CrossCTF – Paricle Collision Challenge – 5 points

Problem

Our large hadron collider feeds off files that produces the same SHA1 hashsum value. Could you help us power up our collider? We will give you a flag in return! Our collider can be found at http://128.199.98.78:8081/

Screenshot

sha1collision

Solution

Recently, a team from Google published a paper on how SHA1 is no longer secure, and collisions can be easily generated.

First, we tried using the example PDF files from here. But we got this message.

sha1collisionseen

I guess it’s not as simple as just downloading files from a website, or another team has submitted these files. After doing some research on Google, we found this tool.

By choosing 2 random images we found, we easily generated our PDF files with the same SHA1 hashsum value.

sha1flag.png

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s