HashPump – Exploit Hash Length Extension Attack

HashPump is a C++ based command line tool to exploit the Hash Length Extension Attack with various hash types supported, including MD4, MD5, SHA1, SHA256, and SHA512.

There’s a good write-up of how to use this in practical terms here: Plaid CTF 2014: mtpox

Usage

$ hashpump -h HashPump [-h help] [-t test] [-s signature] [-d data] [-a additional] [-k keylength] HashPump generates strings to exploit signatures vulnerable to the Hash Length Extension Attack. -h –help Display this message. -t –test Run tests to verify each algorithm is operating properly. -s –signature The signature from known message. -d –data The data from the known message. -a –additional The information you would like to add to the known message. -k –keylength The length in bytes of the key being used to sign the original message with. Version 1.2.0 with CRC32, MD5, SHA1, SHA256 and SHA512 support. <Developed by bwall(@botnet_hunter)>

$ hashpump –h

HashPump [–h help] [–t test] [–s signature] [–d data] [–a additional] [–k keylength]

HashPump generates strings to exploit signatures vulnerable to the Hash Length Extension Attack.

–h —help Display this message.

–t —test Run tests to verify each algorithm is operating properly.

–s —signature The signature from known message.

–d —data The data from the known message.

–a —additional The information you would like to add to the known message.

–k —keylength The length in bytes of the key being used to sign the original message with.

Version 1.2.0 with CRC32, MD5, SHA1, SHA256 and SHA512 support.

You can download HashPump here:

$ git clone https://github.com/bwall/HashPump.git $ apt-get install g++ libssl-dev $ cd HashPump $ make $ make install

$ git clone https://github.com/bwall/HashPump.git

$ apt–get install g++ libssl–dev

$ cd HashPump

$ make

$ make install

Or read more here.

Dennis Nadeau Complaint Blog

HashPump – Exploit Hash Length Extension Attack

Usage

Leave a Reply Cancel reply