Nat McHugh: How I created two images with the same MD5 hash
I posted the following images the other day which although looking totally different have exactly the same MD5 hash ( e06723d4961a0a3f950e...| natmchugh.blogspot.com
Magento is a popular ecommerce solution written in PHP. It is widely used for web shops both large and small. The most current product is Magento 2 however, Magento 1.x is still supported and widely used since the upgrade path for a heavily customised sites is largely unclear.| Nat McHugh
You can insert MD5 collision blocks in many data formats and if you do it right the result will be 2 objects that differ but which when passed through MD5 have the same hash value.| Nat McHugh
In June I gave talks at both BSides London and the Dutch PHP Conference on the subject of hash functions. I really enjoyed both experences and they both helped me improve my public talking.| Nat McHugh
About a month ago I read this excellent piece of work https://blog.benjojo.co.uk/post/auditing-github-users-keys . My first reaction was kick myself for not thinking of it before. It reminded me of this paper https://factorable.net/paper.html and associated the presentation which is pretty special. One of the major tools used in that paper was use of a batch version of the Greatest Common Divisor algorithm that can efficiently find common factors in large numbers of semi primes. Common ...| Nat McHugh
Here is a little challenge I have had some fun with recently.| Nat McHugh
One question I was asked when I demo'd creating two PHP files with the same hash is; does it work on compiled binaries?| Nat McHugh
This thing got long and can basically be summarised as:| Nat McHugh
A while ago a lot of people visited my site (~ 90,000 ) with a post about how easy it is to make two images with same MD5 by using a chosen prefix collision. I used Marc Steven's HashClash on AWS and estimated the the cost of around $0.65 per collision.| Nat McHugh
Lately in an effort to code up and properly understand the Wang attack on the MD4 family of hash functions I've been reading a lot of papers on the subject. Many of the papers have very similar names and the same authors. I found myself having to create a quick reference about each paper and it's contents. | Nat McHugh
Previously I explained how I created two images one of James Brown the other of Barry White with the same MD5 hash. At the end of the post I said I was going to try and create a three way collision where three images have the same MD5 hash. Neil K made a suggestion about the image| Nat McHugh
I nearly chocked on my cornflakes while looking at blog stats yesterday morning to see several thousand page views in the morning. Looking at the referring URLs it seemed a link had been posted on Hacker News. I browse that site most days. It was on the front page at number five, anything on the front page is BIG. Later on it got posted to a couple of reddit.com subreddits. I was getting a lot of traffic, all quite unexpected.| Nat McHugh
These images of James Brown and Barry White have the same MD5 hash e06723d4961a0a3f950e7786f3766338.| Nat McHugh
I recently posted a link on twitter to two PHP scripts which have different behaviours but the same MD5 hash. To verify this download the fi...| natmchugh.blogspot.com
I posted the following images the other day which although looking totally different have exactly the same MD5 hash ( e06723d4961a0a3f950e...| natmchugh.blogspot.com
