[Tutor] application whitelisting

Hugo Arts hugo.yoshi at gmail.com
Fri Sep 21 14:30:49 CEST 2012


On Fri, Sep 21, 2012 at 2:19 PM, Peter Otten <__peter__ at web.de> wrote:
>
> Here's a back-of-the-envelope calculation:
>
> '4151e067c17a753fc5c4ec1c507d28c9' is a hexadecimal number with 32 digits,
> otherwise known as
>
> 340282366920938463463374607431768211456L
>
> If you are trying to hit that number using random additions to your file
> you
> can expect success after (that number)/2 attempts. Assuming you try 10
> million additions per second that will take about
>
> >>> (16**32//2)/(10**7 * 60 * 60 * 24 * 365)
> 539514153540300709448526L
>
> years.
>
> But you are lucky, md5 has been cracked. I don't know if there is a
> practical way to create a document with the same hash for any given hash
> though, so as a starting point I refer you to


As a short answer, there is no practical way to do this (there is a
theoretical one, but it's still computationally infeasible). There is a way
to generate two files (e.g. an innocent one and an evil one) with identical
md5 hashes just by appending a few thousand bytes to each file. If you get
the innocent file accepted into the whitelist both will work. At that point
it's easier to just get the ctypes dll on the whitelist itself though,
since it is innocent anyway.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/tutor/attachments/20120921/c7de75c2/attachment.html>


More information about the Tutor mailing list