forked from laie/WorldsFirstSha2Vulnerability
-
Notifications
You must be signed in to change notification settings - Fork 0
/
proof.py
18 lines (16 loc) · 1.07 KB
/
proof.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
#!/usr/bin/python
__author__ = 'Lloyd Jee-heon Oh'
__license__ = 'MIT'
############################################################################
## PROOF of free-start collision attack + circular hash attack for sha256
############################################################################
## input hash ad3381f1 8f9dae20 5419ec4e c0a9c019 839a030f e8bfad5a d308ae65 3a456ff1
## input message block 5b4adf0bb6373803dae2f3a9a951f172ea5ca7b59ce5d74ace7a52a5b222cc78b69c9ed260685995c5bb23de1ffe6463a2c707daf76ac1c171858d71c94b58ad
## prints ['0xad3381f1L', '0x8f9dae20L', '0x5419ec4eL', '0xc0a9c019L', '0x839a030fL', '0xe8bfad5aL', '0xd308ae65L', '0x3a456ff1L']
############################################################################
import sha256
q=sha256.sha256()
q._h = (0xad3381f1, 0x8f9dae20, 0x5419ec4e, 0xc0a9c019, 0x839a030f, 0xe8bfad5a, 0xd308ae65, 0x3a456ff1)
m='5b4adf0bb6373803dae2f3a9a951f172ea5ca7b59ce5d74ace7a52a5b222cc78b69c9ed260685995c5bb23de1ffe6463a2c707daf76ac1c171858d71c94b58ad'.decode('hex')
q.update(m)
print(map(hex,q._h))