use MD5 or any of the broken hashes for signatures

SHA-1 not broken

Not much reason to expect it will be any time soon

NIST plans to phase out all 80-bit crypto by 2010

Moores Law & brute force threatens all 80-bit crypto after 2010

SHA-1 for signatures, 1024 RSA/DSA, 160-bit EC-DSA, Skipjack

HMAC SHA-1 is OK after 2010 because it depends on the one way property of SHA-1, not its collision resistance

FIPS 180-2 already in place with SHA-224, SHA-256, SHA-384 and SHA-512

http://csrc.nist.gov/pki/twg/y2004/Present...s/twg-04-14.pdf

There are five (5) FIPS-approved* algorithms for generating a condensed representation of a message (message digest): SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.

http://csrc.nist.gov/CryptoToolkit/Hash.html

This will have significant bearing on the computer forensics scene and the like.

Edited by b1t5tR3@m

Share this post


Link to post
Share on other sites

To use them you need the MD5Deep command line utility which can be found here

Thanks! Really useful!

Now I'm just curious. How hard would it be to program an SHA-1 algo with AutoIT3?


I am endeavoring, ma'am, to construct a mnemonic circuit using stone knives and bearskins.SpockMy UDFs:Deleted - they were old and I'm lazy ... :)My utilities:Comment stripperPolicy lister 1.07AutoIT Speed Tester (new!)

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Thanks! Really useful!

Now I'm just curious. How hard would it be to program an SHA-1 algo with AutoIT3?

Thanks for the feedback.

About the SHA-1 coded with AutoIt I don't know how hard it would be but it should be possible now that AutoIt has binary support.

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

Thanks for the feedback.

About the SHA-1 coded with AutoIt I don't know how hard it would be but it should be possible now that AutoIt has binary support.

@SolidSnake, more great tools to add to AutoIt. I just have to rate this as a five-stars. Thanks for sharing.

Cheers.. B)

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

@SolidSnake, more great tools to add to AutoIt. I just have to rate this as a five-stars. Thanks for sharing.

Cheers.. B)

Thanks for the feedback.

Glad you like them. :o

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

Hi SolidSnake,

first of all good job for file Hash.

I have a bug when I use RunAsSet function before any file hash function (access denied, see attached file)

#Include <FileHashMD5.au3>

RunAsSet("administrator", "domain", "password")

$X=_FileHashMD5(@ScriptFullPath)
MsgBox(0,"",$X)

PS : I'm an "advanced novice" in AutoIt, maybe it's normal, or not...

Share this post


Link to post
Share on other sites

#11 ·  Posted (edited)

Updated. Tested with the new version of MD5Deep (V1.9) and stated in the headers that they are compitable with it.

Download from post above.

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

Hi SolidSnake,

first of all good job for file Hash.

I have a bug when I use RunAsSet function before any file hash function (access denied, see attached file)

#Include <FileHashMD5.au3>

RunAsSet("administrator", "domain", "password")

$X=_FileHashMD5(@ScriptFullPath)
MsgBox(0,"",$X)

PS : I'm an "advanced novice" in AutoIt, maybe it's normal, or not...

Can't Test as I am not on a network but did you try having the script restart it self as the user you want to use?

P.S. Maybe someone on a network could try to figure out the problem.

Edited by SolidSnake

HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

I may be wrong, but 'His' SHA1 code looks like it's intended for 'File' use, not individual string use.


Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites

Without trying to to hijack this great thread, there's a MD5 hash for strings that MSLx Fanboy wrote... http://www.autoitscript.com/forum/index.ph...topic=18509&hl=

It's not SHA1 but may help you.


Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites

i have found SHA1 php class, i need convert that to AUTOIT, and it should work then.

i dont need MD5 or another i just need SHA1, as i am coding a autoit bittorrent client.

I was trying to offer alternatives... Sounds like you'll be writing your own then. Look forward to seeing the outcome.


Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer.

Share this post


Link to post
Share on other sites

If you can find a VBScript (or javascript) for SHA1, use the link above in smoke_n's post, and just modify the function for your code. If you need help, PM me with the VBScript source, and I'll see what I can do to help


Writing AutoIt scripts since
_DateAdd("d", -2, _NowCalcDate())

Share this post


Link to post
Share on other sites

Sorry about the late reply. :"> but if IIRC the utilities i think there is a way to pass a string to SHA1Deep (or any other *Deep) through stdIn. I will try to look into it and maybe write _StringSHA1,etc.


HKTunes:Softpedia | GoogleCodeLyricToy:Softpedia | GoogleCodeRCTunes:Softpedia | GoogleCodeMichtaToolsProgrammer n. - An ingenious device that turns caffeine into code.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0