|
Penetration Testing
mailing list archives
Re: Insecure Hash Algorithms (MD5) and NTLMv2
From: Thierry Zoller <Thierry () sniff-em com>
Date: Tue, 1 Nov 2005 12:46:53 +0100
Dear Daniel,
DM> Just because MD5 has become "relatively" weak in recent months
DM> doesn't mean that it's trivial to create/find collisions using it.
http://www.doxpara.com/t1.html
http://www.doxpara.com/t2.html
Same md5
http://www.cits.rub.de/imperia/md/content/magnus/letter_of_rec.ps
http://www.cits.rub.de/imperia/md/content/magnus/order.ps
Same md5
http://www.win.tue.nl/~bdeweger/CollidingCertificates/MD5Collision.certificate1.cer
http://www.win.tue.nl/~bdeweger/CollidingCertificates/MD5Collision.certificate2.cer
Same md5
http://www.doxpara.com/confoo.pl
http://www.cits.rub.de/MD5Collisions/
--
http://thierry.sniff-em.com
Thierry Zoller
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Re: Insecure Hash Algorithms (MD5) and NTLMv2 Thierry Zoller (Nov 01)
|
Intro
