File validation and hash collisions?

cyclone3d

[H]F Junkie
Joined
Aug 16, 2004
Messages
15,154
This topic has come to mind every once in a while and it always makes me ponder what the huge deal is with worrying about hashing algorithms such as md5 for executables.

Even if you were able to reliably change the content of a file to return the same hash as the original file, other than making the program crash, how extremely hard / impossible would it be to make a modified executable return the same exact hash and also still run? Then think about how impossible it would be to do that AND be able to have malicious code run from that same executable.

Anybody have a single example of a hash collisioned executable being able to even run?
 

Nobu

[H]F Junkie
Joined
Jun 7, 2007
Messages
8,539
This topic has come to mind every once in a while and it always makes me ponder what the huge deal is with worrying about hashing algorithms such as md5 for executables.

Even if you were able to reliably change the content of a file to return the same hash as the original file, other than making the program crash, how extremely hard / impossible would it be to make a modified executable return the same exact hash and also still run? Then think about how impossible it would be to do that AND be able to have malicious code run from that same executable.

Anybody have a single example of a hash collisioned executable being able to even run?
I don't have an example, but I know it has been done. It's especially "easy" with low resolution hashes, because a rounding error is all you need to have the same hash. Theoretically you could change a large chunk of code and do an asm jump to it from the beginning of the program if conditions are right, and still maintain the same hash.
 

Nobu

[H]F Junkie
Joined
Jun 7, 2007
Messages
8,539
I don't have an example, but I know it has been done. It's especially "easy" with low resolution hashes, because a rounding error is all you need to have the same hash. Theoretically you could change a large chunk of code and do an asm jump to it from the beginning of the program if conditions are right, and still maintain the same hash.
You could also hijack an existing jump and send it to some other place that has malicious code, thinking about it. Would be easier and even less detectable.
 

Absalom

[H]ard|Gawd
Joined
Oct 3, 2007
Messages
1,025
If you were to go to the trouble of writing a compiler specifically to target a specific hash, it could be done rather trivially. MD5 is just a mathematical equation.

However, it would be far easier to pad the executable with junk at the expense of increases file size. You'd just need to write the tool to target a specific hash.

Hashing algorithms such as MD5 are not meant to solve security issues. But you can leverage them for their mathematical improbability of detecting bit flips and truncated files. These are general solutions to these simple problems.

Exploitations such as executable manipulations require more complex solutions such as digital signatures and code signing. Those are much more difficult to beat.
 
Top